source: trunk/debathena/third/schroot/NEWS @ 24167

Revision 24167, 20.5 KB checked in by broder, 15 years ago (diff)
Import schroot upstream into subversion.
Line 
1NEWS                                                            -*- outline -*-
2----
3
4Welcome to schroot 1.3.1.  Please read these release notes carefully.
5
6Full installation instructions are provided in the INSTALL file.  The
7README file also contains more specific notes regarding building and
8configuration.
9
10* Major changes in 1.3.1:
11
12  1) Kernel personality support should now work on non-Linux
13     architectures such as kfreebsd.
14
15* Major changes in 1.3.0:
16
17  None.
18
19* Major changes in 1.3.0-rc1:
20
21
22  1) Exec scripts have been removed.  Unlike setup scripts, these
23     scripts were never used, and there are no known uses for them.
24     Removing them will improve the performance of schroot.  The
25     run-exec-scripts configuration option is no longer used, but
26     is still permitted to be used until it is obsoleted in a
27     future release.
28
29  2) Setup scripts are now always run for all chroot types except
30     "plain".  In practice, scripts were required for all types
31     except "plain" in order to function correctly.  The ability to
32     configure this is not useful and so setting run-setup-scripts is
33     now deprecated in schroot.conf.  It may still be set for backward
34     compatibility, but it has no effect and will be removed in the
35     future.
36
37  3) Chroot configuration files in /etc/schroot/chroot.d are not
38     loaded if they are backup files or dpkg conffile backups.
39
40  4) Support for GCC versions prior to 3.4 has been removed.
41
42  5) System databases are copied into the chroot using the getent
43     program to use the appropriate name service switch (NSS) modules
44     to get the data, rather than just copying the files.  This means
45     all NSS database sources are supported, including NIS and LDAP.
46
47  6) Setup script output is logged to stderr which prevents schroot
48     outputting to stdout when run with verbose logging enabled.
49
50  7) Most schroot features are compiled conditionally, which should
51     ease porting to non-Linux platforms.
52
53  8) Support for union filesystems has been added (aufs and unionfs).
54     This permits the use of read-only block-device, directory and
55     loopback chroots with a temporary writable overlay.  For "scratch"
56     temporary chroots, this method is recommended over the existing
57     LVM snapshot support.  It is considered to be faster, more
58     robust, and uses less disc space.
59
60  9) The "command-prefix" option no longer requires an absolute path
61     to the command.  It will use the normal search path inside the
62     chroot to locate the command.
63
64 10) When creating a session, the users in "users", "root-users", and
65     groups in "groups" and "root-groups" are no longer preserved.
66     The user requesting access will be the sole user listed in
67     "users" for the session; however, if the user was in "root-users"
68     or "root-groups", they will be added to "root-users" instead.
69     This ensures that only the user creating the session will have
70     access, so that other users having access to the chroot will not
71     also automatically gain access to other users sessions.
72
73* Major changes in 1.2.3:
74
75  None.
76
77* Major changes in 1.2.2:
78
79  None.
80
81* Major changes in 1.2.1:
82
83  1) A new chroot type, "loopback", has been added.  This is similar
84     to the "block-device" type, but allows for loopback mounting of
85     filesystems contained within regular files.
86
87  2) "lvm-snapshot" chroot types now clean up correctly in the case of
88     failures during setup.
89
90* Major changes in 1.2.0:
91
92  1) In addition to /etc/schroot/schroot.conf, chroot definitions may
93     be placed in separate files under /etc/schroot/chroot.d to enable
94     packages and system administrators to easily make new chroots
95     available to schroot.
96
97  2) Configuration files may now be symlinks as well as regular files.
98
99  3) schroot now builds with GCC 4.3.
100
101  4) All setup and exec scripts source and use the script
102     configuration file specified with the script-config configuration
103     key.
104
105* Major changes in 1.1.6:
106
107  1) Relicence under the GNU General Public License, version 3 or
108     later.
109
110  2) Per-chroot custom mountpoints are now possible through the use of
111     an fstab file.  This may be used to mount or bind mount any
112     filesystem within the chroot with the assistance of a helper
113     utility, schroot-mount.  Set FSTAB=fstab in the script-config
114     file to specify which file to use.
115
116  3) Per-chroot custom file copying is now supported.  Set
117     COPYFILES=file in the script-config file to specify a file
118     containing a list of files to copy from the host system into the
119     chroot.  This change merged the 20network and 30passwd setup
120     scripts into a single script, 20copyfiles.  If you previously
121     customised either of these scripts, the changes will need to be
122     copied over to the new files.
123
124  4) If invalid options are used in schroot.conf, warnings will be
125     printed, rather than simply ignoring them.
126
127* Major changes in 1.1.5:
128
129  1) A "script-config" option has been added to allow customisation of
130     the chroot setup and execution scripts on a per-chroot basis.
131     See schroot.conf(5) for further details.
132
133  2) A --session-name has been added to allow naming sessions when
134     using --begin-session.  This replaces the automatically-generated
135     chroot-UUID session name.
136
137* Major changes in 1.1.4:
138
139  1) When ending a session, processes still running in the chroot are
140     terminated.
141
142* Major changes in 1.1.3:
143
144  Bugfixes and translation updates only.
145
146* Major changes in 1.1.2:
147
148  Bugfixes and translation updates only.
149
150* Major changes in 1.1.1:
151
152  1) For dchroot and dchroot-dsa, the syslog logging of the command or
153     shell being run in the chroot now only occurs when running as
154     root or switching to another user.  If the user is the same
155     inside and outside the chroot, and not root, the command or shell
156     being run will not be logged.
157
158  2) Using symbolic links in the mount path (SCHROOT_MOUNT_DIR) will
159     no longer result in severe dataloss.
160
161  3) User-defined filtering of the chroot environment is now permitted
162     using the environment-filter key in the configuration file, which
163     uses a regular expression to identify environment variables for
164     removal.
165
166  4) The environment variables SCHROOT_COMMAND, SCHROOT_USER,
167     SCHROOT_GROUP, SCHROOT_UID and SCHROOT_GID are set inside the
168     chroot specifying the command being run, the user name, group
169     name, user ID and group ID, respectively.
170
171* Major changes in 1.1.0:
172
173  1) Authentication now uses the Controlling TTY (/dev/tty) for
174     communication with the user.  This means PAM interaction with the
175     user will work even if stdin, stdout and stderr are all
176     redirected.  If authentication is required and no CTTY is
177     available, it will fail (due to authentication being an
178     interactive process).
179
180  2) The syslog logging of the command or shell being run in the
181     chroot now only occurs when running as root or switching to
182     another user.  If the user is the same inside and outside the
183     chroot, and not root, the command or shell being run will not be
184     logged.
185
186  3) A --directory option has been added to schroot, dchroot and
187     dchroot-dsa.  This option allows the user to explictly specify
188     the working directory inside the chroot.
189
190* Major changes in 1.0.6:
191
192  Bugfixes only.
193
194* Major changes in 1.0.5:
195
196  Bugfixes only.
197
198* Major changes in 1.0.4:
199
200  1) Using symbolic links in the mount path (SCHROOT_MOUNT_DIR) will
201     no longer result in severe dataloss.
202
203  2) LSB init script functions are now used.
204
205* Major changes in 1.0.3:
206
207  1) For dchroot and dchroot-dsa, the syslog logging of the command or
208     shell being run in the chroot now only occurs when running as
209     root or switching to another user.  If the user is the same
210     inside and outside the chroot, and not root, the command or shell
211     being run will not be logged.
212
213* Major changes in 1.0.2:
214
215  1) The syslog logging of the command or shell being run in the
216     chroot now only occurs when running as root or switching to
217     another user.  If the user is the same inside and outside the
218     chroot, and not root, the command or shell being run will not be
219     logged.
220
221  2) A --directory option has been added to schroot, dchroot and
222     dchroot-dsa.  This option allows the user to explictly specify
223     the working directory inside the chroot.
224
225* Major changes in 1.0.1:
226
227  Bugfixes and translation updates only.
228
229* Major changes in 1.0.0:
230
231  Bugfixes and translation updates only.
232
233* Major changes in 0.99.4:
234
235  1) All errors in the configuration file now show the full details of
236     the problem, including the exact line number, group and key.
237
238  2) Duplicate groups and keys with groups are now treated as errors.
239
240  3) The terminal state is only saved and restored when running a
241     login shell.  It is no longer saved and restored when running
242     commands.  This is to correct the problem of schroot being
243     stopped when running in the background while restoring the
244     terminal settings.
245
246  4) Child processes are now terminated when SIGTERM is received, in
247     addition to SIGHUP.
248
249* Major changes in 0.99.3:
250
251  1) A new chroot type, "directory", has been added.  This is the same
252     as the "plain" type, but additionally allows filesystem mounting
253     when setup scripts are enabled.
254
255  2) A further dchroot compatibility issue has been corrected.
256     Multiple command options specified on the command line are
257     concatenated into a single command, separated by spaces.
258
259* Major changes in 0.99.2:
260
261  1) A --debug option has been added to all programs.  Its use is
262     documented in the manual pages.
263
264  2) When errors are found in the chroot configuration, the line
265     number in the configuration file is now reported.
266
267  3) The use of run-parts(8) is no longer needed.  This should make
268     the package portable to non-Debian systems.
269
270* Major changes in 0.99.1:
271
272  1) A dchroot-dsa compatibility mode has been implemented.  This
273     behaves in the same manner as the DSA dchroot program, and is
274     useful for backward compatibility with DSA dchroot, as well as
275     migrating from DSA dchroot.
276
277  2) The dchroot program is now compatible with the command-line
278     syntax of older versions, and also matches the older behaviour of
279     which directory is used inside the chroot.  The behaviour is
280     documented in the manual page.
281
282  3) In addition to "groups" and "root-groups" options for controlling
283     chroot access, "users" and "root-users" have been added for finer
284     control over access.  Corresponding "source-users" and
285     "source-root-users" options have been added for source chroots.
286
287  4) Files, Devices and Locations in schroot.conf must be absolute
288     pathnames.  Relative names are a security risk, because the
289     behaviour may vary depending on the current working directory.
290     It was previously the sysadmin's responsibility to set these
291     correctly, but this rule is now strictly enforced.
292
293* Major changes in 0.99.0:
294
295  1) In order to support running 32-bit chroots on 64-bit systems, a
296     "personality" option has been added.  This may be set to
297     "linux32" to run a 32-bit Linux chroot on an amd64 system, for
298     example.
299
300  2) dchroot has an additional personality field in dchroot.conf.
301     This may also be set to linux32 to achieve the same effect as the
302     personality setting in schroot.conf.
303
304  3) The root user can access all chroots, even when the root group is
305     omitted from the groups or root_groups lists.  Authentication is
306     still required, but by default is skipped due to using
307     pam_rootok.so in the PAM configuration.
308
309  4) Session recovery is only performed at system startup, not on
310     upgrades.  This prevents upgrades interfering with active
311     sessions.
312
313* Major changes in 0.2.11:
314
315  1) The 10mount script, used to unmount filesystem in a chroot, will
316     exit with an error if unmounting fails (for safety).  It also
317     uses /proc/mounts (via a new program, schroot-listmounts) to
318     ensure all filesystems in the chroot are unmounted.
319
320  2) The 05file script, used to unpack and repack chroot archives,
321     will use schroot-listmounts to check if any filesystems are
322     mounted before purging the chroot.  This is in order to avoid
323     dataloss.
324
325  3) Setup scripts can now abort on failure during cleanup (exec-stop
326     and setup-stop phases).  Previously the scripts continued in the
327     face of failure, and broken sessions were removed.  Broken
328     sessions which failed to clean up must now be removed by the
329     system administrator (which was required previously; it just
330     wasn't apparent), or the session can be ended again once the
331     problem has been rectified.
332
333* Major changes in 0.2.10:
334
335  Bugfixes only.
336
337* Major changes in 0.2.9:
338
339  1) The package now compiles with older compilers, such as GCC 3.3
340     and 3.4.
341
342  2) If the current working directory does not exist inside the
343     chroot, the user's home directory ($HOME, home directory in
344     passwd, or /) will be used when running a login shell.  If
345     running a command and the directory does not exist, schroot will
346     exit with an error.
347
348* Major changes in 0.2.8:
349
350  Bugfixes only.
351
352* Major changes in 0.2.7:
353
354  Bugfixes only.
355
356* Major changes in 0.2.6:
357
358  1) For all chroot types, a "command-prefix" option has been added.
359     This is a command to prefix to all commands run inside the
360     chroot.
361
362  2) The scripts run before and after executing a command or shell in
363     the chroot have been moved from /etc/schroot/run.d to
364     /etc/schroot/exec.d.  The corresponding configuration option in
365     schroot.conf has been renamed from "run-session-scripts" to
366     "run-exec-scripts".  This change was to reduce ambiguity in the
367     naming, to make it easier to understand and configure.
368
369  3) The session operations "--recover-session", "--run-session", and
370     "--end-session" now allow multiple chroots to be specified with
371     "--chroot", rather than just one.
372
373  4) The "file" and "lvm-snapshot" chroot types both implement "source
374     chroots", to provide access to the source block device and
375     archive file, respectively.  The "source-groups" and
376     "source-root-groups" options have been added to set the "groups"
377     and "root-groups" options for the source chroot.
378
379  5) The "file" chroot, when accessed as a source chroot using the
380     "-source" suffix, will now automatically repack itself into a new
381     archive file on ending a session.
382
383* Major changes in 0.2.5:
384
385  1) The output of "--info" now displays a "Path" line if available.
386     This is the location of the chroot in the filesystem.
387
388* Major changes in 0.2.4:
389
390  1) For "block-device" and "lvm-snapshot" type chroots, it is now
391     possible to add a "location" configuration option to specify the
392     location of the chroot within the device filesystem, rather than
393     assuming the location is always the root.  This allows multiple
394     chroots to be stored on a single LVM LV, for example.
395
396  2) For "plain" chroots, if setup scripts (run-setup-scripts) is
397     enabled, session management is also enabled.  This is not true
398     session management, because it uses bind mounts rather than a
399     copy of the chroot, so should be used with caution, but will make
400     concurrent access to the chroot with session scripts enabled
401     rather more useful.
402
403* Major changes in 0.2.3:
404
405  1) A dchroot compatibility mode has been implemented.  This behaves
406     in the same manner as the dchroot program, and is useful for
407     backward compatibility with dchroot, as well as migrating from
408     dchroot.
409
410  2) Access to the source device of an "lvm-snapshot" type chroot is
411     simplified.  For a chroot named "snap", a "block-device" type
412     chroot named "snap-source" is created for easy access to the
413     source device.
414
415  3) The output of "--info" now includes a "Session Managed" line,
416     which is true if full session management is available, or false
417     otherwise.
418
419* Major changes in 0.2.2:
420
421  1) Session metadata is now correctly saved and restored.
422
423  2) New option "--config" to dump chroot configuration, in the same
424     manner as "--info".  This is useful to test if the configuration
425     you put in schroot.conf is what schroot is actually parsing.
426
427  3) Session-managed chroot types ("file" and "lvm-snapshot") now run
428     setup and session scripts by default.  It was previously disabled
429     for all chroot types for safety reasons.  It's considered safe
430     for these types due to their ephemeral nature.
431
432* Major changes in 0.2.1:
433
434  1) Creating a session now returns a zero exit status on success.
435
436* Major changes in 0.2.0:
437
438  1) A new chroot type, "file", has been added, to allow chroots to be
439     created by unpacking a file archive, such as a tar or zip file.
440
441  2) The source has been rewritten in C++, and documented with
442     Doxygen.
443
444  3) A testsuite has been added to unit test as much functionality as
445     is reasonably possible.
446
447* Major changes in 0.1.7:
448
449  1) The chroots now implement locking to restrict access to chroots
450     which are already in use.
451
452  2) The "current-users" and "max-users" configuration options have
453     been removed.  These have been obsoleted by chroot locking.
454
455  3) The command-line options "--all-chroots" and "--all-sessions"
456     have been added, which have similar behaviour to "--all", but
457     selects all chroots and all active sessions, respectively.
458
459  4) Session creation, use and removal is now available for LVM
460     snapshot chroots, using the options documented in schroot(1).
461
462  5) The session commands also work with non-session-based chroot
463     types (plain and block-device), but is equivalent to using the
464     chroot normally.
465
466  6) An init script is used to recover (restore) session chroots at
467     system startup.
468
469  7) If no chroot is specified, schroot will fall back to using the
470     "default" chroot.  Adding a "default" alias to an existing chroot
471     will make this chroot the default.
472
473* Major changes in 0.1.6:
474
475  1) Setup scripts may be run on startup and shutdown and before and
476     after a command in order to perform setup tasks such as
477     configuring the chroot and mounting filesystems.  These are
478     stored in /etc/schroot/setup.d and /etc/schroot/run.d, and run
479     using run-parts(8).  New scripts may easily be added by the
480     system administrator.  See schroot-setup(5).
481
482  2) Different types of chroots are now supported.  The current types
483     are "plain" (the default, which is the type supported by previous
484     releases), "block-device" (a block device mounted on the fly) and
485     "lvm-snapshot" (and LVM snapshot of an LV made on the fly).
486
487* Major changes in 0.1.5:
488
489  1) The authentication system has been extended to remove the
490     dependency upon libpam_misc.  There are no user-visible changes.
491
492  2) The root user (uid 0) no longer has special priveleges during
493     authentication.  If the root user should have special priveleges
494     (such as not requiring authentication to change to any other
495     user), do the following:
496
497     - uncomment the pam_rootok.so line in pam.d/schroot.  This will
498       disable the requirement for root authentication.
499     - add root to groups (root_groups membership is redundant), so
500       that root is allowed access.
501
502  3) The configuration file, /etc/schroot.conf has been moved to
503     /etc/schroot/schroot.conf.  This should be moved automatically
504     when upgrading the Debian package.
505
506  4) A new directory, /etc/schroot/setup.d has been added.  This
507     contains scripts to perform setup and cleanup tasks in the
508     chroot, which are run with run-parts(8).  This provides an
509     easy was to configure and customise chroots.
510
511* Major changes in 0.1.4:
512
513  1) A new chroot configuration option, "priority", has been added.
514     This is intended for use with sbuild, to indicate whether the
515     distribution in a chroot is older than the distribution in
516     another chroot.
517  2) The printed messages displaying the command or shell being run
518     now correctly inform the user if the shell is a login shell or
519     not.
520
521* Major changes in 0.1.3:
522
523  1) HOME, LOGNAME and USER are set in the environment if the old
524     environment is not being preserved.
525  2) schroot now aborts earlier if no chroots are defined in
526     schroot.conf, rather than failing with a confusing failed
527     assertion error.
528  3) An option parsing bug which could sometimes cause a crash has
529     been fixed.
530
531* Major changes in 0.1.2:
532
533  1) Support for gettext has been added, to allow localisation into
534     any language.
535  2) If a command is specified, it will be searched for in $PATH.
536     Previously, an absolute path was always required.
537
538* Major changes in 0.1.1:
539
540  1) Add a large number of pointer checks.
541
542* Major changes in 0.1.0:
543
544  1) Initial release.
545  2) Debian packaging created.
Note: See TracBrowser for help on using the repository browser.