verbage1
pretty impressed in general with this featureset... and this is coming from someone very resistant to change...
small flash aside... i'm pretty happy to have these bundled by default once some teething stuff is ironed out...
perhaps these comments are coming from not enough background with these features but...
- would be great if jailed services were togglable from config/SERVICE and/or a system wide fallback tunable was in place...
verbage2
I see the merit in just installing an ipk and things are jailed... but I believe in not obfuscating things to a level where a user has little or no runtime control over jailing features...
(technology comes and goes... especially namespace stuff... tying everything down into a single automated procd solution may prove ultimately way too restrictive/inflexible)
just trying now...
- ntp (great-opkg-autorestarted-service)
- dnsmasq (opkg-did-not-restart-service, manual failed to start, is it a requirement to reboot? should this be printed on live opkg install?, does it need a rollback-esque fault condition behavior?)
(BUILD_ID="r17143")
(also utrace and seccomp-trace dont offer any --help ... which I find pretty useful in all commands)
2c