The security handbook chroot guide (/doc/en/security/shb-chroot.xml) tries to use bash to explain the workings of chrooting a service. While it's a nice intro to chrooting in general, it doesn't really touch the nitty gritty of getting services chroot'ed. This rewrite uses a real life example service (The monkeyd webserver) to explain how to setup the chroot'ed environment. I think it meets the purposes of the document a tad better. For those of you that REALLY want it, I'm attaching a diff ;p.
Created attachment 80110 [details] shb-chroot.xml The rewritten guide.
Created attachment 80111 [details, diff] shb-chroot.diff A diff against the original guide.
Docs-team: it's been awhile on this bug. I'm willing to add it to the guide; not a hard commit. However, do you guys think a full-up example is necessary, or is our existing minimal chroot stuff sufficient?
Right, timing out, no response in 5 months since my last query, no response in over a year. The example package in question isn't available for many arches, much less marked stable. Too bad this became one of those bugs that just becomes irrelevant after awhile. One less thing to worry about. Closing.