On Tue, Jul 31, 2012 at 10:48 AM, "Paweł Hajdan, Jr." <phajdan...@gentoo.org> wrote: > On 7/26/12 8:26 PM, Rich Freeman wrote: >> I've been messing around with namespaces and some of what systemd has >> been doing with them, and I have an idea for a portage feature. >> >> But before doing a brain dump of ideas, how useful would it be to have >> a FEATURE for portage to do a limited-visibility build? That is, the >> build would be run in an environment where the root filesystem appears >> to contain everything in a DEPEND (including @system currently) and >> nothing else? > > I was thinking about something similar too. In my opinion it's a great > feature. If/when there are any bugs to get this implemented, please let > me know. > > A possible alternative implementation would be to make the sandbox deny > access to anything outside DEPEND. One totally crazy idea to make that > fast are extended attributes (portage would record which package a file > belongs to when merging the file). Another possible solution is using a > cache.
We already have the ability to run commands like 'equery b $somefile' to map a file back to a package, so the data for a filesystem helper should already be available in whatever database equery is using. -- :wq