Privilege Specification

During package installation, package files will be chown with ${package}:${package}. As mentioned in Mechanism, this results in package executables to be run as ${package}. But some executables might require higher privilege. Here we provide a Json config file called privilege specification, located in the SPK's conf/privilege. This privilege specification specifies what kind of privilege the executables need.

NOTE For packages that does not support running with lower privileges, simply do not supply this previlege specification. Then package center will not apply chown on the files.

The content of privilege specification is shown below. defaults specifies the default privilege and decides how to apply chown on files.. "username" and groupname are optional, used for custom user / group name. The rest of the key is used to overwrite the default setting.

{
  "defaults":{
    "run-as": "<run-as>"
  },
  "username": "<username>",
  "groupname": "<groupname>",
  "ctrl-script":[{
    "action": "<action>",
    "run-as": "<run-as>"
  }, ...],
  "executable": [{
    "relpath": "<relpath>",
    "run-as": "<run-as>"
  }, ...],
  "tool": [{
    "relpath": "<relpath>",
    "user": "<user>",
    "group": "<group>",
    "permission": "<mode>"
  }, ...]
}
  • <run-as>
    Can be package, system, or root, determines what privilege will the executable be granted:
run-as description
package Run as ${package} and drop privilege.
system Run as ${package}, but preserve the ability to grant privilege.
root Run as root.

defaults

Use run-as to specify what privilege to be granted, also decides how to chown.

run-as description
package chown -hR "${package}:${package}"
system chown -hR "${package}:system"
root Do not chown.