On Fri, Apr 06, 2018 at 11:28:58AM -0400, William L. Thomson Jr. wrote: > On Fri, 6 Apr 2018 14:10:51 +0900 Carsten Haitzler (The Rasterman) > <ras...@rasterman.com> wrote: > > limiting your sandbox from > > accessing XDG_RUNTIME_DIR is probably a very bad idea, because this > > is the standard "xdg" location for any run-time files. sockets or any > > other relevant "only around during runtime of a users log in session" > > files (thus they are not expected to persist and this dir and it not > > shared between users etc.) :)
Well, it's not quite that simple during package builds. Debian has a similar policy because users may build packages outside of a chroot. If the build process writes outside of the build dir, this could mess with their real home dirs. I imagine the Gentoo motivation is the same. > This is during build, nothing is running. Also this violates Gentoo > distro specific build policies. > > "All packages must build correctly when sandbox is active. " > https://devmanual.gentoo.org/general-concepts/sandbox/ Solution is to run WITH XDG_RUNTIME_DIR and HOME set to a temp dir: https://sources.debian.org/src/efl/1.20.7-4/debian/fake_home.sh/ Example use: https://sources.debian.org/src/efl/1.20.7-4/debian/rules/#L62 > Seems like something does need to be fixed. Yes - the build environment! Ross
signature.asc
Description: PGP signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ enlightenment-devel mailing list enlightenment-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/enlightenment-devel
