dpkg-statoverride -- Debian Delvings (1)

While I’ve spent a fair amount of time running around on Linux it’s typically been in a mixed Unix environment (Linux, Solaris and HPUX mostly) so my tool-set was comprised of portable applications and scripts. In my current job I’m working with an almost entirely Debian server environment, the few Redhat machines are living on borrowed time as the bosses want them gone.

While this may put a crimp on my cross-platform skills it does give me the chance to delve deeper into the “Debian way”, and to be fair it looks like it’s got a lot of neat tools.

The first of these is dpkg-statoverride, this simple little script allows you to modify the permissions and ownership of files as they are installed via the package system. At the back-end the /var/lib/dpkg/statoverride file contains a set of mappings, each one has <user> <group> <mode> and <file>. When the given file is installed the permissions are changed as per the line. You can add and remove the entries either through the dpkg-statoverride command or by editing the file by hand (not recommended).

To get the maximum benefits from this you’d want to keep a centralised list of files you want changed and then distribute it to all the machines, I’ll be covering some of the details on the hows and whys to do this in future posts about cfengine and pkgsync. All I need to do now is work out how to run the command against already existing files that don’t live in the packaging system…