Hi,

Sven-Haegar Koch wrote:
> On Fri, 21 Mar 2014, Axel Beckert wrote:
> > Am I right that you are installing this on a machine with an
> > individual kernel which doesn't support POSIX capabilities?
> 
> Correct.

Thanks. I wonder how to handle this case. I've looked into other
packages which should have the same problem to solve and how they
solved it.

Wireshark came to my mind first. It seems to add a setuid flag using
chmod if setcap fails. I'm not sure if that's the best idea. It has
advantages and disadvantages.

Advantages:

* Program still works as before for users

Disadvantages:

* Does not work properly with dpkg-statoverride
* Uses setuid despite the user may not expect it because it doesn't
  do so on other installations.

I currently tend to ignore that error on Linux and just output a
warning that the admin should use dpkg-statoverride to enable setuid.

Another option would be to do the same, but with asking via debconf
what to do. But then again, I think debconf is overkill for such a
corner-case if debconf isn't already in use for the package.

A third option may be to check if dpkg-statoverride is used already.
But I suspect I can't check if dpkg-statoverride is used to make sure
the shipped permissions are kept in place as the .deb contains the
file without setuid flag being set.

Will have to check.

                Regards, Axel
-- 
 ,''`.  |  Axel Beckert <[email protected]>, http://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE
  `-    |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5


-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to