On 7/7/07, Carlo Calica <[EMAIL PROTECTED]> wrote: > On 7/7/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > > > You hit a tricky issue, dependencies on executables. The dependency > > system assumes that a needed program being present under /Program is > > enough. It does not check if it is really symlinked. When working with > > the live system, there's really no way to solve this problem, as it is > > not safe to have Compile resymlink stuff for a build. Using > > ChrootCompile that's not a problem, as only the needed dependencies > > are inserted in the chroot, but that's still not as userfriendly as > > Compile. Eventually, Compile's behavior should evolve to default into > > something like running ChrootCompile --local-programs (which builds a > > safe chroot but uses entries from /Programs). > > > > That is true. Moving Compile to something like ChrootCompile is > definitely a good goal. In this instance, the desired Qt (3 or 4) > conflicts at build time due to the moc executable. At runtime, Qt 3 > and 4 shouldn't conflict. ChrootCompile should solve this.
While talking about that, we still have to figure out a way to allow installation scripts to poke with files such as passwd/shadow/group (the last time I talked to Jonas he had some good ideas on how to deal with that).. The problem with sandboxing is that it'll be pretty easy to get fooled by it, as writes will not be redirected to the "real" root filesystem.. anyway, this talk is more appropriate to be done in the devel mailing list (copied). -- Lucas powered by /dev/dsp _______________________________________________ gobolinux-devel mailing list gobolinux-devel@lists.gobolinux.org http://lists.gobolinux.org/mailman/listinfo/gobolinux-devel
