Hi Georgios,
why not just ensure the parent directory of the chroot is not
traversable for just any normal user?
That would allow preserving /tmp/buildd as build place as well
as retaining stuff under /run which packages create and which
is, in practice, often needed for chroots where initscripts are
not run.
In addition, I often do use the access to the /tmp in the chroot
for debugging and bootstrapping, so maybe create a new system
group, chown 0:_pbuilder /var/cache/pbuilder/build; chmod 0750
that directory, and good is? (Untested.)
Then, I could add my user to that group and continue doing so.
bye,
//mirabilos
--
„Cool, /usr/share/doc/mksh/examples/uhr.gz ist ja ein Grund,
mksh auf jedem System zu installieren.“
-- XTaran auf der OpenRheinRuhr, ganz begeistert
(EN: “[…]uhr.gz is a reason to install mksh on every system.”)
