/[gentoo]/xml/htdocs/doc/en/handbook/hb-working-features.xml
Gentoo

Diff of /xml/htdocs/doc/en/handbook/hb-working-features.xml

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.4 Revision 1.5
1<!-- The content of this document is licensed under the CC-BY-SA license --> 1<!-- The content of this document is licensed under the CC-BY-SA license -->
2<!-- See http://creativecommons.org/licenses/by-sa/1.0 --> 2<!-- See http://creativecommons.org/licenses/by-sa/1.0 -->
3 3
4<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/handbook/hb-working-features.xml,v 1.4 2003/11/28 16:15:53 swift Exp $ --> 4<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/handbook/hb-working-features.xml,v 1.5 2003/11/30 13:46:29 swift Exp $ -->
5 5
6<sections> 6<sections>
7<section> 7<section>
8<title>DistCC</title> 8<title>DistCC</title>
9<subsection> 9<subsection>
230</pre> 230</pre>
231 231
232</body> 232</body>
233</subsection> 233</subsection>
234</section> 234</section>
235<section>
236<title>Security Related Features</title>
237<subsection>
238<title>Sandbox</title>
239<body>
240
241<p>
242While building and installing packages, Portage uses a <e>sandbox</e> to protect
243your live system. This means that, as long as the package isn't installed on
244your system, the package cannot touch any file outside the sandbox. This
245ensures that Portage knows what files are created and modified by a package.
246</p>
247
248<p>
249When the package compilation is finished, Portage will "preinstall" the package
250in the sandbox, registering what files are placed and where. It will then move
251those files from the sandbox on your live system.
252</p>
253
254</body>
255</subsection>
256<subsection>
257<title>User Privileges</title>
258<body>
259
260<p>
261Portage also supports building packages as non-root user (more precisely, as
262user "portage", group "portage"). This improves the security during the
263build process. You can opt to use user privileges with or without sandboxing. Of
264course, it goes without saying that user privileges and sandboxing is the most
265preferred method :)
266</p>
267
268</body>
269</subsection>
270<subsection>
271<title>Activating sandbox and/or userpriv</title>
272<body>
273
274<p>
275Portage will use <c>sandbox</c> per default. If you want <c>userpriv</c>, you
276should add it to the <c>FEATURES</c> variable. Note that activating
277<c>userpriv</c> will drop <c>sandbox</c> support, unless you also activate
278<c>usersandbox</c>:
279</p>
280
281<pre caption="Activating userpriv and usersandbox">
282FEATURES="userpriv usersandbox"
283</pre>
284
285<warn>
286Do <e>not</e> remove <c>sandbox</c> from the <c>FEATURES</c> variable!
287</warn>
288
289</body>
290</subsection>
291<subsection>
292<title>Strict Checking</title>
293<body>
294
295<p>
296Portage can be asked to react strongly to possibly dangerous conditions (such as
297missing or incorrect Manifest files). To activate this strict checking, add the
298<c>strict</c> keyword to the <c>FEATURES</c> variable:
299</p>
300
301<pre caption="Activating strict checking">
302FEATURES="strict"
303</pre>
304
305</body>
306</subsection>
307</section>
308<section>
309<title>Other Features</title>
310<subsection>
311<title>Portage Help</title>
312<body>
313
314<p>
315There are several other keywords you can place in the <c>FEATURES</c> variable.
316Most of them are targeted towards developers and less interesting for the casual
317user. If you are interested in learning more about these features (or Portage
318generally), don't forget to read the <path>make.conf</path> manpage we provide.
319</p>
320
321<pre caption="More Portage-related information">
322# <i>man make.conf</i>
323</pre>
324
325</body>
326</subsection>
327</section>
235</sections> 328</sections>

Legend:
Removed from v.1.4  
changed lines
  Added in v.1.5

  ViewVC Help
Powered by ViewVC 1.1.20