Hey! Ricardo Wurmus <rek...@elephly.net> skribis:
>> We could also have wrappers fall back to PRoot when unshare(2) fails. > > Good idea. Could we use ptrace directly and optimize it for the case of > “/gnu/store” paths? I’m just guessing that PRoot may incur a higher > performance penalty because it’s so generic compared to a compile-time > deterministic use of ptrace – after all, we know all /gnu/store > locations in advance. IWBN, but that’s a project in its own. ptrace(2) requires knowledge about the architecture’s ABI so that you know what registers to look at when a syscall happens, and so on. So for now it’ll have to be PRoot. I’ll try to come up with a patch set without PRoot support to begin with. Thanks for your feedback, Ludo’.