Re: Package requiring a customised version of libc6
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Lucas Nussbaum wrote: [...] > Then what about using ptrace and overriding syscalls in the way > usermodelinux used to do it? Yes, indeed; that is currently looking like the best approach. Not only does it provide the low-level interface that upstream wants, but it also works on statically bound binaries and on anything else that makes syscalls directly. I'm a little worried about performance, but it can't be that bad or UML wouldn't use it. I'll suggest it to upstream. Thanks for the link. (Incidentally, the more I look at fakechroot the more I'm coming to believe that it's no use for anything whatsoever. The security aspects of it are... erm... nil; it's trivial for the client app to break out of its jail. Is this a potential problem?) - -- ┌── dg@cowlark.com ─── http://www.cowlark.com ─── │ │ "There does not now, nor will there ever, exist a programming language in │ which it is the least bit hard to write bad programs." --- Flon's Axiom -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGzr+7f9E0noFvlzgRAnMFAKCp0NxkOWgEW4XMNFeHg0CaViWlqwCg0S45 unlRqCTamPtiz0Q8tjZ2spU= =X2Ph -END PGP SIGNATURE-
Re: Package requiring a customised version of libc6
On Fri, Aug 24, 2007 at 12:23:39PM +0100, David Given wrote: > (Incidentally, the more I look at fakechroot the more I'm coming to believe > that it's no use for anything whatsoever. The security aspects of it are... > erm... nil; it's trivial for the client app to break out of its jail. Is this > a potential problem?) No, because it's not meant to provide security, just like fakeroot isn't meant to provide real root privs. - Matt -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [RFS] stunnel4 (updated package, adoption, RFS repost)
Hello, On Thu, 23 Aug 2007, Kapil Hari Paranjape wrote: > Package looks fine. I'm currently updating my local pbuilder base and > will upload when that is done. Unfortunately, I just realised that there are a few more changes that I think you should make! While looking through your debian/rules I found under the install rules: cd src; $(MAKE) install prefix=$(CURDIR)/debian/stunnel4/usr cd doc; $(MAKE) install prefix=$(CURDIR)/debian/stunnel4/usr ln doc/stunnel.8 doc/stunnel4.8 # Manpages will be installed by dh_installman rm -rf $(CURDIR)/debian/stunnel4/man rm -rf $(CURDIR)/debian/stunnel4/usr/man install -p -m 0644 tools/stunnel.conf-sample\ $(CURDIR)/debian/stunnel4/etc/stunnel/stunnel.conf # mv executables into /usr/bin, with propper names mv $(CURDIR)/debian/stunnel4/usr/sbin/stunnel \ $(CURDIR)/debian/stunnel4/usr/bin/stunnel4 mv $(CURDIR)/debian/stunnel4/usr/sbin/stunnel3 \ $(CURDIR)/debian/stunnel4/usr/bin/stunnel3 rmdir $(CURDIR)/debian/stunnel4/usr/sbin/ # Move docs into propper dir mv $(CURDIR)/debian/stunnel4/usr/share/doc/stunnel \ $(CURDIR)/debian/stunnel4/usr/share/doc/stunnel4 1. I think it is better to use "$(MAKE) -C src" and "$(MAKE) -C doc" instead of the "cd src; $(MAKE)" and "cd doc; $(MAKE)" constructs. 2. Since you use "debhelper", I think it is better if you use debhelper's .install files to move/install files in the correct places (man dh_install). Sorry for the late realisation. Thanks and regards, Kapil. -- signature.asc Description: Digital signature
