On Sun, 2018-11-11 at 21:53 +0100, Michał Górny wrote:
> Hi,
>
> Ok, here's the second version integrating the feedback received.
> The format is much simpler, based on nested tarballs inspired by Debian.
>
> The outer tarball is uncompressed and uses '.gpkg.tar' suffix. It
> contains
Supporting using PID namespace in order to isolate the ebuild processes
from host system, and make it possible to kill them all easily
(similarly to cgroups but easier to use).
Bug: https://bugs.gentoo.org/659582
Signed-off-by: Michał Górny
---
lib/portage/const.py | 1 +
Signed-off-by: Michał Górny
---
bin/pid-ns-init| 25 +
lib/portage/process.py | 11 ++-
2 files changed, 31 insertions(+), 5 deletions(-)
create mode 100644 bin/pid-ns-init
diff --git a/bin/pid-ns-init b/bin/pid-ns-init
new file mode 100644
index
Support FEATURES=mount-sandbox that unshares the ebuild processes
into a new mount namespace and makes all the mounts private by default.
Signed-off-by: Michał Górny
---
lib/portage/const.py | 1 +
lib/portage/package/ebuild/doebuild.py | 7 +-
lib/portage/process.py