[linux-user-chroot: 2/2] TODO: Update

From: Colin Walters <walters src gnome org>
To: commits-list gnome org
Cc:
Subject: [linux-user-chroot: 2/2] TODO: Update
Date: Sat, 5 Sep 2015 15:09:22 +0000 (UTC)

commit 1209d5e8070a7081582b40ccb60b79cb9eb69356
Author: Colin Walters <walters verbum org>
Date:   Sat Sep 5 11:06:52 2015 -0400

    TODO: Update

 TODO |   20 ++++++++++++++++++++
 1 files changed, 20 insertions(+), 0 deletions(-)
---
diff --git a/TODO b/TODO
index e69de29..cc40f87 100644
--- a/TODO
+++ b/TODO
@@ -0,0 +1,20 @@
+Import read only system
+-----------------------
+
+I'd like to make it easy to capture just /usr from the host, without
+e.g. /home or any other network mounts.  Probably the easiest way to
+do this is `--tmpfs-root` or something, and have that auto-create
+mount points for `/dev` etc.  Then one could `--mount-bind /usr /usr`.
+
+seccomp profile +1
+------------------
+
+ - Look at what Chromium/ChromeOS are doing?
+
+Avoid creating any files as root/share tmpfs
+--------------------------------------------
+
+We're creating device nodes owned by root, which means
+quota is counted against root.  Can we share a tmpfs
+that we create as non-root, and ensure every file we
+make is owned by the target uid?

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]