[Rpm-maint] Plugin ponderings
Panu Matilainen
pmatilai at laiskiainen.org
Mon Dec 3 13:26:13 UTC 2012
On 11/30/2012 08:11 PM, Reshetova, Elena wrote:
> Hi,
>
> I made a new small patch to clean up the existing pre/post hooks as we
> discussed this week. After this is cleaned up, I can get back to fsm hooks.
> After our recent discussion I think I need to reconsider places of some hooks,
> for example post hook, or maybe make two post hooks?
Oops, forgot to comment on this file hook part...
I guess there could be uses for separate pre-post hooks file "unpack"
and "commit" hooks - eg if you want to set a restrictive label (or such)
for the temporary files and then the final label after it got moved to
final destination. Whether two hook sets are worth the trouble as long
as the files are individually "committed" right after unpacking is
another question though.
Another case to think about is file removals: one might want to strip
permissions (by eg relabeling to a restrictive type or such) from a file
before removing it to avoid leaving any possible hardlinks behind with
the former privileges. Ie what removeSBITS() in fsm does for SUID/SGID
bits (and file capabilities if enabled) - the capability part is
something that could be moved to a plugin as well I think.
- Panu -
More information about the Rpm-maint
mailing list