[Buildroot] [PATCH 1/3] package/bubblewrap: new package

Peter Korsgaard peter at korsgaard.com
Sat Dec 7 13:12:17 UTC 2019

>>>>> "Adrian" == Adrian Perez de Castro <aperez at igalia.com> writes:


 >> Committed with these fixes, thanks.

 > \o/


 > I will post a follow patch updating to version 0.4.0 when I manage to get a
 > little bit of spare time, so we can support the package on Musl as well.

Great, thanks.

 >> I wonder what kernel namespacing options are required and/or
 >> recommended? For required options we should add logic in linux/linux.mk
 >> to enable them, and for optional/recommended options it would be good to
 >> mention them in the help text.

 > Mount namespaces are mandatory (I think those cannot be disabled in the kernel
 > config, I'll have to check to be sure), while User, IPC, PID, Network, and UTS
 > namespaces are optional.

Ok. Perhaps we should mention something about that in the help text?

 > Side note: If User namespaces are enabled in the kernel, we could
 > avoid installing the “bwrap” binary setuid root, is this something
 > desirable?

I believe so, but there is no simple way to detect that at build time,
so the only thing we can do is to add a sub option to install the bwrap
binary suid or not (default to y) with a help text describing the user
namespace dependency.

Bye, Peter Korsgaard

More information about the buildroot mailing list