| Summary: | sys-apps/syslog-ng chroot | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Paul Belt <gaarde> |
| Component: | New packages | Assignee: | Mr. Bones. (RETIRED) <mr_bones_> |
| Status: | RESOLVED WONTFIX | ||
| Severity: | minor | CC: | hardened |
| Priority: | High | ||
| Version: | 1.0 | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
| Attachments: | updated files to allow easy chroot | ||
|
Description
Paul Belt
2003-08-14 20:40:39 UTC
Created attachment 16122 [details]
updated files to allow easy chroot
Contains:
etc/conf.d/syslog-ng
etc/init.d/syslog-ng
syslog-ng-1.6.0_rc3-r1.ebuild.patch
syslog-ng.init.patch
usr/local/portage/sys-apps/syslog-ng/syslog-ng-1.6.0_rc3-r1.ebuild
my $0.02
Reading up on the chroot option of syslog-ng
well the manpage itself shows little to nothing about the -C option
other than [ -C <chroot-dir> ] which does not exactly tell me/us if this option is the equiv of the sysklogd -a option.
Also correct me if I'm wrong but would we not have to mount --bind /proc ${CHROOT}/proc in order for syslog-ng to be able to read from /proc/kmsg ?
And something like
stop {
mnt="$(mount | grep ${CHROOT}/proc | awk '{print $3}')"
[ "$mnt" == "${CHROOT}/proc" ] && umount ${CHROOT}/proc 2> /dev/null || eerror "Unmounting proc filesystem at $mnt"
}
Chrooting is is a good idea, but without proper documentation the option is little to no use. I would personally expect a chroot option for syslong-ng to be able to be the syslog for all the other chrooted environments.
Also noteworthy in pkg_config() we should never copy a binary file right off the root file system such as /lib/lib*.so. Instead the syslog-ng should be built with a "static" option so the libraries will be linked into the binary by default thus avoiding clutter in the chroot env.
syslog-ng-1.6.4 has been marked stable on x86 and now includes USE=static support. Forgot to mark this. |
