| 1 |
Karl Trygve Kalleberg wrote: |
| 2 |
|
| 3 |
> For those who're not up to date on this subject, the reason why we want a |
| 4 |
> combination of subterfugue's SimplePathSandbox and fakeroot is that |
| 5 |
> 1) We don't want ebuilds to write outside of ${S}, /tmp or ${D} |
| 6 |
> 2) We really don't want to run the ebuilds as the real root, if we can |
| 7 |
> fake it, |
| 8 |
> hence fakeroot. (Fakeroot lets the ebuild think it runs as root; in |
| 9 |
> practice |
| 10 |
> this infers chown-privileges to a regular user). |
| 11 |
> 3) We do not want to use subterfugue since it's too slow. Fakeroot seems |
| 12 |
> to have |
| 13 |
> some features that are overkill for this project, and at any rate, we |
| 14 |
> really |
| 15 |
> only want to do syscall tracing once. (The alternative would be a |
| 16 |
> sandbox |
| 17 |
> process that contained fakeroot that contained the ebuild...) |
| 18 |
|
| 19 |
I am sure I have heard the argument, but I can't remember it. Is there |
| 20 |
a reason other than (2) that we can't just do a chroot to the image |
| 21 |
directory? |
| 22 |
|
| 23 |
-- |
| 24 |
Chad Huneycutt |
| 25 |
Ph.D. Student |
| 26 |
http://www.cc.gatech.edu/~chadh |
Archives