1 |
Hello, |
2 |
|
3 |
Since lately Gentoo devs force you to replace collision-protect with |
4 |
protect-owned [1] and sometimes packages just spit out files randomly |
5 |
on the filesystem due to random errors, I thought it may be a good idea |
6 |
to provide a new feature limiting the locations where packages can |
7 |
install. |
8 |
|
9 |
In order to do that, we should first compose a complete include/exclude |
10 |
list where packages can install. I'd suggest the following: |
11 |
|
12 |
+ /bin |
13 |
+ /boot (but maybe just subdirectories so packages can't overwrite |
14 |
kernels?) |
15 |
[potentially + /dev? but that's useful only when tmpfs isn't mounted] |
16 |
+ /etc |
17 |
+ /lib, /lib32, /lib64 |
18 |
+ /opt |
19 |
+ /sbin |
20 |
[potentially + /service for ugly daemontools] |
21 |
+ /usr |
22 |
+ /var |
23 |
- /usr/local |
24 |
- /usr/portage |
25 |
|
26 |
What are your thoughts on this? |
27 |
|
28 |
[1]:https://bugs.gentoo.org/show_bug.cgi?id=410691#c4 |
29 |
|
30 |
-- |
31 |
Best regards, |
32 |
Michał Górny |