On Mon, 30 Jul 2007 16:22:08 +0200 Axel Thimm <Axel.Thimm@xxxxxxxxxx> wrote: > I'd like to be able to really setup chroot w/o any root > privilegdes. This already works at 99% using > fakeroot/fakechroot. There is some code in rpm that didn't swallow the > fake environment. It didn't look too difficult to fix. :) > > The application is very important: Currently any submitter can take > over any builder by placing some code in %post*/%pre* scripts and > making this package a BR of another package. Being root makes it easy > to escape the chroot and perform root operations at the builder level > (unless the builders are properly selinux protected). > > A secondary benefit of fakeroot/fakechroot support would be that any > random student on any random Linux system could deploy a build system > under his account and produce nice rpm packages w/o the need for root > priviledges on these systems. We'd like something like this for Koji as well (: -- Jesse Keating Release Engineer: Fedora
Attachment:
signature.asc
Description: PGP signature
-- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
