Subject: Re: running (DE)INSTALL scripts vs. noexec mounted /var
To: Hubert Feyrer <hubert.feyrer@informatik.fh-regensburg.de>
From: David Brownlee <abs@netbsd.org>
List: tech-pkg
Date: 11/09/2001 21:53:52
I think we should really move PKGDBDIR under PREFIX - it should
never have been under /var/db in the first place.
Maybe a new version of the pkgtools which would automatically
detect an old installation, copy the db across to a tmpdir under
PREFIX, then if all OK rename to the new location, and rename away
the old. Then we bump PKGTOOLS_REQD :)
--
David/absolute -- www.netbsd.org: No hype required --
On Fri, 9 Nov 2001, Hubert Feyrer wrote:
>
> In pkg_*, we have several places that run REQUIRE, (DE)INSTALL
> etc. scripts like this (pseudo code):
>
> if (script exists) {
> chmod +x script
> ./script someargs
> }
>
> The problem is that the scripts in question are usually in /var/db/pkg,
> and if someone has /var mounted noexec, that's a problem. A possible
> solution is:
>
> if (script exists) {
> sh script someargs
> }
>
> The implications are that
>
> * /var can be mounted noexec
> * The scripts MUST be /bin/sh scripts, no executables, perl scripts etc.
> allowed.
>
> Is the latter a problem for anyone?
>
>
> - Hubert
>
>