changing mock directory
Enrico Scholz
enrico.scholz at informatik.tu-chemnitz.de
Fri Jul 29 17:21:13 UTC 2005
orion at cora.nwra.com (Orion Poplawski) writes:
> File "/usr/bin/mock", line 364, in _umount
> raise Error, "could not umount %s error was: %s" % (path, output)
> __main__.Error: could not umount proc error was: mock-helper: error:
> /export/mock/fedora-5-i386-core/root/proc: not under allowed directory
> (/var/lib/mock)
Caused by too much security checks at the wrong place ('mock-helper
chroot ...' gives full control over the system, so these path-checks
(which can be workarounded with symlinks) are senseless). Best thing for
functionality would be:
* execute mock in an own namespace; so you do not have to care about
unmounting
* do the mounting nativly (call 'mount(2)' instead of exec(2) the 'mount'
command)
* for all other commands, do just an 'execv(argv[1], argv+1)' in
mock-helpers main() routine
Patches for the first two points are existing already.
Enrico
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 480 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-maintainers/attachments/20050729/e57cbdd4/attachment.sig>
More information about the Fedora-maintainers
mailing list