summaryrefslogtreecommitdiff
path: root/debian
diff options
context:
space:
mode:
authorStephen Hemminger <stephen.hemminger@vyatta.com>2010-05-25 08:56:10 -0700
committerStephen Hemminger <stephen.hemminger@vyatta.com>2010-06-04 14:09:51 -0700
commit379c2618cfbc337625f809f63fd4cb22793eccf8 (patch)
tree752cb940ec834c316d8f5f71513734e0b4f485a3 /debian
parent67151d699de7c046c9bd557bbadc5fe12950228e (diff)
downloadvyatta-cfg-system-379c2618cfbc337625f809f63fd4cb22793eccf8.tar.gz
vyatta-cfg-system-379c2618cfbc337625f809f63fd4cb22793eccf8.zip
Set file capability attributes
This sets file capability attributes during package installation (and build) to allow better security models.
Diffstat (limited to 'debian')
-rw-r--r--debian/vyatta-cfg-system.postinst.in4
1 files changed, 4 insertions, 0 deletions
diff --git a/debian/vyatta-cfg-system.postinst.in b/debian/vyatta-cfg-system.postinst.in
index 4265d14b..7778ea87 100644
--- a/debian/vyatta-cfg-system.postinst.in
+++ b/debian/vyatta-cfg-system.postinst.in
@@ -133,6 +133,10 @@ EOF
done
cp $sysconfdir/vyatta-sysctl.conf /etc/sysctl.d/30-vyatta-router.conf
+
+ # Set file capabilities
+ sed -r -e '/^#/d' -e '/^[[:blank:]]*$/d' <$sysconfdir/filecaps \
+ | xargs -i sh -c "setcap {}"
fi
# create needed directories