[F8/multilib] {,/usr}/{,s}bin64 (was: Split libperl from perl)

[Axel Thimm]

On Mon, Apr 30, 2007 at 05:40:43PM -0400, Ed Hill wrote:
> On Mon, 30 Apr 2007 21:46:04 +0200 Axel Thimm wrote:
> > On Mon, Apr 30, 2007 at 03:24:12PM +0200, Phil Knirsch wrote:
> > 
> > > The solution debian and Gentoo iirc use which are basically
> > > buildroots is the only way i know how you can cleanly separate
> > > various archs on one system. Sadly you'll then loose the common and
> > > sharable files, but any other solution will need very carefull and
> > > detailed planing.
> > 
> > Personally I prefer banning multilib in rpm for good and if that would
> > be best done by using chroot solutions, I'm all for it. The multilib
> > implementation within rpm magic just isn't scaling and produces more
> > bugs on the way than we can fix.
> 
> 
> I'm not familiar with the chroots used in Debian or Gentoo.  Can someone
> please say a few words about their usability?  I'm just wondering about
> the following:
> 
>  - do chroots require special permissions or group memberships?

chroots require root priviledges to chroot into. These can be
implemented by suid programs that become root, chroot and then drop
priviledges again.

>  - once you are in a chroot isn't it nearly impossible to 
>    access files outside it? Put differently, are there some 
>    interesting soft-linking or re-mounting gymnastics or other
>    hacks going on here to get at, say, your ${HOME} or other 
>    random directories from a chroot-ed program?

The only way to access your $HOME is by mounting it into the
chroot. Soft links can't help you.

> It just seems to me that chroots are probably a lot less usable than
> binaries placed in {,/usr}/{,s}bin64 or similar.
-- 
Axel.Thimm at ATrpms.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-maintainers/attachments/20070501/75dd54fc/attachment.sig>