| 1 |
Hello, |
| 2 |
|
| 3 |
Since lately Gentoo devs force you to replace collision-protect with |
| 4 |
protect-owned [1] and sometimes packages just spit out files randomly |
| 5 |
on the filesystem due to random errors, I thought it may be a good idea |
| 6 |
to provide a new feature limiting the locations where packages can |
| 7 |
install. |
| 8 |
|
| 9 |
In order to do that, we should first compose a complete include/exclude |
| 10 |
list where packages can install. I'd suggest the following: |
| 11 |
|
| 12 |
+ /bin |
| 13 |
+ /boot (but maybe just subdirectories so packages can't overwrite |
| 14 |
kernels?) |
| 15 |
[potentially + /dev? but that's useful only when tmpfs isn't mounted] |
| 16 |
+ /etc |
| 17 |
+ /lib, /lib32, /lib64 |
| 18 |
+ /opt |
| 19 |
+ /sbin |
| 20 |
[potentially + /service for ugly daemontools] |
| 21 |
+ /usr |
| 22 |
+ /var |
| 23 |
- /usr/local |
| 24 |
- /usr/portage |
| 25 |
|
| 26 |
What are your thoughts on this? |
| 27 |
|
| 28 |
[1]:https://bugs.gentoo.org/show_bug.cgi?id=410691#c4 |
| 29 |
|
| 30 |
-- |
| 31 |
Best regards, |
| 32 |
Michał Górny |
Archives