[buildd-tools-devel] [RfC] Honor chroot personality in setup service script
Roger Leigh
rleigh at codelibre.net
Wed Feb 11 09:48:26 UTC 2015
On Tue, Feb 10, 2015 at 04:43:56PM +0100, Jan-Marek Glogowski wrote:
> > I think you're correct that there needs to be some sort of wrapper,
> > e.g. schroot-exec like schroot-mount which can run commands in a
> > chroot. I'll have to think over the security and permissions side
> > of things--we don't want an end user to be able to run stuff in
> > arbitrary chroots. We might need to factor out the execution steps
> > inside schroot::session since this does all the setuid/personality
> > stuff, but we'll need to have a way to pass all the security and
> > configuration parameters in the setup script environment.
>
> So how to continue? Do you need some more input? Should I prepare an
> other patch?
You're right that this doesn't need as much complexity. Not looked
at the patch yet, I'll try to look soon.
--
.''`. Roger Leigh
: :' : Debian GNU/Linux http://people.debian.org/~rleigh/
`. `' schroot and sbuild http://alioth.debian.org/projects/buildd-tools
`- GPG Public Key F33D 281D 470A B443 6756 147C 07B3 C8BC 4083 E800
More information about the Buildd-tools-devel
mailing list