blob: bb41c2159027696aa1b89b7423d3f5e5b6a4492c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
|
TODO -*- outline -*-
====
Most new TODO items are marked @todo in the source code and listed in
the Doxygen-generated documentation in doc/schroot/html/todo.html
PLANNED
-------
* Add API to run multiple commands to replace auth::run().
* Add extra file permissions checking
Both to run-parts, to ensure that shell scripts are owned by root and
not world writable (as for config files). And also add the same
permissions check to script-config files.
* Generalise permissions checking
Create a standard function which can use either stat, fstat or lstat
and test for particular permissions.
* SCHROOT_CONF error messages must also mention chroot.d.
* Document that database files on the root filesystem must not be
directly shared inside the chroot
- Setup scripts such as 20nssdatabases can blank them out.
* Document all environment variables in schroot-setup(5).
POTENTIAL
---------
* Add tests for
** Auth
** AuthConv
** AuthConvTty
** AuthMessage
** Session
** schroot::Options
None of these are urgent and/or are difficult to test in an automated
fashion. expect might be useful for testing the PAM wrappers.
* Add tests for dchroot and dchroot-dsa classes.
* Line reporting while parsing config files misses file name.
log_warning() is used, because we don't throw an exception. The
code has no knowledge of the file name, so can't report it.
Outright errors throw, and the handler adds the needed context.
* Unify fork/exec code into a spawn function.
* Tests for chroots:
** -source chroots
* logging should allow customisation of log level
See end of Debian Bug #279408.
** log functions should have a severity (to complement existing I/W/E types)
Similar to debug level, but for normal messages
e.g. quiet/normal/verbose/extra verbose.
* Add a read-only mount option for union underlay (both for
devices and bind mounts).
Union: Don't allow overlay/underlay to be user-specified? Or only
allow underlay to be specified (but it's already specified in the
chroot definition, so don't allow?).
Note: Currently user settings are automatically overridden.
Add directories under /var to man pages
Add checks for unsupported features in setup scripts.
Define operator &= and |= for enum types defining | and & operators.
Header include order: chroot-facet depends upon sbuild-chroot being
included first. Try to break this dependency.
--end-session --force should forcibly end "broken" sessions by
manually umounting and purging mount and session directories and
metadata.
Chroot validation does not distinguish between chroots and sessions.
Also, sbuild::session uses find_alias to find chroots, but it should
specifically look for either chroots or sessions (and potentially
also source chroots). Teach sbuild::chroot_config to treat all these
separately. Aliases are only useful for SESSION_AUTOMATIC and BEGIN.
|
