Diego 'Flameeyes' Pettenò wrote: > > I'd like to propose the rename of caps USE flag to libcap. The reason > for this is that I'd like to free the "caps" USE flag from the (runtime) > dependency of libcap, so that, one we have the framework to do so, we > could use the "caps' USE flag to set file capabilities directly (rather > than setuid for instance). As an example: the pwsafe app suggest you have to run it suid (since it tries to lock some memory to avoid swapping), but doing 'setcap cap_ipc_lock=ep /usr/bin/pwsafe' is enough.
> The step right afterward would be, for me, to find a way to mirror the > capabilities from within Portage. I admit I have no clue how to achieve > that for now. But at least the rename is a simple task, and I suppose > the capabilities handling _could_ be a SoC project... Well, I'm not sure whether libcap is a good choice: What about (not-yet-existing) apps which provide capability-support through another package (like a foobar language libcap-wrapper)? Should they also use libcap then? -- [email protected] mailing list
