chroots for testing other OS versions

Joshua Root jmr at macports.org
Fri Nov 18 14:08:07 PST 2011


On 2011-11-19 08:27 , Daniel J. Luke wrote:
> On Nov 18, 2011, at 3:43 PM, Jordan K. Hubbard wrote:
>>
>> Indeed.  We actually keep things pretty compatible at the syscall level from release to release, but I agree that at the minimum, the major version number should match for the host.   What is the current status of trace mode, anyway?  Is it just used to verify destroots, or is it used for more than that?
> 
> The current status is that no one uses it and it's probably bit-rotting :-\

It definitely needs some love, but I think it still works. Running with
-t applies restrictions to all build phases; all access is denied to
anything that isn't either in the list of "system" locations or provided
by a declared dependency, and write access is denied outside of the
workpath.

Things that need doing:

* modern interposing (#29228)
* add a mechanism to allow flexibly specifying (globally and per-port)
sets of files and how they should be treated, e.g. allow/deny for r/w/x
* I suspect it may not wrap every function it should

- Josh


More information about the macports-dev mailing list