>> how about providing that patch with the workaround we suggested?
>
> I may take a look at working on a patch. I have cloned libguestfs, but
> can you point me in the right direction libguestfs package? When I open
> https://packages.ubuntu.com/source/trusty/libguestfs
> and follow the links under "Debian Source Repository", the page shows
> that "The alioth.debian.org service is discontinued".
Here's a bit of unsolicited advice regarding a possible patch: You'll
need to add a mechanism to make kernel images readable.
This means doing more than a "chmod 644 /boot/vmlinuz*" at libguestfs0
post-installation time because any kernel image installed after the
libguestfs0 package would not be affected. Instead of chmod, please use
dpkg-statoverride(1). Using a dpkg-trigger(1) that fires on kernel
installation or removal seems like a good idea. Also you should add code
to ask users whether they want this mechanism to be activated, using
debconf(1). After all, read-only kernel images are percieved as a
security measure by the Ubuntu project.
* Jarl:
>> how about providing that patch with the workaround we suggested? /packages. ubuntu. com/source/ trusty/ libguestfs
>
> I may take a look at working on a patch. I have cloned libguestfs, but
> can you point me in the right direction libguestfs package? When I open
> https:/
> and follow the links under "Debian Source Repository", the page shows
> that "The alioth.debian.org service is discontinued".
If you look at the next stable Ubuntu release "disco" /packages. ubuntu. com/source/ disco/libguestf s>), you'll be /salsa. debian. org/libvirt- team/libguestfs>.
(<https:/
directed to <https:/
Here's a bit of unsolicited advice regarding a possible patch: You'll
need to add a mechanism to make kernel images readable.
This means doing more than a "chmod 644 /boot/vmlinuz*" at libguestfs0 de(1). Using a dpkg-trigger(1) that fires on kernel
post-installation time because any kernel image installed after the
libguestfs0 package would not be affected. Instead of chmod, please use
dpkg-statoverri
installation or removal seems like a good idea. Also you should add code
to ask users whether they want this mechanism to be activated, using
debconf(1). After all, read-only kernel images are percieved as a
security measure by the Ubuntu project.
Cheers,
-Hilko