1 |
On Mon, May 12, 2014 at 12:07 PM, Rick "Zero_Chaos" Farina |
2 |
<zerochaos@g.o> wrote: |
3 |
> What about talking to local network resources? In my metasploit ebuild |
4 |
> it has tests available which talk to a local database and are perfectly |
5 |
> safe, however, if postgresql is started on the system the tests don't |
6 |
> work, the ebuild needs to start it's own postgresql to run the tests. |
7 |
> This seems a bit needless in my package, but likely saves others from |
8 |
> poorly written tests. Do we want to allow access to system network |
9 |
> services or block them? Right now they are blocked, and that's going to |
10 |
> make the src_test function on my ebuild expand into near insanity to fix. |
11 |
|
12 |
So, in theory with a separate network namespace I would think that the |
13 |
ebuild could start postgresql which could listen on any port |
14 |
regardless of the fact that it is running already, because the port |
15 |
would not be used within its own namespace. Anything started within |
16 |
the namespace that tried to connect to postgresql would end up talking |
17 |
to the version contained within the namespace. That could be useful |
18 |
in a lot of testing scenarios. |
19 |
|
20 |
However, I don't know if portage actually makes the network namespace |
21 |
that it creates useful - I don't know if it contains any interfaces, |
22 |
or if they are initialized/etc. |
23 |
|
24 |
Rich |