DNS lookups inside a chroot
William Siegrist
wsiegrist at apple.com
Mon Apr 18 08:32:28 PDT 2011
On Apr 18, 2011, at 3:42 AM, Rainer Müller wrote:
> On 04/17/2011 11:25 PM, Jordan K. Hubbard wrote:
>> Perhaps a better idea would be to enhance trace mode such that it
>> "faults in" stuff on demand into a run-specific staging area.
>> Read-only opens of the files in the system would succeed, of course,
>> it being only creations or rw/append opens which forced the copy,
>> which means it wouldn't run all that slowly either. What's the
>> current behavior of trace mode across fork/exec boundaries? Do the
>> children get the properly interposed library such that they're also
>> talking to the trace bits rather than the filesystem APIs directly?
>
> Trace mode relies on DYLD_INSERT_LIBRARIES being passed to children in
> the environment. Then the loader overrides the syscall wrappers from
> libSystem with our own implementation.
This reminds me... The trace code should probably be updated to the "modern" interposing method. You can see the DARWINTRACE_INTERPOSE macro as an example here:
http://darwinbuild.macosforge.org/trac/browser/trunk/darwintrace/darwintrace.c
Also, as for using Xcode in a chroot, the original darwintrace implements a "soft chroot" that darwinbuild uses to let Xcode escape the chroot for its own files but nothing else. See the darwintrace_redirect_path function at the above link.
-Bill
More information about the macports-dev
mailing list