Re: chroot sockets
On Sun, Jun 19, 2011 at 03:46:00AM +0200, Samuel Thibault wrote:
> olafBuddenhagen@gmx.net, le Fri 17 Jun 2011 23:19:15 +0200, a écrit :
> > On Fri, Jun 03, 2011 at 10:40:03AM +0200, Samuel Thibault wrote:
> > > olafBuddenhagen@gmx.net, le Thu 02 Jun 2011 04:13:34 +0200, a écrit :
> > > > Err... What's the use of sharing the pipe server between chroot and
> > > > main system?
> > >
> > > So that named pipes can actually work.
> > Why wouldn't they work if the chroot uses a separate pipe server? AIUI
> > it will only prevent pipes *between* the two environments, but not
> > within it...
> > > /tmp and /var/run and things like that also need to be firmlinked.
> > > Else the rendez-vous between pflocal and libc doesn't work.
> > What rendez-vous?
> Honestly I don't remember all the details and don't want to dive into
> it again, but be sure that there *is* an issue, else I wouldn't have
> tinkered with this. It must be something like: the separate pipe server
> is not chrooted, and thus looks for the rendez-vous (see pipe code, I'm
> afraid I'm too lazy to work out the details again just to explain them)
> in the non-chrooted filesystem.
Hm, right... The well-known passive-translator-escapes-chroot problem.
I even briefly considered this, but for some discarded it as a non-issue
-- wrongly I guess.