Sender: |
|
Date: |
Wed, 21 Mar 2007 12:38:36 -0500 |
MIME-version: |
1.0 |
Reply-To: |
|
Content-type: |
text/plain; format=flowed; charset=ISO-8859-1 |
Subject: |
|
From: |
|
In-Reply-To: |
|
Content-transfer-encoding: |
7BIT |
Comments: |
|
Parts/Attachments: |
|
|
Stephan Wiesand wrote:
> Hi again,
>
> On Wed, 21 Mar 2007, Stephan Wiesand wrote:
>
>> modulo the quoting required to prevent the `fs wscell` from being
>> evaluated on the build machine (I think it doesn't really matter
>> whether it's evaluated
>
> that, of course, was nonsense. It's not evaluated during build, and it
> *is* important that it's evaluated in the init script and not during %post.
>
>
> There's a first cut in http://www-zeuthen.desy.de/~wiesand/SL/
>
> The interesting part of the spec is:
>
>
> %post
>
> fs setcell `fs wscell |cut -d \' -f2` -nosuid >/dev/null 2>&1
> :
>
> %triggerin -- openafs
>
> grep -q nosuid /etc/init.d/afs && exit 0
> sed -i "/AFS_POST_INIT/ifs setcell \`fs wscell |cut -d \\\' -f2\`
> -nosuid" /etc/init.d/afs
> :
>
> %postun
>
> sed -i '/nosuid/d' /etc/init.d/afs
> :
>
>
> Tested:
> - %post does its job, failing quietly if no client running
> - trigger does its job, whether or not a client is running
> - %postun returns the file to its previous state
>
>
> Anything I missed?
>
> Stephan
>
I think it looks good.
I can't find a test that verifies that the nosuid is set on the cell. I
want to verify that it worked, but I'm having a hard time.
Troy
--
__________________________________________________
Troy Dawson [log in to unmask] (630)840-6468
Fermilab ComputingDivision/LCSI/CSI DSS Group
__________________________________________________
|
|
|