-----Original Message-----
From: fedora-buildsys-list-bounces(a)redhat.com
[mailto:fedora-buildsys-list-bounces@redhat.com] On Behalf Of
Jesse Keating
Sent: Monday, June 26, 2006 2:59 PM
To: fedora-buildsys-list(a)redhat.com
Subject: Re: New version of mock working (I think)
In Red Hat land we use mock to run commands in a chroot.
Examples would be buildinstall from anaconda, pkgorder from
anaconda, createrepo, repoview, things of this nature that
should be ran in an environment it is trying to build and in
some cases on a particular arch it is trying to build.
This is IMHO outside the original scope of Mock, and it is
Agreed.
something we're just making use of as it is convenient to use
the same code paths for generating a chroot, installing a
package set into said chroot, and doing something inside that
chroot. In our case that something isn't building a package,
its doing something else.
For security implications, there is a push to make mock 'safe to run by
semi- or non-trusted users'. The chroot option is not ever going to be
safe, from what I can tell, so we might have to make a two-level scheme,
or a privleged config option for enabling/disabling this.
The 'mach' project has much greater ambitions on this front, and might
be a better choice for you.
--
Michael