setting up a chroot jail
Sascha Böhme
sascha.boehme at gmx.de
Wed Jun 13 02:52:15 EDT 2007
Hello,
although my question may be out of topic, I kindly ask for your help.
I am working on the Google summer of code project to enhance the
HackageDB website, especially by a tool to automatically generate
Haddock documentation. For this to work, it is necessary to set up a
chroot jail, in which packages are unpacked, configured and Haddock
documentation is build. Some packages also need to be build, which could
include running untrustable code.
Up to now, I considered several ideas to set up a chroot jail, but they
all do not fully satisfy my needs or I could not test them on my machine.
Here are my proposals for setting up a chroot environment:
1) use a hand-written script
2) use makejail, jail, jailkit (or a similar tool)
3) use debootstrap
4) use dpkg to install necessary debian packages
My distribution is gentoo, which is why I did not test 3). However, I
thought that 4) is suitable, although it's very tedious. In fact, it
seems to me like rewriting parts of debian installers. Option 1) is just
not maintainable. Finally, 2) seems to be of use just for servers like
ssh or ftp. I haven't tested it, but I doubt it will work in an
environment with several different applications like ghc, haddock,
cpphs, happy, ...
Does anyone have an idea how to (automatically, maintainably) set up a
chroot jail for this particular situation? I'm grateful for any help.
Thanks,
Sascha
More information about the cabal-devel
mailing list