Gentoo Archives: gentoo-dev

From: "Rémi Cardona" <remi@g.o>
To: gentoo-dev@l.g.o
Subject: Re: [gentoo-dev] New developer features in portage: cgroup, network-sandbox, ipc-sandbox
Date: Sat, 24 Aug 2013 20:37:39
Message-Id: 1377376645.9101.2.camel@exos
In Reply to: [gentoo-dev] New developer features in portage: cgroup, network-sandbox, ipc-sandbox by "Michał Górny"
1 Le mardi 20 août 2013 à 12:26 +0200, Michał Górny a écrit :
2 > 3. FEATURES=ipc-sandbox
3 >
4 > Requires: CONFIG_NAMESPACES, CONFIG_IPC_NS
5 >
6 > Applies to: src_*
7 >
8 > This one separates the ebuild's *nix IPC stuff from host. This includes
9 > semaphores, shared memory etc. Similarly to network-sandbox, this could
10 > prevent ebuilds from communicating with some production servers.
11 >
12 > But honestly, I have no idea if anything really does it or relies on it.
13 > I doubt this could break something but it's worth testing.
14
15 This could impact ebuilds using the virtualx eclass, depending on how
16 the launched xvfb/xorg server is launched. It'd be interesting to test
17 the impact.
18
19 Other than that, it looks like really sweet stuff.
20
21 Cheers,
22
23 Rémi