[OE-core] [PATCH] package_ipk: allow to specify OPKG_ARGS in local.conf

Burton, Ross ross.burton at intel.com
Wed Dec 2 23:19:08 UTC 2015


On 2 December 2015 at 23:16, Alejandro del Castillo <
alejandro.delcastillo at ni.com> wrote:

> > Whilst the patch is fine, this is worrying as noexec /tmp shouldn't
> break opkg.
> > Maybe opkg should be changed to use something in /var for the scripts?
>
> Could you expand on why it's better to use /var instead of /tmp as the
> default
> sandbox location for opkg? I believe dpkg uses /var/lib/ and would like to
> understand why that's better (to change opkg, if it makes sense)


Well in this case it's fairly common to mount /tmp as noexec on security
grounds, and to be limited in size (say a small tmpfs), whereas /var
generally has less restrictions.

Ross
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openembedded.org/pipermail/openembedded-core/attachments/20151202/89521b58/attachment-0002.html>


More information about the Openembedded-core mailing list