[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#797781: [buildd-tools-devel] Bug#797781: diffoscope does not seem to work with schroot]



Hi Aurelien,

On Sun, Sep 06, 2015 at 07:28:40PM +0200, Aurelien Jarno wrote:
> The buildd flavour of the configuration mount a tmpfs in /dev/shm. AFAIK
> this is not done for the default flavour as too options are possible
> there:
> - Bind mount like above. This means sharing the shm directory with the
>   outside world. This might have some security implications, and
>   unwanted consequences.
> - Empty tmpfs like for buildds. This means the processes do not have
>   accesses to shared memory from processes outside of the chroot.
> 
> Depending on how the user want to use schroot, one or the other
> configuration should be used. I don't know how we should choose the
> default one.

Essentially, we have three options (for the default and desktop
profiles) now:

(A) Status quo: Don't mount /dev/shm.
(B) Bind mount /dev/shm.
(C) Mount a tmpfs on /dev/shm.

As you point out, each of (B) and (C) breaks some people's workflows
(either isolation or stuff doesn't work).

Either (B) or (C) fixes what many users (e.g. diffoscope, ghc, my own
itch, ...) want. (C) doesn't regress on isolation compared to (A).
Therefore I argue that (C) is strictly "better" than (A), but (B) isn't.

I agree that we cannot find a one-fits-all here. Having a comment in the
fstab for the other option certainly helps (and is already there). Still
changing the default from (A) to (C) seems like it could fix a fair
number of use cases without regressing assumptions on isolation or
existing use cases.

Does that make sense to you?

Helmut


Reply to: