Joerg Schilling schrieb am 26.04.2013 19:07: > Daniel Pielmeier <bil...@gentoo.org> wrote: > >>> without making them suid-root. >>> >>> This works with cdrtools-3.01a14 or later. Check >>> >>> ftp://ftp.berlios.de/pub/cdrecord/alpha/ > >> Thanks Jörg, >> >> I have read the release notes for alpha14 and prepared an ebuild >> which automatically applies the required capabilities if the filecaps >> USE flag is set. >> >> Is there any chance to make this a configurable option, so it is >> possible to disable file capabilities even if libcap is installed? > > If you install cdrecord/cdda2wav/readcd suid-root instead of applying the > facps privileges, cdrtools will automatically behave as before. Is this > sufficient? > > Note that if cdrtools was compiled on a machine with libcap installed, it > needs > libcap to run. > > Jörg >
Actually it is the linkage against libcap what I am concerned of. Imagine the following scenario. Libcap is not present on the system. Then package X which requires libcap is installed and the package manager who knows this installs libcap as a dependency. Then package Y is installed which unconditionally links against libcap. The package manager is unaware of this and does not know about the dependency. Now package X is uninstalled and the package manager removes libcap because he thinks nothing on the system needs it anymore. Now package Y will stop working because libcap is not there anymore. If it is possible to conditionally link against libcap such issues could be avoided. Libcap will not be uninstalled if the dependency is known. Additionally it is possible to have libcap installed and not link cdrtools against it. -- Regards Daniel
signature.asc
Description: OpenPGP digital signature
