1 |
I propose a new USE flag for a few key services that would install the |
2 |
package in a chroot "out of the box." This idea was inspired by a |
3 |
conversation between Greg Fitzgerald (gregf) and myself on applying |
4 |
ideas from OpenBSD to Gentoo. Another source of inspiration is the |
5 |
excelent pkg_config code in the latest bind9 ebuilds. I further |
6 |
discussed this idea w/ memebers of the gentoo-hardened team and further |
7 |
crystalized the workings of such a flag. I would propose that the ebuild |
8 |
include two conditional install proceedures keyed on the chroot USE |
9 |
flag. The only possible problem I forsee is building devices inside the |
10 |
sandbox, which could be accomplished in pkg_postinstall as a last |
11 |
resort. I would be happy for any feedback or further development of this |
12 |
idea. |
13 |
|
14 |
Brandon Hale |
15 |
|
16 |
|
17 |
|
18 |
-- |
19 |
gentoo-dev@g.o mailing list |