tech-pkg: running (DE)INSTALL scripts vs. noexec mounted /var

Subject: running (DE)INSTALL scripts vs. noexec mounted /var
To: None <tech-pkg@netbsd.org>
From: Hubert Feyrer <hubert.feyrer@informatik.fh-regensburg.de>
List: tech-pkg
Date: 11/09/2001 17:11:27

In pkg_*, we have several places that run REQUIRE, (DE)INSTALL
etc. scripts like this (pseudo code):

	if (script exists) {
		chmod +x script
		./script someargs
	}

The problem is that the scripts in question are usually in /var/db/pkg,
and if someone has /var mounted noexec, that's a problem. A possible
solution is:

	if (script exists) {
		sh script someargs
	}

The implications are that

 * /var can be mounted noexec
 * The scripts MUST be /bin/sh scripts, no executables, perl scripts etc.
   allowed.

Is the latter a problem for anyone?


 - Hubert

-- 
Want to get a clue on IPv6 but don't know where to start? Try this:
* Basics -> http://www.onlamp.com/pub/a/onlamp/2001/05/24/ipv6_tutorial.html
* Setup  -> http://www.onlamp.com/pub/a/onlamp/2001/06/01/ipv6_tutorial.html 
Of course with your #1 IPv6 ready operating system -> http://www.NetBSD.org/