1 |
Karl Trygve Kalleberg wrote: |
2 |
|
3 |
> For those who're not up to date on this subject, the reason why we want a |
4 |
> combination of subterfugue's SimplePathSandbox and fakeroot is that |
5 |
> 1) We don't want ebuilds to write outside of ${S}, /tmp or ${D} |
6 |
> 2) We really don't want to run the ebuilds as the real root, if we can |
7 |
> fake it, |
8 |
> hence fakeroot. (Fakeroot lets the ebuild think it runs as root; in |
9 |
> practice |
10 |
> this infers chown-privileges to a regular user). |
11 |
> 3) We do not want to use subterfugue since it's too slow. Fakeroot seems |
12 |
> to have |
13 |
> some features that are overkill for this project, and at any rate, we |
14 |
> really |
15 |
> only want to do syscall tracing once. (The alternative would be a |
16 |
> sandbox |
17 |
> process that contained fakeroot that contained the ebuild...) |
18 |
|
19 |
I am sure I have heard the argument, but I can't remember it. Is there |
20 |
a reason other than (2) that we can't just do a chroot to the image |
21 |
directory? |
22 |
|
23 |
-- |
24 |
Chad Huneycutt |
25 |
Ph.D. Student |
26 |
http://www.cc.gatech.edu/~chadh |