On Fri, Dec 22, 2017 at 02:36:17PM -0300, Giancarlo Razzolini via arch-general wrote: > Em dezembro 22, 2017 13:55 Manuel Reimer escreveu: > > On 12/22/2017 03:17 PM, Giancarlo Razzolini via arch-general wrote: > > I have an existing build system that I call with root permissions and > > from this point on it does everything on its own. Including creating the > > required build user, fetching build dependencies, building packages in > > context of the build user, ... > > > > My idea was to make use of "chroot building" to have a clean state of > > packages for every build. If this is possible, I would add this. If > > fully automated processing doesn't work with the existing tools, I'll > > stick with my way and keep building without chroot. > > > > You keep saying chroot and I guess that arises from the name of the tool, > makechrootpkg. But keep in mind that you don't actually use a chroot, you > use a container. There's a difference, and it's not just semantics. I'm sorry for an unrelated question, but why is it really necessary to make a new container for each pkg? It seems lots of unnecessary copies (I think rsync(1) call in makechrootpkg doesn't do hardlinks)... I understand the issue about getting unlisted deps in packages, but in my experience this problem is minor. So just boot a build container and ssh in there as a non-root user (in fact, you don't even need root inside the container). And keep it clean. At least this has worked for me for years. Also, with newer -ARCH kernels, you can do non-privileged containers, so makechrootpkg should run as a ordinary user to begin with... Cheers, -- Leonid Isaev
