No description
1db38ae81b
In a private PID namespace, processes have PIDs that are separate from the rest of the system. The initial child gets PID 1. Processes in the chroot cannot see processes outside of the chroot. This improves isolation between builds. However, processes on the outside can see processes in the chroot and send signals to them (if they have appropriate rights). Since the builder gets PID 1, it serves as the reaper for zombies in the chroot. This might turn out to be a problem. In that case we'll need to have a small PID 1 process that sits in a loop calling wait(). |
||
---|---|---|
corepkgs | ||
doc | ||
misc | ||
perl | ||
scripts | ||
src | ||
tests | ||
.gitignore | ||
AUTHORS | ||
bootstrap.sh | ||
build.nix | ||
configure.ac | ||
COPYING | ||
INSTALL | ||
Makefile.am | ||
nix.conf.example | ||
nix.spec.in | ||
README | ||
release.nix | ||
substitute.mk | ||
version |
Nix is a purely functional package manager. For installation and usage instructions, please read the manual, which can be found in `docs/manual/manual.html', and additionally at the Nix website at <http://nixos.org/>. Acknowledgments This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.OpenSSL.org/).