[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [buildd-tools-devel] Bug#586333: Debian desktop support for virtualisation

On Sun, Jun 27, 2010 at 10:48:25AM +0200, Josselin Mouette wrote:
> Le dimanche 27 juin 2010 à 01:40 +0100, Roger Leigh a écrit :
> > On Fri, Jun 25, 2010 at 01:46:41PM +0200, Josselin Mouette wrote:
> > > You may also need (but I haven’t checked):
> > >       * /var/run/cups for printing
> > >       * /var/run/avahi-daemon
> > > and some others that I’m forgetting.
> > 
> > Thanks!  I think we now have most of these.  We don't preserve the
> > environment by default (you have to use the -p option), but we
> > could make that automatic in a future release by adding a new
> > configuration option.  
> You should definitely pass the following environment variables without
> asking, since GNOME applications won’t work without them:


I've added a 'preserve-environment=true|false' option today, which
will pass the entire environment through minus some filtering for
security (which doesn't cover any of the variables in your list).

> Passing all of /var/run looks a bit dangerous to me since it could lead
> some scripts in the chroot believe that a daemon is started in the
> chroot. I’m not sure if that’s a real problem, but you should probably
> at least print a warning somewhere.

Agreed.  I'll just limit this to /var/run/gdm3 in the next upload.
Unfortunately, because we can't be sure gdm3 is installed, it will
need to be commented out by default.  Or we need to make schroot-mount
less picky about mount failures.  I would be somewhat dubious about
doing that though, since it would mask a whole set of failures and
could have security implications.

So it's still not perfect, but I think we can easily document the
few minor bits of tweaking required--the major bits are all done at


  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux             http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?       http://gutenprint.sourceforge.net/
   `-    GPG Public Key: 0x25BFB848   Please GPG sign your mail.

Attachment: signature.asc
Description: Digital signature

Reply to: