On Mon, 03 Jan 2005 12:49:05 -0500, Colin Walters wrote: > Can you explain why you have ldconfig writing to a home directory? Are > you doing the equivalent of "ldconfig > ~/install.log"? cp *.so.* ~/.local/lib /sbin/ldconfig -n ~/.local/lib # generate the symlinks That's pseudocode lifted from autopackage, but other scripts and programs do similar stuff. There are other ways to generate the symlinks of course, it's a simple enough operation, but it seems unintuitive that this API would not work anymore for your home directory. > My hope was that by modifying "install", we'd minimize the breakage. At > least all of the Automake-generated packages should work. > > I had a quick look at two other ISV installers; HelixPlayer and Mozilla. > It appears neither uses "install", they both do the equivalent of cp. > > The route we may need to go down is having a relabeling daemon that > monitors /usr/lib/, /usr/local/lib, etc. and fixes file contexts. Hmm, OK. I have to admit I never saw a third party installer that uses "install" so that is probably not enough. A daemon that fixes contexts as files are added feels rather racy. I'm sure I'm missing a lot of context from previous discussions on the matter here, but perhaps the kernel should set the context automatically when a new file is created in certain directories that are marked as "autofix". OK so then we have the problem that the context setting code is all done in userspace with regexs and other un-kernely things. Maybe there needs to be a framework in the kernel where a thread that does a file creation can be suspended and the kernel invokes a user-space program with the file path to figure out what the context should be. Once the process returns with the answer the file can be atomically created/set and the original thread resumes. thanks -mike
