On 12/19/2013 04:26 PM, Mimi Zohar wrote:
On Thu, 2013-12-19 at 15:28 +0200, Panu Matilainen wrote:
On 12/18/2013 08:55 PM, Mimi Zohar wrote:
Hi Panu,
I'm interested in using the new plugin architecture for adding
'security.ima'
extended attributes. So far, I've cloned the rpm git repo, compiled and
installed it, with plugins enabled. For the time being, I've written a
test plugin. I would have thought that the test plugin would be called,
when installing an rpm, but it doesn't seem to be.
I've added prints to rpmpluginsCallFsmFilePre() and
rpmpluginsCallFsmFilePost()
that revealed plugins->count is 0. How do I register the plugin? Do I
need to add something to the spec file? Any help would be much
appreciated!
You need to configure and explicitly enable plugins for them to get
activated. It's a bit of a mess at the moment and the details will
almost certainly change before becoming part of any official release,
but at the moment you basically need two bits of macro configuration
(replace "myplugin" with the name of your plugin):
# Tell rpm where to find myplugin DSO
%__transaction_myplugin %{__plugindir}/myplugin.so
# Enable the plugin (comma-separated list)
%__transaction_plugins myplugin
Thanks! Is there any particular place in the spec file, that these
statements belong?
These are not spec things, they are rpm system configuration. Ie
something to put into /usr/lib/rpm/macros.d, /etc/rpm/* or such.
The latter part is the problematic one as there's no way to just "drop
in" a plugin and have it work, more thoughts on the subject at least
here: http://lists.rpm.org/pipermail/rpm-maint/2013-March/003513.html
Agreed. Installing LSM labels shouldn't be package dependent, but
system dependent. Somehow the plugins need to register themselves.
Yup. It needs a mechanism similar to what is used to discover file
attribute macros to allow drop-in enabling.
- Panu -
_______________________________________________
Rpm-maint mailing list
[email protected]
http://lists.rpm.org/mailman/listinfo/rpm-maint
