| 1 |
On Mon, May 12, 2014 at 12:07 PM, Rick "Zero_Chaos" Farina |
| 2 |
<zerochaos@g.o> wrote: |
| 3 |
> What about talking to local network resources? In my metasploit ebuild |
| 4 |
> it has tests available which talk to a local database and are perfectly |
| 5 |
> safe, however, if postgresql is started on the system the tests don't |
| 6 |
> work, the ebuild needs to start it's own postgresql to run the tests. |
| 7 |
> This seems a bit needless in my package, but likely saves others from |
| 8 |
> poorly written tests. Do we want to allow access to system network |
| 9 |
> services or block them? Right now they are blocked, and that's going to |
| 10 |
> make the src_test function on my ebuild expand into near insanity to fix. |
| 11 |
|
| 12 |
So, in theory with a separate network namespace I would think that the |
| 13 |
ebuild could start postgresql which could listen on any port |
| 14 |
regardless of the fact that it is running already, because the port |
| 15 |
would not be used within its own namespace. Anything started within |
| 16 |
the namespace that tried to connect to postgresql would end up talking |
| 17 |
to the version contained within the namespace. That could be useful |
| 18 |
in a lot of testing scenarios. |
| 19 |
|
| 20 |
However, I don't know if portage actually makes the network namespace |
| 21 |
that it creates useful - I don't know if it contains any interfaces, |
| 22 |
or if they are initialized/etc. |
| 23 |
|
| 24 |
Rich |
Archives