About packagemanagement: using extended attributes. + different idea

Jan Dvořák mordae at mordae.net
Tue May 2 03:35:45 PDT 2006


Hello,

	I appologize for such a late response, I went on hollies. ;]

Stef Bon wrote:
> I do not known this method. I guess there is a hint or something about this
> I can read.
http://asic-linux.com.mx/~izto/checkinstall/installwatch.html

> But why not with wrappers? Installing software is a very important from the
> point of view of a system administrator. Why not modify the tools that
> really install/cp/mv/touch on your system when it comes to installing
> software. From a technical point of view this should not be a problem. 
	I've tried to write compatible `install` wrapper and it took me about
day to work correctly. I can't image rewriting (wrapping) all coreutils.
And additionally, what about `install-catalog` and `install-info`, they
should also be wrapped? There are much more...
	Trust me, it's much simpler to keep eye on apps not link glibc
statically (see link above).

> That's a good choice. I totally agree with you about the status of the DB:
> just a sort of cache. 
> But what do you mean with "installing under a package
> user"? First install everything under a different account then root, and
> after that change to root again?
	I do think it's much more secure to install under package user.
Changing ownership of e.g. glibc takes only a few seconds. If you want
to modify installed package, just create package user and chown back. I
like this because I don't want unnecessary users in my /etc/passwd and
it also offers additional security when using NFS. Package users are
created just for the time of build.

- Mordae



More information about the lfs-support mailing list