1 |
On Monday 22 September 2003 19:08, Luke-Jr wrote: |
2 |
> On Monday 22 September 2003 05:06 pm, Andrew Gaffney wrote: |
3 |
> > I've only been partly following this thread, but I think I may |
4 |
> > understand. The ebuild doesn't install the game. It just installs the |
5 |
> > installer. Portage can track where the installer is installed, but the |
6 |
> > files that the installer places are installed independently of the |
7 |
> > ebuild and portage. |
8 |
> |
9 |
> I'm referring to in general, not just this specific case. Why not make the |
10 |
> $WORKDIR invisible to ebuilds? It would probably help with ebuild that |
11 |
> currently need to patch broken Makefiles too. |
12 |
|
13 |
If there were some way that we can have overlay filesystems supported by the |
14 |
kernel ( readonly mount root, and over that mount a freshly created dir that |
15 |
will be used for all writes instead of the original. For reads though the |
16 |
original filesystem is visible (as long as there is no file with the same |
17 |
name in the writable part)) then it would be quite easy with chroot to |
18 |
"track" changes. I'm not a kernel coder, and I have no idea whether such code |
19 |
allready exists. It should be not too complex either. And also provide some |
20 |
of the "extra security" that was asked by an earlier thread this month. It |
21 |
should also be more foolproof than the sandbox, but relies on the kernel. |
22 |
|
23 |
Paul |
24 |
|
25 |
-- |
26 |
Paul de Vrieze |
27 |
Gentoo Developer |
28 |
Mail: pauldv@g.o |
29 |
Homepage: http://www.devrieze.net |