I just had an inspiration which might make a kernel-level chroot
unnecessary: a preloaded .so library which translates filenames in
system calls, very similar to the one used in fakeroot. It could also
do fall-throughs on /dev and /proc, making copies of the device
special files and a second mount of proc unnecessary. The obvious
imperfections I can think of right now, unless I implement a more
complex filename translation, are:
/.. will be the fake root's parent, not the fake root.
Relative pathnames to /dev and /proc will not fall through.
Unless I want to use libelf on exec's and execute the chroot's dynamic
loader directly, the system's dynamic loader will be used.
Hopefully none of these will be a real issue. Anyway, it's something
to try while I'm still waiting for a compile account on sourceforge.
Daniel Schepler "Please don't disillusion me. I
firstname.lastname@example.org haven't had breakfast yet."
-- Orson Scott Card