On Wednesday, November 10, 2010 07:00:51 Pádraig Brady wrote: > Ideally the package archive format should > support capabilities if they're needed, > and tar et. al. should support the attributes > if they're important.
yes, but tar doesnt support it today > From a package maint point of view, > if you're changing a package to use capabilities, > then adding the dep is a minor inconvenience. that isnt the case. in the oft-quoted "ping" case, the package itself isnt changing in any way. the file permissions are simply being changed from granting it set*id to granting it the one explicit network capability it requires. > Also one could take the view that adding a separate > `setcap` call might be easier to maintain than > messing with existing `install` commands. > Also `install` might not have even been used. > Also at a stretch, one could argue that having a dep > on the binary package, might be useful to allow one to > query which packages on the system require capabilties. except that coreutils is required on a system which means `install` is required. `setcap` is not. -mike
signature.asc
Description: This is a digitally signed message part.
