On Wed, 2010-12-08 at 13:50 -0500, James Ralston wrote:
> On 2010-12-08 at 13:07-05 seth vidal <skvi...@fedoraproject.org> wrote:
> > the mock chroots that koji uses could still be rooted by someone who
> > can submit their own build-requirement-providing packages.
> Well, we vet all packages our developers submit before releasing them
> to our repositories, so we would catch a developer submitting (e.g.) a
> suid-bash-shell-1.0.0-1.el5.x86_64.rpm package.
> Does koji provide a mechanism for the submitter to specify his own yum
> repositories for mock to use?

not that I'm aware of - the folks on the buildsys list who maintain koji
may be able to help you more


> Well, the ultimate protection would be to use this procedure for each
> build:
>     1.  Instantiate VMs for all architectures specified by the build,
>         via cloning "known good" build VMs.
>     2.  Use koji to build on each VM.
>     3.  Destroy each VM that was instantiated.
> But that's some *serious* overhead.  Plus, I'm not sure that we could
> automate steps #1 and #3, which would be a dealbreaker.

sure you can. :)

I'm dabbling in that right at this moment :)

> Honestly, given current trends, it might be that before too much
> longer, the best solution might be to simply give each developer his
> own VM for each OS/architecture he wants to build for, and tell him to
> use mock directly.  Before each build, he snapshots the VM, and after
> each build, he reverts to the snapshot (discarding whatever changes
> the build process made to the system)...



devel mailing list

Reply via email to