[gobolinux-devel] Handle unmanaged files in FiboSandbox (and cleaner for UnionSandbox)
Hisham Muhammad
hisham.hm at gmail.com
Wed Apr 25 14:29:47 UTC 2007
On 4/25/07, Jonas Karlsson <jonka750 at student.liu.se> wrote:
> On Wed, 25 Apr 2007 02:29:55 +0200, Hisham Muhammad <hisham.hm at gmail.com>
> wrote:
>
> > On 4/24/07, Jonas Karlsson <jonka750 at student.liu.se> wrote:
> >> Here's a proposed change to fix the handling of unmanaged files a bit
> >> cleaner at the same time as it adds support for unmanaged files to
> >> FiboSandbox. In short what it does:
> >> It adds support for mapped mounts to FiboSandbox. This is implemented so
> >> that for every system directory in the mapped mounts option will have a
> >> corresponding directory in Resources/Unmanaged in the ${target}
> >> directory,
> >> which will be bind mounted over the system directory redirecting all
> >> writes into the system directory to the directory in
> >> Resources/Unmanaged.
> >> Easy, huh? :)
> >> An example:
> >> /System/Kernel/Modules/$(uname -r)/misc/ndiswrapper.ko is in the
> >> unmanaged
> >> file array. Then
> >> ${target}/Resources/Unmanaged/System/Kernel/Modules/$(uname -r)/misc
> >> will
> >> be bind mounted over /System/Kernel/Modules/$(uname -r)/misc, so when
> >> the
> >> installer tries to copy the file to /System/Kernel/Modules/$(uname
> >> -r)/misc it will be redirected, through the mount, to
> >> ${target}/Resources/Unmanaged/System/Kernel/Modules/$(uname -r)/misc
> >>
> >> Union sandbox already had mapped mounts.
> >>
> >> Then I made Compile parse the unmanaged_files array and pass it to
> >> SandboxInstall that made it to mapped mounts, which both FiboSandbox and
> >> UnionSandbox now supports.
> >
> > My only fear is that the fact that now the bind-mount is occluding any
> > existing contents of directories that will receive unmanaged files may
> > for some strange reason break some recipe. I couldn't think of any
> > case, but it's a possibility.
> >
> If it breaks the recipe, the recipe is already broken. The mounts are only
> done, just before "make install" and are undone right after. As far as I'm
> concerned no other binaries/executables then 'mv','cp' and 'install'
> should be used during this step, so "hiding" some other
> binaries/executables should not break anything ("hiding"
> binaries/executables is the only way I can see that it breaks). At the
> same time, binaries/executables shouldn't be handled as unmanaged files,
> i.e. no bin/sbin (or similar directory) should be listed in unmanaged
> files. Actually the only files I see have to be handled as unmanaged files
> are kernel modules (as they can't be links - yet), other files should be
> insterted in the "normal" tree.
Agreed.
> > Maybe this new support could be added to FiboSandbox but keep Compile
> > working with unionfs the same way as it does now (and switch
> > UnionSandbox behavior to use mapped mounts later)? One problem
> > implementing this idea is that the use of Union vs Fibo is transparent
> > to Compile now, AFAIK. OTOH, maybe I'm just being too paranoid.
> >
> I can't see what difference you're talking about. The use of Union vs Fibo
> should be transparent with my implementation as well. Now both supports
> '--map' and both sandboxes use that to handle unmanaged files. There's no
> difference.
Yes, yes. I was thinking about the possiblity of (broken) recipes
relying on the difference of behavior that used to exist between Fibo
and Union. But you're right, this shouldn't be a problem in practice.
-- Hisham
More information about the gobolinux-devel
mailing list