[buildd-tools-devel] Unionfs support in schroot 1.4.6

Jan-Marek Glogowski glogow at fbihome.de
Fri Jul 9 14:57:15 UTC 2010 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Roger

Sorry for the late response.

On Sun, 4 Jul 2010, Roger Leigh wrote:

> There have been quite a few changes in the last few releases, most 
> recently to the setup scripts.  Since I don't have a kernel with 
> unionfs/aufs support, could you possibly try the latest git (schroot-1.4 
> branch) and confirm if union support is still fully functional (for 
> directory, block-device and loopback chroot types)?

I'm currently quite busy, but I'm organizing a Debian BSP next weekend 
(http://wiki.debian.org/BSP2010/Munich) and I'll be able to do some tests 
while otherwise hacking on my apt multicast backend. I'll report back.

> unionfs support, though the chance of this is small.  I'd just like to 
> be sure because I'd like to freeze what we have for squeeze soon.
>
> I've put a tarball here as well:
> http://www.codelibre.net/~rleigh/schroot-1.4.6.tar.bz2
>
> Are there any other improvements or changes you'd like to make to the 
> unionfs support prior to squeeze?  There was one request for the ability 
> to use multiple filesystems in the underlay, in the list archives I 
> think.  I'm not sure if the extra complexity is worth it though?

AFAIK there is already union-mount-options, where one can create arbitary 
complex union mounts. If that's not sufficient the user would have to 
add a custom setup script anyway.

> The only other major thing I was considering is security of sessions. 
> When we create a session it's currently accessible by anyone who has 
> access to the original chroot (this flaw was pointed out by Tim Abbott 
> last year). It should be trivial to restrict access to the session 
> creator (which is the most common use case).  We don't currently provide 
> for a way to change access permissions though.

If it should be simple to add or remove additional users / groups to the 
session file.

Regards,
Jan-Marek
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkw3OMsACgkQj6MK58wZA3cw+wCfZ4K5EO9PsfiwHF0H66Ti97Dz
I54AnRwcuQPuBQQl+WMGerKB6ibEpqeg
=fOua
-----END PGP SIGNATURE-----

More information about the Buildd-tools-devel mailing list