On Mon, 2017-10-02 at 13:20 +0000, Felipe Sateler wrote: [...] > for preinst/postrm and thus may be problematic: > > 1. e2fsck-static (appears to be false positive) > 2. lilo (uses kernel preinst hook) > 3. blktrace (appears false positive) > > I don't know how the kernel hook works, is it problematic? [...]
Kernel hook scripts are run by the corresponding maintainer scripts of kernel packages (in all package implementations I know of). The postinst hook scripts are also run by 'make install' if the target is /. The lilo hack using chattr to prevent kernel images moving around on xfs seems like a policy violation to me, though I can't find an explicit ban on modifying files belonging to other packages (other than configuration files). It is, at least, opt-in. (But this hack isn't complete, because lilo doesn't make-immutable the kernel images that were installed before lilo, or to undo this if it is removed. So far as I can see, that would make all kernel packages un- removable!) Ben. -- Ben Hutchings Life is what happens to you while you're busy making other plans. - John Lennon
signature.asc
Description: This is a digitally signed message part