Hello, 2009/4/28 Stefanos Harhalakis <[email protected]>: > Dear mentors, > > I am looking for a sponsor for my package "fsprotect". In this message there > is also a summary of everything that was discussed in this list. > > * Package name : fsprotect > Version : 1.0.2 > Upstream Author : Stefanos Harhalakis <[email protected]> (me) > * URL : http://www.v13.gr/proj/fsprotect/ > * License : GPL > Section : admin > > It builds these binary packages: > fsprotect - Helper scripts to make filesystems immutable > > The package appears to be lintian clean (with an override, but see bellow). > > Description: > ------------ > fsprotect is a set of scripts that make immutable the root and other > filesystems. Using aufs they pack a tmpfs filesystem and the filesystem > forcing changes to be written to the tmpfs. > > The root filesystem is protected by an initramfs script. Other filesystems > are protected by an init script. All protected filesystems become read-only > ensuring their immutability even on power-offs. > > This can be used for public computers to prevent damage or changes. > > It is ideal for: > * Public computers. It keeps all files intact, no matter what the user does. > * Testing. i.e. KDE3 -> KDE4 or etch -> lenny upgrades > * Security (also requires adequate paranoia) > > Fsprotect can be seen as an opensource alternative to deepfreeze for linux. > > Example usage: > -------------- > * apt-get install aufs-modules-2.6-amd64 fsprotect > * read /usr/share/doc/fsprotect/README.Debian and/or > /usr/share/doc/fsprotect/fsprotect.pdf.gz > * add line "fsprotect=1000M" to /boot/grub/menu.lst as a kernel parameter > * run "update-grub" > * possible modify /etc/default/fsprotect to include a line like: > PROTECT="/var=1000M /home=2000M" > * reboot > > At this point you can do rm -rf /bin/* -or- upgrade to KDE4 -or- do > "apt-get dist-upgrade -t unstable" -or- perform whatever destructive action > you never dared to (except messing with the partitions and doing raw writes on > block devices). To check that the filesystems are actually protected, just run > 'is_aufs / && echo "OK"' > > After rebooting, the system will be in the same condition as when it was > before the fsprotect installation. > > Debian native: > -------------- > fsprotect is 100% tied to a distribution. It cannot be an independent program > that is packaged for debian or other distributions. The core functionality is > provided by one init script and one initramfs script/hook and those are > depending very much to the distribution. I.e the init script must run > immediately after the filesystems are mounted and before anything else is > ran. > > fsprotect cannot be practically spliced to .orig and .diff. There is no clear > distinction between what will go in debian/ and what will be left out. > Attempting to make it a non-native package will result in a package that does > one or more of the following: > > a) includes debian specific scripts outside of debian/ > b) contains debian specific scripts in .orig.tar.gz > c) uploads a new .orig.tar.gz when other debian packages change > > The source code is small and the most part of it is inside debian/. > The output of the du is: > > $ du -sk fsprotect/* > 264 fsprotect/debian > 156 fsprotect/doc > 56 fsprotect/initramfs-tools > 20 fsprotect/lib > 20 fsprotect/sbin > > while doc/ contains debian-specific documentation in pdf form. > > NMUs may use versions like "1.0.2+nmu1" > > Lintian overrides: > ------------------ > fsprotect overrides the "virtual-package-depends-without-real-package-depends" > lintian warning. This is done because it depends on aufs modules which are > provided as debian packages and it isn't a good idea (or even possible) to > depend on packages like this one: aufs-modules-2.6.29-v2-v (which for example, > is the module compiled for the custom kernel of my system). I've made > fsprotect depend on aufs-modules which is provided my aufs-modules-* packages. > > In general, it isn't possible to depend on a specific modules version. > > Changes: > -------- > fsprotect used to create the directory /fsprotect upon installation. This is > no longer happening. The directory is created in the volatile space whenever > fsprotect is active. This means that such a directory will never be written in > the disk and will never be visible when fsprotect isn't active. > > > The package can be found on mentors.debian.net: > - URL: http://mentors.debian.net/debian/pool/main/f/fsprotect > - Source repository: deb-src http://mentors.debian.net/debian unstable main > contrib non-free > - dget > http://mentors.debian.net/debian/pool/main/f/fsprotect/fsprotect_1.0.2.dsc > > > I would be glad if someone uploaded this package for me. > sounds OK for me, anyone can have a double check?
thanks. -- Best Regards LI Daobing -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
