On Tue, 02 Aug 2011 10:51:22 -0400 "Anthony G. Basile" <[email protected]> wrote:
> On 08/02/2011 10:31 AM, Ciaran McCreesh wrote: > > On Tue, 02 Aug 2011 10:28:58 -0400 > > "Anthony G. Basile" <[email protected]> wrote: > >> I prefer capsetting in the PMS itself, with a nice clean function > >> which auto detects all the necessary conditions and transparently > >> preserves caps, as you suggest. Maybe this can be in EAPI=5. > > Would need a spec, along with a way of dealing with all the > > problems: what happens if the build fs supports caps but the > > install fs doesn't? What about if caps are supported on both but in > > different ways (tmpfs on some kernels)? Is it up to the PM to deal > > with that? How does the PM even know? > > > > That's exactly what I was thinking of for the PM. It would have to > autodetect all that. Eg. it could create a test file on each fs and > then do a getcap on it and if it fails, you have your answer. If > necessary and it exists, it could look at /proc/config. I think it's > doable. Just let the capsetting function store all details internally when called. I don't think it's really important whether build fs capsetting succeeds. So, it's like: 1) capset on buildfs, store details internally; 2) move to livefs; 3) [optionally] getcap on livefs, done if set; 4) capset on livefs; 5) getcap on livefs, done if set; 6) fallback to set?id (using info from stored capsetting function call) if necessary. -- Best regards, Michał Górny
signature.asc
Description: PGP signature
