proposed mock changes (diff)
Clark Williams
williams at redhat.com
Mon Jul 17 15:29:01 UTC 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello all,
I was poking around in the mock source last week and did some minor
refactoring, a couple of name-changes and tried out the rpmlint
request. Attached below is a CVS diff of my mock.py with the head of
CVS. Please review and comment. A quick summary of the changes:
1. Changed version to 0.7.
2. Added code to avoid exec'ing mount for proc, sys, and dev/pts if
we've already done it
3. Oh yeah, added /sys to chroot mount
4. Refactoring: renamed _mount to _mountall, created _mount routine
that is called by _mountall
5. Renamed _umount_by_file to _umountall
6. Added code to run rpmlint
7. Added elevate/drop around raw chroot command
I'd especially like some thought on #7, since any time you elevate and
drop you can introduce a security hole and I freely admit that I'm not
always thinking security first.
If I don't get any push-back (or if I do and then get things
resolved), I'll commit these later this week.
Clark
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFEu6y9Hyuj/+TTEp0RAgumAJ9STO3Qc/7Ca4xYNdIAifcKs4oPvACgqpDD
zOm5eNJ1Gwsgc4KqhS8WW0s=
=0mBy
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: mock.diff
Type: text/x-patch
Size: 8718 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/buildsys/attachments/20060717/99b2d84d/attachment.bin
More information about the buildsys
mailing list