Marius Mauch wrote:
> Mike Frysinger <[EMAIL PROTECTED]> wrote:
>> mayhaps we need a new function to be run in src_install() to label
>> files as "sensitive" ... so baselayout would do:
>> esosensitive /etc/{fstab,group,passwd,shadow}
>> and then we expand the format of CONTENTS in the vdb:
>> priv /etc/fstab <hash> <mtime>
>
> And what would be phase 2 of that? Just having a new filetype
> in CONTENTS doesn't accomplish anything by itself ...
>
I imagine the tools need updating to deal with that (especially quickpkg
etc.) Of course this needs to be tested thoroughly from a security pov, and
admins may well decide they don't like the idea (after all a professional
is going to have their own backup procedures in place already.) If you're
adding a priv field, tho, you might as well make it a generic attributes
field imo. Not sure what uses you can come up with, but rcs integration
springs to mind.
On a wider note, how difficult are these sorts of changes to implement? Only
we were discussing a satisfiedBy addition to refine system updates on
#-portage (something to do with slots, unversioned deps and --depclean, but
I couldn't really follow it all) and that would require change in vdb as
well, which I was told needed an EAPI bump. So, if y'all are discussing vdb
changes for EAPI=1 (which aiui is needed yesterday ;) I for one would love
to know what other changes devs would like to see.
--
[EMAIL PROTECTED] mailing list
