source: trunk/debathena/third/schroot/NEWS @ 24314

Revision 24314, 20.8 KB checked in by geofft, 12 years ago (diff)
In schroot: * Merge with Debian unstable; remaining changes: - Backport to Karmic, and adjust build-deps.
1NEWS                                                            -*- outline -*-
4Welcome to schroot 1.4.0.  Please read these release notes carefully.
6Full installation instructions are provided in the INSTALL file.  The
7README file also contains more specific notes regarding building and
10* Major changes in 1.4.0:
12  None.  For users upgrading from the previous stable release (1.2.x),
13  please read the changes made since 1.2.3.  Changes to the
14  configuration file format may require some small changes to your
15  existing configuration.
17* Major changes in 1.3.2:
19  None.
21* Major changes in 1.3.1:
23  1) Kernel personality support should now work on non-Linux
24     architectures such as kfreebsd.
26* Major changes in 1.3.0:
28  None.
30* Major changes in 1.3.0-rc1:
33  1) Exec scripts have been removed.  Unlike setup scripts, these
34     scripts were never used, and there are no known uses for them.
35     Removing them will improve the performance of schroot.  The
36     run-exec-scripts configuration option is no longer used, but
37     is still permitted to be used until it is obsoleted in a
38     future release.
40  2) Setup scripts are now always run for all chroot types except
41     "plain".  In practice, scripts were required for all types
42     except "plain" in order to function correctly.  The ability to
43     configure this is not useful and so setting run-setup-scripts is
44     now deprecated in schroot.conf.  It may still be set for backward
45     compatibility, but it has no effect and will be removed in the
46     future.
48  3) Chroot configuration files in /etc/schroot/chroot.d are not
49     loaded if they are backup files or dpkg conffile backups.
51  4) Support for GCC versions prior to 3.4 has been removed.
53  5) System databases are copied into the chroot using the getent
54     program to use the appropriate name service switch (NSS) modules
55     to get the data, rather than just copying the files.  This means
56     all NSS database sources are supported, including NIS and LDAP.
58  6) Setup script output is logged to stderr which prevents schroot
59     outputting to stdout when run with verbose logging enabled.
61  7) Most schroot features are compiled conditionally, which should
62     ease porting to non-Linux platforms.
64  8) Support for union filesystems has been added (aufs and unionfs).
65     This permits the use of read-only block-device, directory and
66     loopback chroots with a temporary writable overlay.  For "scratch"
67     temporary chroots, this method is recommended over the existing
68     LVM snapshot support.  It is considered to be faster, more
69     robust, and uses less disc space.
71  9) The "command-prefix" option no longer requires an absolute path
72     to the command.  It will use the normal search path inside the
73     chroot to locate the command.
75 10) When creating a session, the users in "users", "root-users", and
76     groups in "groups" and "root-groups" are no longer preserved.
77     The user requesting access will be the sole user listed in
78     "users" for the session; however, if the user was in "root-users"
79     or "root-groups", they will be added to "root-users" instead.
80     This ensures that only the user creating the session will have
81     access, so that other users having access to the chroot will not
82     also automatically gain access to other users sessions.
84* Major changes in 1.2.3:
86  None.
88* Major changes in 1.2.2:
90  None.
92* Major changes in 1.2.1:
94  1) A new chroot type, "loopback", has been added.  This is similar
95     to the "block-device" type, but allows for loopback mounting of
96     filesystems contained within regular files.
98  2) "lvm-snapshot" chroot types now clean up correctly in the case of
99     failures during setup.
101* Major changes in 1.2.0:
103  1) In addition to /etc/schroot/schroot.conf, chroot definitions may
104     be placed in separate files under /etc/schroot/chroot.d to enable
105     packages and system administrators to easily make new chroots
106     available to schroot.
108  2) Configuration files may now be symlinks as well as regular files.
110  3) schroot now builds with GCC 4.3.
112  4) All setup and exec scripts source and use the script
113     configuration file specified with the script-config configuration
114     key.
116* Major changes in 1.1.6:
118  1) Relicence under the GNU General Public License, version 3 or
119     later.
121  2) Per-chroot custom mountpoints are now possible through the use of
122     an fstab file.  This may be used to mount or bind mount any
123     filesystem within the chroot with the assistance of a helper
124     utility, schroot-mount.  Set FSTAB=fstab in the script-config
125     file to specify which file to use.
127  3) Per-chroot custom file copying is now supported.  Set
128     COPYFILES=file in the script-config file to specify a file
129     containing a list of files to copy from the host system into the
130     chroot.  This change merged the 20network and 30passwd setup
131     scripts into a single script, 20copyfiles.  If you previously
132     customised either of these scripts, the changes will need to be
133     copied over to the new files.
135  4) If invalid options are used in schroot.conf, warnings will be
136     printed, rather than simply ignoring them.
138* Major changes in 1.1.5:
140  1) A "script-config" option has been added to allow customisation of
141     the chroot setup and execution scripts on a per-chroot basis.
142     See schroot.conf(5) for further details.
144  2) A --session-name has been added to allow naming sessions when
145     using --begin-session.  This replaces the automatically-generated
146     chroot-UUID session name.
148* Major changes in 1.1.4:
150  1) When ending a session, processes still running in the chroot are
151     terminated.
153* Major changes in 1.1.3:
155  Bugfixes and translation updates only.
157* Major changes in 1.1.2:
159  Bugfixes and translation updates only.
161* Major changes in 1.1.1:
163  1) For dchroot and dchroot-dsa, the syslog logging of the command or
164     shell being run in the chroot now only occurs when running as
165     root or switching to another user.  If the user is the same
166     inside and outside the chroot, and not root, the command or shell
167     being run will not be logged.
169  2) Using symbolic links in the mount path (SCHROOT_MOUNT_DIR) will
170     no longer result in severe dataloss.
172  3) User-defined filtering of the chroot environment is now permitted
173     using the environment-filter key in the configuration file, which
174     uses a regular expression to identify environment variables for
175     removal.
177  4) The environment variables SCHROOT_COMMAND, SCHROOT_USER,
178     SCHROOT_GROUP, SCHROOT_UID and SCHROOT_GID are set inside the
179     chroot specifying the command being run, the user name, group
180     name, user ID and group ID, respectively.
182* Major changes in 1.1.0:
184  1) Authentication now uses the Controlling TTY (/dev/tty) for
185     communication with the user.  This means PAM interaction with the
186     user will work even if stdin, stdout and stderr are all
187     redirected.  If authentication is required and no CTTY is
188     available, it will fail (due to authentication being an
189     interactive process).
191  2) The syslog logging of the command or shell being run in the
192     chroot now only occurs when running as root or switching to
193     another user.  If the user is the same inside and outside the
194     chroot, and not root, the command or shell being run will not be
195     logged.
197  3) A --directory option has been added to schroot, dchroot and
198     dchroot-dsa.  This option allows the user to explictly specify
199     the working directory inside the chroot.
201* Major changes in 1.0.6:
203  Bugfixes only.
205* Major changes in 1.0.5:
207  Bugfixes only.
209* Major changes in 1.0.4:
211  1) Using symbolic links in the mount path (SCHROOT_MOUNT_DIR) will
212     no longer result in severe dataloss.
214  2) LSB init script functions are now used.
216* Major changes in 1.0.3:
218  1) For dchroot and dchroot-dsa, the syslog logging of the command or
219     shell being run in the chroot now only occurs when running as
220     root or switching to another user.  If the user is the same
221     inside and outside the chroot, and not root, the command or shell
222     being run will not be logged.
224* Major changes in 1.0.2:
226  1) The syslog logging of the command or shell being run in the
227     chroot now only occurs when running as root or switching to
228     another user.  If the user is the same inside and outside the
229     chroot, and not root, the command or shell being run will not be
230     logged.
232  2) A --directory option has been added to schroot, dchroot and
233     dchroot-dsa.  This option allows the user to explictly specify
234     the working directory inside the chroot.
236* Major changes in 1.0.1:
238  Bugfixes and translation updates only.
240* Major changes in 1.0.0:
242  Bugfixes and translation updates only.
244* Major changes in 0.99.4:
246  1) All errors in the configuration file now show the full details of
247     the problem, including the exact line number, group and key.
249  2) Duplicate groups and keys with groups are now treated as errors.
251  3) The terminal state is only saved and restored when running a
252     login shell.  It is no longer saved and restored when running
253     commands.  This is to correct the problem of schroot being
254     stopped when running in the background while restoring the
255     terminal settings.
257  4) Child processes are now terminated when SIGTERM is received, in
258     addition to SIGHUP.
260* Major changes in 0.99.3:
262  1) A new chroot type, "directory", has been added.  This is the same
263     as the "plain" type, but additionally allows filesystem mounting
264     when setup scripts are enabled.
266  2) A further dchroot compatibility issue has been corrected.
267     Multiple command options specified on the command line are
268     concatenated into a single command, separated by spaces.
270* Major changes in 0.99.2:
272  1) A --debug option has been added to all programs.  Its use is
273     documented in the manual pages.
275  2) When errors are found in the chroot configuration, the line
276     number in the configuration file is now reported.
278  3) The use of run-parts(8) is no longer needed.  This should make
279     the package portable to non-Debian systems.
281* Major changes in 0.99.1:
283  1) A dchroot-dsa compatibility mode has been implemented.  This
284     behaves in the same manner as the DSA dchroot program, and is
285     useful for backward compatibility with DSA dchroot, as well as
286     migrating from DSA dchroot.
288  2) The dchroot program is now compatible with the command-line
289     syntax of older versions, and also matches the older behaviour of
290     which directory is used inside the chroot.  The behaviour is
291     documented in the manual page.
293  3) In addition to "groups" and "root-groups" options for controlling
294     chroot access, "users" and "root-users" have been added for finer
295     control over access.  Corresponding "source-users" and
296     "source-root-users" options have been added for source chroots.
298  4) Files, Devices and Locations in schroot.conf must be absolute
299     pathnames.  Relative names are a security risk, because the
300     behaviour may vary depending on the current working directory.
301     It was previously the sysadmin's responsibility to set these
302     correctly, but this rule is now strictly enforced.
304* Major changes in 0.99.0:
306  1) In order to support running 32-bit chroots on 64-bit systems, a
307     "personality" option has been added.  This may be set to
308     "linux32" to run a 32-bit Linux chroot on an amd64 system, for
309     example.
311  2) dchroot has an additional personality field in dchroot.conf.
312     This may also be set to linux32 to achieve the same effect as the
313     personality setting in schroot.conf.
315  3) The root user can access all chroots, even when the root group is
316     omitted from the groups or root_groups lists.  Authentication is
317     still required, but by default is skipped due to using
318 in the PAM configuration.
320  4) Session recovery is only performed at system startup, not on
321     upgrades.  This prevents upgrades interfering with active
322     sessions.
324* Major changes in 0.2.11:
326  1) The 10mount script, used to unmount filesystem in a chroot, will
327     exit with an error if unmounting fails (for safety).  It also
328     uses /proc/mounts (via a new program, schroot-listmounts) to
329     ensure all filesystems in the chroot are unmounted.
331  2) The 05file script, used to unpack and repack chroot archives,
332     will use schroot-listmounts to check if any filesystems are
333     mounted before purging the chroot.  This is in order to avoid
334     dataloss.
336  3) Setup scripts can now abort on failure during cleanup (exec-stop
337     and setup-stop phases).  Previously the scripts continued in the
338     face of failure, and broken sessions were removed.  Broken
339     sessions which failed to clean up must now be removed by the
340     system administrator (which was required previously; it just
341     wasn't apparent), or the session can be ended again once the
342     problem has been rectified.
344* Major changes in 0.2.10:
346  Bugfixes only.
348* Major changes in 0.2.9:
350  1) The package now compiles with older compilers, such as GCC 3.3
351     and 3.4.
353  2) If the current working directory does not exist inside the
354     chroot, the user's home directory ($HOME, home directory in
355     passwd, or /) will be used when running a login shell.  If
356     running a command and the directory does not exist, schroot will
357     exit with an error.
359* Major changes in 0.2.8:
361  Bugfixes only.
363* Major changes in 0.2.7:
365  Bugfixes only.
367* Major changes in 0.2.6:
369  1) For all chroot types, a "command-prefix" option has been added.
370     This is a command to prefix to all commands run inside the
371     chroot.
373  2) The scripts run before and after executing a command or shell in
374     the chroot have been moved from /etc/schroot/run.d to
375     /etc/schroot/exec.d.  The corresponding configuration option in
376     schroot.conf has been renamed from "run-session-scripts" to
377     "run-exec-scripts".  This change was to reduce ambiguity in the
378     naming, to make it easier to understand and configure.
380  3) The session operations "--recover-session", "--run-session", and
381     "--end-session" now allow multiple chroots to be specified with
382     "--chroot", rather than just one.
384  4) The "file" and "lvm-snapshot" chroot types both implement "source
385     chroots", to provide access to the source block device and
386     archive file, respectively.  The "source-groups" and
387     "source-root-groups" options have been added to set the "groups"
388     and "root-groups" options for the source chroot.
390  5) The "file" chroot, when accessed as a source chroot using the
391     "-source" suffix, will now automatically repack itself into a new
392     archive file on ending a session.
394* Major changes in 0.2.5:
396  1) The output of "--info" now displays a "Path" line if available.
397     This is the location of the chroot in the filesystem.
399* Major changes in 0.2.4:
401  1) For "block-device" and "lvm-snapshot" type chroots, it is now
402     possible to add a "location" configuration option to specify the
403     location of the chroot within the device filesystem, rather than
404     assuming the location is always the root.  This allows multiple
405     chroots to be stored on a single LVM LV, for example.
407  2) For "plain" chroots, if setup scripts (run-setup-scripts) is
408     enabled, session management is also enabled.  This is not true
409     session management, because it uses bind mounts rather than a
410     copy of the chroot, so should be used with caution, but will make
411     concurrent access to the chroot with session scripts enabled
412     rather more useful.
414* Major changes in 0.2.3:
416  1) A dchroot compatibility mode has been implemented.  This behaves
417     in the same manner as the dchroot program, and is useful for
418     backward compatibility with dchroot, as well as migrating from
419     dchroot.
421  2) Access to the source device of an "lvm-snapshot" type chroot is
422     simplified.  For a chroot named "snap", a "block-device" type
423     chroot named "snap-source" is created for easy access to the
424     source device.
426  3) The output of "--info" now includes a "Session Managed" line,
427     which is true if full session management is available, or false
428     otherwise.
430* Major changes in 0.2.2:
432  1) Session metadata is now correctly saved and restored.
434  2) New option "--config" to dump chroot configuration, in the same
435     manner as "--info".  This is useful to test if the configuration
436     you put in schroot.conf is what schroot is actually parsing.
438  3) Session-managed chroot types ("file" and "lvm-snapshot") now run
439     setup and session scripts by default.  It was previously disabled
440     for all chroot types for safety reasons.  It's considered safe
441     for these types due to their ephemeral nature.
443* Major changes in 0.2.1:
445  1) Creating a session now returns a zero exit status on success.
447* Major changes in 0.2.0:
449  1) A new chroot type, "file", has been added, to allow chroots to be
450     created by unpacking a file archive, such as a tar or zip file.
452  2) The source has been rewritten in C++, and documented with
453     Doxygen.
455  3) A testsuite has been added to unit test as much functionality as
456     is reasonably possible.
458* Major changes in 0.1.7:
460  1) The chroots now implement locking to restrict access to chroots
461     which are already in use.
463  2) The "current-users" and "max-users" configuration options have
464     been removed.  These have been obsoleted by chroot locking.
466  3) The command-line options "--all-chroots" and "--all-sessions"
467     have been added, which have similar behaviour to "--all", but
468     selects all chroots and all active sessions, respectively.
470  4) Session creation, use and removal is now available for LVM
471     snapshot chroots, using the options documented in schroot(1).
473  5) The session commands also work with non-session-based chroot
474     types (plain and block-device), but is equivalent to using the
475     chroot normally.
477  6) An init script is used to recover (restore) session chroots at
478     system startup.
480  7) If no chroot is specified, schroot will fall back to using the
481     "default" chroot.  Adding a "default" alias to an existing chroot
482     will make this chroot the default.
484* Major changes in 0.1.6:
486  1) Setup scripts may be run on startup and shutdown and before and
487     after a command in order to perform setup tasks such as
488     configuring the chroot and mounting filesystems.  These are
489     stored in /etc/schroot/setup.d and /etc/schroot/run.d, and run
490     using run-parts(8).  New scripts may easily be added by the
491     system administrator.  See schroot-setup(5).
493  2) Different types of chroots are now supported.  The current types
494     are "plain" (the default, which is the type supported by previous
495     releases), "block-device" (a block device mounted on the fly) and
496     "lvm-snapshot" (and LVM snapshot of an LV made on the fly).
498* Major changes in 0.1.5:
500  1) The authentication system has been extended to remove the
501     dependency upon libpam_misc.  There are no user-visible changes.
503  2) The root user (uid 0) no longer has special priveleges during
504     authentication.  If the root user should have special priveleges
505     (such as not requiring authentication to change to any other
506     user), do the following:
508     - uncomment the line in pam.d/schroot.  This will
509       disable the requirement for root authentication.
510     - add root to groups (root_groups membership is redundant), so
511       that root is allowed access.
513  3) The configuration file, /etc/schroot.conf has been moved to
514     /etc/schroot/schroot.conf.  This should be moved automatically
515     when upgrading the Debian package.
517  4) A new directory, /etc/schroot/setup.d has been added.  This
518     contains scripts to perform setup and cleanup tasks in the
519     chroot, which are run with run-parts(8).  This provides an
520     easy was to configure and customise chroots.
522* Major changes in 0.1.4:
524  1) A new chroot configuration option, "priority", has been added.
525     This is intended for use with sbuild, to indicate whether the
526     distribution in a chroot is older than the distribution in
527     another chroot.
528  2) The printed messages displaying the command or shell being run
529     now correctly inform the user if the shell is a login shell or
530     not.
532* Major changes in 0.1.3:
534  1) HOME, LOGNAME and USER are set in the environment if the old
535     environment is not being preserved.
536  2) schroot now aborts earlier if no chroots are defined in
537     schroot.conf, rather than failing with a confusing failed
538     assertion error.
539  3) An option parsing bug which could sometimes cause a crash has
540     been fixed.
542* Major changes in 0.1.2:
544  1) Support for gettext has been added, to allow localisation into
545     any language.
546  2) If a command is specified, it will be searched for in $PATH.
547     Previously, an absolute path was always required.
549* Major changes in 0.1.1:
551  1) Add a large number of pointer checks.
553* Major changes in 0.1.0:
555  1) Initial release.
556  2) Debian packaging created.
Note: See TracBrowser for help on using the repository browser.