On Wed, May 11, 2011 at 10:14:16AM -0700, Russ Allbery wrote: > Roger Leigh <rle...@codelibre.net> writes: > > The "solution" to the chroot problem is to always manipulate the chroot > via chroot, which ensures that the view of everything in the chroot is > consistent. But I realize that's not always feasible or obvious. (Again, > something that I'm used to doing due to other issues over the years, but > which may no longer be "current".) [...] > I would say, though, that I consider it pretty dangerous to manipulate a > chroot environment without using chroot. It's way too easy to > accidentally ascend out of the chroot and do things you didn't intend to > do, and if you're already doing things as root, there's absolutely no > reason not to just stick a chroot invocation in front of your command.
> > From the POV of packaging, I'd like symlinks to point to a specific > > place, without ambiguity, and in the context of chroots, a relative link > > is unambiguous whereas an absolute link changes depending on where we > > are rooted. > > Yeah, this makes sense. Maybe it's time to reconsider this policy. I'd just like to bring a related bug to your attention: 626826 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=626826 Here, sbuild creates a lockfile inside the chroot (/var/lock/sbuild). If, in the chroot, /var/lock is a symlink to /run/lock then when we create the lockfile we actually create it on the host. When the symlink is relative this doesn't occur. One could argue that such a thing should be done via the chroot program (or schroot, in our case). However, given that we are doing an open(2) with O_WRONLY|O_CREAT|O_TRUNC|O_EXCL and then writing job-specific information into the lockfile and doing other stuff like finding the process owning the lock, this is not ideal- doing it via a long shell command is not easy or robust, and installing additional code into the chroot is also not ideal. Tools like sbuild, which by their nature need to copy files in and out of the chroot (packages, stuff to set up the environment, apt configuration and all sorts) could in theory do all this inside the chroot. But in reality some of this stuff needs doing outside as well due to lack of certain tools inside and the huge increase in complexity to do so. Regards, Roger -- .''`. Roger Leigh : :' : Debian GNU/Linux http://people.debian.org/~rleigh/ `. `' Printing on GNU/Linux? http://gutenprint.sourceforge.net/ `- GPG Public Key: 0x25BFB848 Please GPG sign your mail.
signature.asc
Description: Digital signature
