[arch-dev-public] providing grsecurity in [community]

Allan McRae allan at archlinux.org
Wed Apr 16 05:52:27 EDT 2014

On 16/04/14 17:25, Daniel Micay wrote:
> On 16/04/14 03:15 AM, Daniel Micay wrote:
>> Pacman hooks would
>> be a nicer solution than editing all the install scripts, but we don't
>> have those :).
> It also wouldn't be nearly as bad if packages could store extended
> attributes, since the ugly install scripts could be avoided and paxctl
> would only be a make dependency. Packages like iputils already run into
> this issue due to using capabilities as a replacement for setuid.

Just submitted a patch to pacman that will allow setting capabilites in
the package() function.


More information about the arch-dev-public mailing list