|
From: | Eric Duveau |
Subject: | Re: [Synaptic-devel] synaptic locking out password |
Date: | Thu, 26 Mar 2009 12:56:34 +0100 |
2009/3/25 Eric Duveau <address@hidden>:
> I thought it was easier to lock removal ou reinstallation of a package.No, those packages wouldn't depend on metapackage. That metapackage
>
> I do not understand why the use of metapackage would protect the removal of
> some dependant packages.
would depend on them. Then you could simply block that single
metapackage and as it would be impossible to remove it, so would be
impossible to remove packages which this metapackage depends on.
Also, another option is to try to play with SELinux or Apparmor. There
you could block root access to specific files. So even when your son
would have ran Synaptic with root permissions, he wouldn't be able to
touch specific files.
Another option is to make files you don't want to have deleted to set
as read only. This is done by "sudo chmod -w file". But you will have
problems to update them. To be able to update them simply run "sudo
chmod +w file"
But instead of using -x and +w it is better to learn about permissions
and set access rights better by setting permissions by numbers to be
able to set permissions more exactly. By simple using +w you can give
write permissions to more users you probably want to.
Decision is up to you.
Ah. Then you'll most probably wont be able to do that metapackage anyway.
> My knowledge is not so deep, sorry for these simple questions.
--
>
> On Tue, Mar 24, 2009 at 7:58 PM, Vít Pelčák <address@hidden> wrote:
>>
>> As I said. Do metapackage which depends on packages you need
>> installed, install it, remove those files.
>>
>> Package can be reinstalled, but not that metapackage, because you can hide
>> it.
>>
>> 2009/3/24 Eric Duveau <address@hidden>:
>> > Hi,
>> >
>> > moving its files from /var/log/info is an interesting idea.
>> >
>> > Yet, I see a pb:
>> >
>> > With synaptic you can reinstall the package
>> >
>> >
>> > On Tue, Mar 24, 2009 at 2:35 PM, Vít Pelčák <address@hidden> wrote:
>> >>
>> >> What about making virtual package, which would depend on packages you
>> >> need to have installed and lock this.
>> >>
>> >> Maybe, it can be rendered non-uninstallable by moving its files from
>> >> /var/log/info (or where are preinst postinst .... files stored).
>> >>
>> >
>> >
>>
>>
>>
>> --
>> Vit Pelcak
>
>
Vit Pelcak
[Prev in Thread] | Current Thread | [Next in Thread] |