setting up a chroot jail

Sascha Böhme sascha.boehme at
Wed Jun 13 02:52:15 EDT 2007


although my question may be out of topic, I kindly ask for your help.

I am working on the Google summer of code project to enhance the
HackageDB website, especially by a tool to automatically generate
Haddock documentation. For this to work, it is necessary to set up a
chroot jail, in which packages are unpacked, configured and Haddock
documentation is build. Some packages also need to be build, which could
include running untrustable code.

Up to now, I considered several ideas to set up a chroot jail, but they
all do not fully satisfy my needs or I could not test them on my machine.

Here are my proposals for setting up a chroot environment:
  1) use a hand-written script
  2) use makejail, jail, jailkit (or a similar tool)
  3) use debootstrap
  4) use dpkg to install necessary debian packages

My distribution is gentoo, which is why I did not test 3). However, I
thought that 4) is suitable, although it's very tedious. In fact, it
seems to me like rewriting parts of debian installers. Option 1) is just
not maintainable. Finally, 2) seems to be of use just for servers like
ssh or ftp. I haven't tested it, but I doubt it will work in an 
environment with several different applications like ghc, haddock,
cpphs, happy, ...

Does anyone have an idea how to (automatically, maintainably) set up a
chroot jail for this particular situation? I'm grateful for any help.


More information about the cabal-devel mailing list