jlagermann
commented
1 year ago Running setcap in a post-install script will rendered the rpm unverifiable - I.E. a file on the filesystem is different to its representation in the package manifest.
Open Snaipe opened 4 years ago
jlagermann
commented
1 year ago Running setcap in a post-install script will rendered the rpm unverifiable - I.E. a file on the filesystem is different to its representation in the package manifest.
Packaging a directory where binaries have capabilities set seem to strip these capabilities (tested so far with RPM).
The workaround is to call setcap in a post-install script, but this adds an unwelcome dependency on whatever package provides setcap.