please, give me hint simplest , lightest solution isolate linux shell script (usually ubuntu in case has smth special)
what mean isolation: 1. filesystem - important - want cannot access folders (read) outside workspace except manually configure in way 2. actually, other types of isolation not matter
it ok "soft" isolation, mean script may fail/aborted if trying access(read) denied paths, "hard" isolation "not found" such attempts looks cleaner solution
i not need process isolations, script may use sudo/fakeroot/etc. inside it, should not affect isolation.
also, plan use different isolations inside 1 workspace:
for ex., have folders:
a/ b/ include/ target/ i want make a giving access "a"(rw), "include"(r) , "target" (rw+sudo) make b giving access "b"(rw), "include"(r) , "target" (rw+sudo)
and target both results , b, allowing b overwrite of results of - same if there no isolation
the target of isolation i'm talking prevent b reading a, knowing there , vice versa
thanks!
two different users , ssh simple way solve problem. 1 of key benefits start "clean" environment in new shell.
ssh <user_a>@localhost '<path_to_build_script_a>' ssh <user_b>@localhost '<path_to_build_script_b>' user , b must both members of group owns common directories.
note it's directory write permission decide if user can create new files inside directory.
edit: 2013-07-29
for lots of sequential isolated builds in case, 1 solution have suggested; automate file permission changes each build have access files , folders should.
Comments
Post a Comment