[buildd-tools-devel] Bug#586333: Bug#586333: Debian desktop support for virtualisation

Roger Leigh rleigh at codelibre.net
Sun Jun 27 19:21:47 UTC 2010


On Sun, Jun 27, 2010 at 10:48:25AM +0200, Josselin Mouette wrote:
> Le dimanche 27 juin 2010 à 01:40 +0100, Roger Leigh a écrit :
> > On Fri, Jun 25, 2010 at 01:46:41PM +0200, Josselin Mouette wrote:
> > > You may also need (but I haven’t checked):
> > >       * /var/run/cups for printing
> > >       * /var/run/avahi-daemon
> > > and some others that I’m forgetting.
> > 
> > Thanks!  I think we now have most of these.  We don't preserve the
> > environment by default (you have to use the -p option), but we
> > could make that automatic in a future release by adding a new
> > configuration option.  
> 
> You should definitely pass the following environment variables without
> asking, since GNOME applications won’t work without them:

[...]

I've added a 'preserve-environment=true|false' option today, which
will pass the entire environment through minus some filtering for
security (which doesn't cover any of the variables in your list).

> Passing all of /var/run looks a bit dangerous to me since it could lead
> some scripts in the chroot believe that a daemon is started in the
> chroot. I’m not sure if that’s a real problem, but you should probably
> at least print a warning somewhere.

Agreed.  I'll just limit this to /var/run/gdm3 in the next upload.
Unfortunately, because we can't be sure gdm3 is installed, it will
need to be commented out by default.  Or we need to make schroot-mount
less picky about mount failures.  I would be somewhat dubious about
doing that though, since it would mask a whole set of failures and
could have security implications.

So it's still not perfect, but I think we can easily document the
few minor bits of tweaking required--the major bits are all done at
least.


Regards,
Roger

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux             http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?       http://gutenprint.sourceforge.net/
   `-    GPG Public Key: 0x25BFB848   Please GPG sign your mail.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20100627/83a92d9e/attachment.pgp>


More information about the Buildd-tools-devel mailing list