[sandbox] specifying the destination of '-i' files/dirs
Daniel J Walsh
dwalsh at redhat.com
Tue May 24 13:52:33 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 05/24/2011 09:17 AM, Christoph A. wrote:
> On 05/24/2011 02:59 PM, Daniel J Walsh wrote:
>> I guess I would need a syntax that would make sense. Remember you can do
>>
>> sandbox -X -i ~/.mozilla -i ~/.gnome ...
>>
>> I guess you could use some syntax where the we had a separator, that
>> showed the destination directory
>>
>> sandbox -X -i ~/.sandbox/ffftemplate1/.mozilla:~/.mozilla
>>
>> But the separator would need to be something not likely to be in a file
>> system.
>
> Yes, I'm aware about the possibility of multiple '-i',
> but I think it would still be possible to implement this without a
> special separator. Though I have to admit that it won't be very nice ;)
>
> sandbox -X -i ~/foo evince
> (evince is the last argument and is therefore the cmd)
>
> sandbox -X -i ~/a/b ~/b evince
> (~/b is the destination)
>
> sandbox -X -i ~/a/b/c ~/d -i ~/f/c evince
>
> is also clear.
> Is there a risk of an ambiguous syntax?
>
> One would have to implement a "collision detection" for cases like:
> sandbox -X -i ~/a/b/c ~/c -i ~/c evince
>
> I also thought about a change to the '-i' switch so that everything
> would be copied to ~
>
> example:
> sandbox -X -i ~/a/b/c evince
> would automatically copy ~/a/b/c to ~/c
>
> but this behaviour would result in problems with commands like this:
>
> sandbox -X -i ~/a/c -i ~/x/c evince
> because two distinct files/folders would have the same destination.
>
I guess I could live with
sandbox -X -i ~/a/b/c ~/d -i ~/f/c evince
I would say
sandbox -X -i ~/a/b/c ~/c -i ~/c evince
Would copy the contents of both directories to ~/c within the sandbox.
then you don't need to worry about conflicts.
Patches welcome. :^)
However if you could figure out why firefox no longer works within
matchbox-windowmanager and even fix it, I would send you a Red Hat.
:^)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk3buCEACgkQrlYvE4MpobM3BQCaAlTnUhKMKDjF8IxpawU6jTzZ
IfMAnRXvwePGDtf8hKJX7B51qQrhTZCy
=A8o1
-----END PGP SIGNATURE-----
More information about the selinux
mailing list