[Buildroot] [PATCH 1/3] package/bubblewrap: new package
Peter Korsgaard
peter at korsgaard.com
Sat Dec 7 13:12:17 UTC 2019
>>>>> "Adrian" == Adrian Perez de Castro <aperez at igalia.com> writes:
Hi,
>> Committed with these fixes, thanks.
> \o/
;)
> I will post a follow patch updating to version 0.4.0 when I manage to get a
> little bit of spare time, so we can support the package on Musl as well.
Great, thanks.
>> I wonder what kernel namespacing options are required and/or
>> recommended? For required options we should add logic in linux/linux.mk
>> to enable them, and for optional/recommended options it would be good to
>> mention them in the help text.
> Mount namespaces are mandatory (I think those cannot be disabled in the kernel
> config, I'll have to check to be sure), while User, IPC, PID, Network, and UTS
> namespaces are optional.
Ok. Perhaps we should mention something about that in the help text?
> Side note: If User namespaces are enabled in the kernel, we could
> avoid installing the “bwrap” binary setuid root, is this something
> desirable?
I believe so, but there is no simple way to detect that at build time,
so the only thing we can do is to add a sub option to install the bwrap
binary suid or not (default to y) with a help text describing the user
namespace dependency.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list