[arch-dev-public] [arch-general] Updating iputils over NFS
Thomas Bächler
thomas at archlinux.org
Mon Oct 1 08:22:41 EDT 2012
Am 01.10.2012 14:15, schrieb Stéphane Gaudreault:
> I am not sure what is the best way to fall back to suid root. A possible
> workaround for the case of installing on a filesystem that does not
> support capabilities could be something like :
>
> setcap cap_net_raw=ep usr/bin/ping || chmod +s usr/bin/ping
>
> But I think that we will still get into problems if it is installed on a
> filesystems that support capabilities and if this filesystem is exported
> on NFS to clients.
If you run the post_install on the host file system and export that via
NFS, yes - but we have no way to detect this scenario.
IMO, root file systems on NFS are a failure by design anyway - I worked
in such a scenario for years and it is a bad bad bad idea. While we
should fix easy problems such as this one, we should not spend too much
time on making this work.
> Any ideas ?
Your solution looks fine, but the message should be silenced with
2>/dev/null.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 897 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-dev-public/attachments/20121001/5d6b287f/attachment.asc>
More information about the arch-dev-public
mailing list