[prev in list] [next in list] [prev in thread] [next in thread] 

List:       gentoo-dev
Subject:    Re: [gentoo-dev] Update to the pax-utils.eclass
From:       "Anthony G. Basile" <blueness () gentoo ! org>
Date:       2014-08-29 0:21:59
Message-ID: 53FFC7A7.2030006 () gentoo ! org
[Download RAW message or body]

On 08/28/14 19:23, Brian Dolbec wrote:
> On Thu, 28 Aug 2014 17:57:11 -0400
> "Anthony G. Basile" <blueness@gentoo.org> wrote:
>
>> scanelf is the last line of defense.  If we get there, paxctl and
>> paxctl-ng have failed, so we can't trust them really.  Changing the
>> exit code for scanelf could cause other issues, eg in portage where
>> it is used in a few places.  As we discussed today during the
>> Hardened meeting, we'll ewarn if we get here.
>>
>>
> scanelf is also used in the new python based revdep-rebuild.  So,
> changing it will cause issues there too.

Thanks good to know.  I had no intentions of even suggesting a changed 
behavior.  I'm just pointing out why I wrote the eclass the way I did.  
You'll notice the exit code is used in conjunction with `&& continue` 
everywhere except scanelf, so one might wonder why.  When I add the 
ewarn, I'll also add a comment explaining scanelfs behavior.

-- 
Anthony G. Basile, Ph.D.
Gentoo Linux Developer [Hardened]
E-Mail    : blueness@gentoo.org
GnuPG FP  : 1FED FAD9 D82C 52A5 3BAB  DC79 9384 FA6E F52D 4BBA
GnuPG ID  : F52D4BBA


[prev in list] [next in list] [prev in thread] [next in thread]