Hi, https://launchpad.net/bugs/1302192 reports ping not being setuid root after installation from squashfs-based media. I've reproduced this with the Ubuntu server installer, which uses live-installer to install the base system (much faster than running debootstrap). I haven't explicitly tested Debian live media, but I suspect they'll suffer from the same problem.
The question is what to do about it. live-installer uses busybox tar to shovel files around, and busybox tar doesn't support xattr. We could do something with getcap/setcap - indeed getcap supports recursive search and setcap can read capabilities in bulk from standard input, so this shouldn't need to be too slow - but we don't have those tools in d-i right now. Would it make sense to modify attr to build udebs, then change live-installer to do a getcap/setcap run after transferring files with tar? I think this is probably going to be simpler than adding xattr support to busybox tar (in GNU tar that depends on a specific archive format, so I'm guessing it's not exactly trivial). Even if we did go for the latter approach instead, we'd probably still need at least a libattr1-udeb. Thoughts? Thanks, -- Colin Watson [[email protected]] -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
