Subject: Re: running (DE)INSTALL scripts vs. noexec mounted /var
To: Hubert Feyrer <hubert.feyrer@informatik.fh-regensburg.de>
From: David Brownlee <abs@netbsd.org>
List: tech-pkg
Date: 11/09/2001 21:53:52
	I think we should really move PKGDBDIR under PREFIX - it should
	never have been under /var/db in the first place.

	Maybe a new version of the pkgtools which would automatically
	detect an old installation, copy the db across to a tmpdir under
	PREFIX, then if all OK rename to the new location, and rename away
	the old. Then we bump PKGTOOLS_REQD :)

-- 
		David/absolute		-- www.netbsd.org: No hype required --


On Fri, 9 Nov 2001, Hubert Feyrer wrote:

>
> In pkg_*, we have several places that run REQUIRE, (DE)INSTALL
> etc. scripts like this (pseudo code):
>
> 	if (script exists) {
> 		chmod +x script
> 		./script someargs
> 	}
>
> The problem is that the scripts in question are usually in /var/db/pkg,
> and if someone has /var mounted noexec, that's a problem. A possible
> solution is:
>
> 	if (script exists) {
> 		sh script someargs
> 	}
>
> The implications are that
>
>  * /var can be mounted noexec
>  * The scripts MUST be /bin/sh scripts, no executables, perl scripts etc.
>    allowed.
>
> Is the latter a problem for anyone?
>
>
>  - Hubert
>
>