nALFS Patch - nALFS-1.1.8-rootfix.patch (0/1)

Kevin P. Fleming kpfleming at
Sun Nov 2 14:30:33 PST 2003

Gerard Beekmans wrote:

> I think nALFS should chroot with a clear environment. Many variables do
> not mean anything inside chroot, but they can affect the way programs
> behave as the vars might indicate some sort of system configuration that
> does not apply inside a chroot environment. If you need var set, set
> them explictly in a profile, don't rely on an environment setup from
> outside of chroot. I think such an assumption may cause all kinds of
> side-effects.

I won't disagree; after looking over my profiles I can see some places 
where it would be of benefit to clear out the environment on chroot().

To answer Neven's question about clearenv(), it appeared in glibc 2.0, 
but does not seem to be in POSIX or SUS at all. It also is stated in the 
clearenv() man page that it's not really necessary, so I think setting 
environ to NULL is probably adequate.

If the syntax doc (meaning the ALFS "standard") says that the <root> 
element starts with a clear environment, then that means that nALFS will 
have to be changed, because <stage> currently applies <environment> 
before <root>. The DTD, however, does say that <root> comes before 
<user>, which comes before <environment>, and this would imply that any 
ALFS profile-using tool should apply them in that order as well.

More information about the alfs-discuss mailing list