Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 138388 - [PATCH] Sandbox everything outside of $ROOT
Summary: [PATCH] Sandbox everything outside of $ROOT
Status: CONFIRMED
Alias: None
Product: Portage Development
Classification: Unclassified
Component: Enhancement/Feature Requests (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Portage team
URL:
Whiteboard:
Keywords:
Depends on: glep27
Blocks: 137867
  Show dependency tree
 
Reported: 2006-06-28 12:09 UTC by Donnie Berkholz (RETIRED)
Modified: 2021-05-06 03:44 UTC (History)
6 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
Messy sandbox implementation (ebuild.sh.patch,820 bytes, patch)
2009-06-02 02:22 UTC, Jacob Godserv
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Donnie Berkholz (RETIRED) gentoo-dev 2006-06-28 12:09:59 UTC
Many packages out there don't respect $ROOT properly. This results in screwed up "true root" filesystems when you're trying to install something into $ROOT. Portage should prevent this from happening by sandboxing everything outside of $ROOT so you just get a build failure instead of randomly screwed-with files.
Comment 1 SpanKY gentoo-dev 2006-06-28 18:22:34 UTC
hmm, good idea ... i always wondered if we could catch these misbehaving packages
Comment 2 Marius Mauch (RETIRED) gentoo-dev 2007-02-17 10:27:55 UTC
SO, any reason this hasn't been done yet?
Comment 3 SpanKY gentoo-dev 2007-03-09 16:55:17 UTC
nope ... as noted in Bug 152474, we could just:
ROOT=/some/funky/place

and add sandbox deny to that
Comment 4 Marius Mauch (RETIRED) gentoo-dev 2007-06-07 14:24:54 UTC
So why don't you do it then? ;)
Comment 5 Jacob Godserv 2009-06-02 02:22:52 UTC
Created attachment 193215 [details, diff]
Messy sandbox implementation

Untested. Messy. First portage patch ever. Can it get any worse? ;)

This bug is pretty stale, and it looks like no one really cares anymore. I had some time to poke around, so I did the best I could with the (perceived lack of) documentation on portage.

I don't expect you to seriously apply this. What I want to know is if I'm headed in the right direction. If someone could provide more detailed information on what exactly should be done, it might make patching portage a bit easier.