New version of mock working (I think)
Michael_E_Brown at Dell.com
Michael_E_Brown at Dell.com
Mon Jun 26 20:02:44 UTC 2006
> -----Original Message-----
> From: fedora-buildsys-list-bounces at redhat.com
> [mailto:fedora-buildsys-list-bounces at redhat.com] On Behalf Of
> Jesse Keating
> Sent: Monday, June 26, 2006 2:59 PM
> To: fedora-buildsys-list at redhat.com
> Subject: Re: New version of mock working (I think)
>
> In Red Hat land we use mock to run commands in a chroot.
> Examples would be buildinstall from anaconda, pkgorder from
> anaconda, createrepo, repoview, things of this nature that
> should be ran in an environment it is trying to build and in
> some cases on a particular arch it is trying to build.
>
> This is IMHO outside the original scope of Mock, and it is
Agreed.
> something we're just making use of as it is convenient to use
> the same code paths for generating a chroot, installing a
> package set into said chroot, and doing something inside that
> chroot. In our case that something isn't building a package,
> its doing something else.
For security implications, there is a push to make mock 'safe to run by
semi- or non-trusted users'. The chroot option is not ever going to be
safe, from what I can tell, so we might have to make a two-level scheme,
or a privleged config option for enabling/disabling this.
The 'mach' project has much greater ambitions on this front, and might
be a better choice for you.
--
Michael
More information about the Fedora-buildsys-list
mailing list