On Tue, Jul 10, 2007 at 09:46:32AM +0100, Paul Cager wrote: > Is it possible to set up the build environment so that access to the > network will fail (after downloading the Build-depends of course)? I'm > thinking of packages that attempt to download binary blobs (e.g. > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=424466).
No, pbuilder uses apt to download build dependencies that are not in its cache. My special setup even updates the apt lists always to allow build ing with just build other packages (build-dependencies). I have thought about this problem and I think the we should have a preloadable library (packaged as deb) that prevents all network operations. This should be easy to do with re-implementing the socket() function from glibc. Then its still possible to ioctls into the kernel to do create a socket but thats unlikely occur. Then something like nonet debuild .... should be possible to build without network access without breaking your system. This can then be built into our buildd. I'm investigating this solution more. Cheers, Michael -- .''`. | Michael Koch <[EMAIL PROTECTED]> : :' : | Free Java Developer <http://www.classpath.org> `. `' | `- | 1024D/BAC5 4B28 D436 95E6 F2E0 BD11 5923 A008 2763 483B -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
