Ebuild and first release #30
Comments
|
Sure, why ever not. Let's try to get this package up to speed |
|
What I don't like about the ebuild: non-privileged users can execute the How can we prevent this? I can think of three options:
Otherwise, the ebuild installed flawlessly and the stemgentoo is already set up |
|
Is there any reason why we wouldn't instead just allow users to create gebuild systems? If it's doable from the workflow point of view it shouldn't be a problem that a user has “root” access inside a subsystem, it would actually be preferable from the point of view of high-power multi-user systems. |
|
Yes, chroot'ing is a privileged operation and therefore can not be performed by any other than root. Maybe, at some point, we could consider instead of chrooting starting a lxc container (which would be a plus due to better isolation, see also #32). But I haven't looked into that, so I can't say whether this is feasible. |
|
Too bad :( well, ok, we can add this to the 2.0 milestones, and in the meantime, since we know explicitly that the user has to be root regardless of permissions, I think
makes the most sense. |
As the package approaches some general-purpose usability, we should be looking to provide it via a more popular overlay, or directly via the main Gentoo overlay.
I have set-up a live ebuild on my overlay, and as soon as this works reliably we can release a ~stable version. Perhaps this would also be a good time for implementing a rudimentary test suite? e.g. at least for stemgentoo or for creating images of a gebuilder-single-purpose system.
@Doeme would you be interested in testing the ebuild and incorporating/updating the test phase?
The text was updated successfully, but these errors were encountered: