Hello, On Tue, Apr 28, 2009 at 20:18, LI Daobing <[email protected]> wrote: > Hello, > > 2009/4/28 Stefanos Harhalakis <[email protected]>: >> Dear mentors, >> >> I am looking for a sponsor for my package "fsprotect". In this message there >> is also a summary of everything that was discussed in this list. >> >> * Package name : fsprotect >> Version : 1.0.2 >> Upstream Author : Stefanos Harhalakis <[email protected]> (me) >> * URL : http://www.v13.gr/proj/fsprotect/ >> * License : GPL >> Section : admin >> >> It builds these binary packages: >> fsprotect - Helper scripts to make filesystems immutable >> >> The package appears to be lintian clean (with an override, but see bellow). >> >> Description: >> ------------ >> fsprotect is a set of scripts that make immutable the root and other >> filesystems. Using aufs they pack a tmpfs filesystem and the filesystem >> forcing changes to be written to the tmpfs. >> >> The root filesystem is protected by an initramfs script. Other filesystems >> are protected by an init script. All protected filesystems become read-only >> ensuring their immutability even on power-offs. >> >> This can be used for public computers to prevent damage or changes. >> >> It is ideal for: >> * Public computers. It keeps all files intact, no matter what the user does. >> * Testing. i.e. KDE3 -> KDE4 or etch -> lenny upgrades >> * Security (also requires adequate paranoia) >> >> Fsprotect can be seen as an opensource alternative to deepfreeze for linux. >> >> Example usage: >> -------------- >> * apt-get install aufs-modules-2.6-amd64 fsprotect >> * read /usr/share/doc/fsprotect/README.Debian and/or >> /usr/share/doc/fsprotect/fsprotect.pdf.gz >> * add line "fsprotect=1000M" to /boot/grub/menu.lst as a kernel parameter >> * run "update-grub" >> * possible modify /etc/default/fsprotect to include a line like: >> PROTECT="/var=1000M /home=2000M" >> * reboot >> >> At this point you can do rm -rf /bin/* -or- upgrade to KDE4 -or- do >> "apt-get dist-upgrade -t unstable" -or- perform whatever destructive action >> you never dared to (except messing with the partitions and doing raw writes >> on >> block devices). To check that the filesystems are actually protected, just >> run >> 'is_aufs / && echo "OK"' >> >> After rebooting, the system will be in the same condition as when it was >> before the fsprotect installation. >> >> Debian native: >> -------------- >> fsprotect is 100% tied to a distribution. It cannot be an independent program >> that is packaged for debian or other distributions. The core functionality is >> provided by one init script and one initramfs script/hook and those are >> depending very much to the distribution. I.e the init script must run >> immediately after the filesystems are mounted and before anything else is >> ran. >> >> fsprotect cannot be practically spliced to .orig and .diff. There is no clear >> distinction between what will go in debian/ and what will be left out. >> Attempting to make it a non-native package will result in a package that does >> one or more of the following: >> >> a) includes debian specific scripts outside of debian/ >> b) contains debian specific scripts in .orig.tar.gz >> c) uploads a new .orig.tar.gz when other debian packages change >> >> The source code is small and the most part of it is inside debian/. >> The output of the du is: >> >> $ du -sk fsprotect/* >> 264 fsprotect/debian >> 156 fsprotect/doc >> 56 fsprotect/initramfs-tools >> 20 fsprotect/lib >> 20 fsprotect/sbin >> >> while doc/ contains debian-specific documentation in pdf form. >> >> NMUs may use versions like "1.0.2+nmu1" >> >> Lintian overrides: >> ------------------ >> fsprotect overrides the >> "virtual-package-depends-without-real-package-depends" >> lintian warning. This is done because it depends on aufs modules which are >> provided as debian packages and it isn't a good idea (or even possible) to >> depend on packages like this one: aufs-modules-2.6.29-v2-v (which for >> example, >> is the module compiled for the custom kernel of my system). I've made >> fsprotect depend on aufs-modules which is provided my aufs-modules-* >> packages. >> >> In general, it isn't possible to depend on a specific modules version. >> >> Changes: >> -------- >> fsprotect used to create the directory /fsprotect upon installation. This is >> no longer happening. The directory is created in the volatile space whenever >> fsprotect is active. This means that such a directory will never be written >> in >> the disk and will never be visible when fsprotect isn't active. >> >> >> The package can be found on mentors.debian.net: >> - URL: http://mentors.debian.net/debian/pool/main/f/fsprotect >> - Source repository: deb-src http://mentors.debian.net/debian unstable main >> contrib non-free >> - dget >> http://mentors.debian.net/debian/pool/main/f/fsprotect/fsprotect_1.0.2.dsc >> >> >> I would be glad if someone uploaded this package for me. >> > sounds OK for me, anyone can have a double check? > uploaded
-- Best Regards LI Daobing -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
