also sprach Javier Fernández-Sanguino Peña <[EMAIL PROTECTED]> [2002.03.07.1054 +0100]: > > > Debian could provide, with only some effort from package > > > maintainers versions of daemons chrooted to given environments. This > > > however, might break Policy (IMHO). > > > > how would it break policy? > > (sorry, catching up with posts)
me too...
> Policy would be broken because a chroot installation would need
> all the libraries, configuration files, etc... that the service needed
> to be placed in a given fixed location
> (for example /usr/lib/named/etc, /usr/lib/named/var/{log,run})
> This defeats the FHS and also one of Debian's primary assumptions
> (all configuration files in /etc for example) on which the policy is
> based.
not necessarily. depends on how the daemon is written. for instance,
my bind9 chroot has absolutely zero anything in violation with the
FHS!
but i see your point. it's a flaw in the policy/FHS though, i think.
--
martin; (greetings from the heart of the sun.)
\____ echo mailto: !#^."<*>"|tr "<*> mailto:"; [EMAIL PROTECTED]
you work very hard. don't try to think as well.
pgpZGNwJx8Y0H.pgp
Description: PGP signature
