Re: systrace(4) policies in pkgsrc

To: "Greg Troxel" <gdt%ir.bbn.com@localhost>
Subject: Re: systrace(4) policies in pkgsrc
From: "Blair Sadewitz" <blair.sadewitz%gmail.com@localhost>
Date: Tue, 14 Nov 2006 13:20:08 -0500

1) Given the amount of resources, I think it's practical to do this
only for NetBSD for now.

2) I think the setup should be similar to the rc.d scripts:
installation to ${LOCALBASE}/share/systrace unless
PKG_SYSTRACE_POLICIES is set, and then they are installed to
SYSTRACE_POLICIES_DIR, which defaults to ${PKG_SYSCONFBASE}/systrace.
This way users which eventually want to place them on a read-only
filesystem can do so at their convenience, or they can be installed
auto-magically, etc.

3) I think that until they've received a lot of testing, it should be
part of the options framework.  Therefore systrace policies could be
enabled on a per-package basis or globally (PKG_OPTION_DEFAULT vs.
PKG_OPTIONS.pkgname).

--Blair

--
Support WFMU-FM: free-form radio for the masses!

<http://www.wfmu.org/>
91.1 FM Jersey City, NJ
90.1 FM Mt. Hope, NY

"The Reggae Schoolroom":
<http://www.wfmu.org/playlists/RS/>

References:
- systrace(4) policies in pkgsrc
  - From: Blair Sadewitz
- Re: systrace(4) policies in pkgsrc
  - From: Greg Troxel

Prev by Date: Re: systrace(4) policies in pkgsrc
Next by Date: Re: C compiler flags
Previous by Thread: Re: systrace(4) policies in pkgsrc
Next by Thread: Packages I've found that need MAKE_JOBS_SAFE=no
Indexes:

Home | Main Index | Thread Index | Old Index