Date: Sat, 20 Aug 2011 09:43:47 -0400 From: Glen Barber <gjb@FreeBSD.org> To: Kostik Belousov <kostikbel@gmail.com> Cc: ports@freebsd.org Subject: Re: [Request for Comments] Adding a JAILED meta-variable to bsd.port.mk Message-ID: <4E4FBA13.4050009@FreeBSD.org> In-Reply-To: <20110820124443.GJ17489@deviant.kiev.zoral.com.ua> References: <4E4F95FD.907@FreeBSD.org> <20110820115203.GH17489@deviant.kiev.zoral.com.ua> <4E4FA589.7070303@FreeBSD.org> <20110820124443.GJ17489@deviant.kiev.zoral.com.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
On 8/20/11 8:44 AM, Kostik Belousov wrote: >> One thing I can think of off-hand to fix this in that case is setting a >> local environment variable to disable a check for security.jail.jailed. >> Would this be an ok solution for those cases? If not, I happily agree >> that this change should not be made then. >> >> I have an updated patch to bsd.port.mk that looks for a local >> environment variable, PKGJAIL - if it is set, then JAILED is unset. >> Would this be acceptable? > The change would require user to do a configuration for a thing that > previously just worked. What is the point ? > I suppose the specific problem I am trying to solve is a case where a user builds a port within a jail with the expectation that the port will in fact run within the jail with little or no changes. Perhaps security/sshguard-pf and databases/postgresql*-server are not the most ideal examples of where this would be relevant. I agree that a configuration change for something that worked before is not the best solution. So, I retract this change proposal. Again, thank you for the feedback and pointing out that this would have had negative impact on those using jails for package building. Regards, Glen -- Glen Barber | gjb@FreeBSD.org FreeBSD Documentation Project
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4E4FBA13.4050009>