On 23 Jun 2003, Wayne Davison <[EMAIL PROTECTED]> wrote: > However, if people want to support long-running monitoring of a chain of > ebuilds would require putting the state dir somewhere outside the home > directory. Perhaps we could allow the default location to be overridden > with a DISTCC_STATEDIR environment variable. Or, go back to putting it > in the temp dir, and implement the DISTCC_TMPDIR suggestion in a way > that overrides the TMPDIR setting instead of supplanting it.
I have thought a bit about this: I don't think there is anything here that justifies ebuild-specific hacks. Many users may want to retain visibility of software built by different users. The most obvious example is tools being built by root on BSD. Another is compilations taking place inside chroot environments. So I think distcc should note its state in a machine-global location. That location defaults to (say) /var/lib/distcc, but can be overridden by setting DISTCC_STATEDIR. Visibility of compilations between processes is controlled by permissions on the state directory. A reasonable configuration for many machines is for all compilations to be visible between all users. This can be achieved just by making the directory mode 777. As at present, there will be one file in there for all tasks runnning. I will extend it to include both tasks originating from the local machine and tasks running on the local machine, and to indicate the username. As an additional protection the files will be created subject to the Unix umask, so users that have requested privacy (umask 077) will not expose any information other than that they are running the compiler. The code needs to be a little careful of creating files in a directory that can be written by other people. For example, creation of files should be done in a way that is safe against symlink tricks. This is feasible. In the default installation, the directory will be created with mode 700, so that there is no security problem. Distribution packages are able to vary this policy either statically or depending on a user response during installation. Another possibility is to use some kind of network-based monitoring, but I am loath to introduce a new security interface etc. How does that sound? -- Martin __ distcc mailing list http://distcc.samba.org/ To unsubscribe or change options: http://lists.samba.org/cgi-bin/mailman/listinfo/distcc
