On Tue, Dec 04, 2018 at 03:26:05PM -0600, Jamie Strandboge wrote: > On Tue, 04 Dec 2018, Julian Andres Klode wrote: > > > Hi folks, > > > > I'm planning to have apt set PATH to a sane value for running > > dpkg, so that maintainer scripts are executed in a sanitized > > environment. That value will be: > > > > PATH=/usr/sbin:/usr/bin:/sbin:/bin > > > > The effect: > > > > (1) There is no /usr/local, which prevents breakage from custom perl > > or python installation > > > > (2) /snap/bin is not included either. This means that packages migrating > > to snaps will have to provide compatibility links (scripts?) in /usr > > - IIRC, lxd already does so, I'm not sure about other libraries. > > > I'm generally in favor of the change, but AFAICS, lxd does *not* do anything > with compatibility symlinks (it uses snap aliases instead, which live in > /snap/bin). lxd may have done this in the past (I vaguely remember something > about that), but snaps shouldn't be doing this and in fact, strict mode snaps > typically cannot (only lxd and a couple of other super-privileged snaps happen > to be able to, but that is considered bad form). As for deb-to-snap > migrations, > that still isn't well defined (again, lxd has the ability to do whatever it > wants where most snaps cannot).
I mean the .deb packages depending on snapd and installing the snap in the pre(?)inst, like the lxd one in the archive: jak@jak-t480s:/tmp$ apt download lxd Get:1 file:/etc/apt/mirrors.list Mirrorlist [226 B] Get:2 http://de1.archive.ubuntu.com/ubuntu disco/main amd64 lxd all 1:0.4 [11,1 kB] Fetched 11,1 kB in 0s (81,5 kB/s) jak@jak-t480s:/tmp$ dpkg -c lxd_1%3a0.4_all.deb | grep usr/bin drwxr-xr-x root/root 0 2018-10-10 18:28 ./usr/bin/ -rwxr-xr-x root/root 34 2018-09-12 22:09 ./usr/bin/lxc -rwxr-xr-x root/root 34 2018-09-12 22:09 ./usr/bin/lxd -- debian developer - deb.li/jak | jak-linux.org - free software dev ubuntu core developer i speak de, en
signature.asc
Description: PGP signature
-- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
