diff options
Diffstat (limited to 'doc/source/arch_sandboxing.rst')
-rw-r--r-- | doc/source/arch_sandboxing.rst | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/doc/source/arch_sandboxing.rst b/doc/source/arch_sandboxing.rst index 869193d36..52679dedd 100644 --- a/doc/source/arch_sandboxing.rst +++ b/doc/source/arch_sandboxing.rst @@ -163,12 +163,12 @@ support is available. If user namespace support is not available you have the option of installing bubblewrap as a setuid binary to avoid needing to run the entire ``bst`` process as the ``root`` user. -The artifact cache on Linux systems is implemented using `OSTree -<https://github.com/ostreedev/ostree>`_, which can allow us to stage artifacts -using hardlinks instead of copying them. To avoid cache corruption it is -vital that hardlinked files cannot be overwritten. In cases where the root -filesystem inside the sandbox needs to be writable, a custom FUSE filesystem -named SafeHardlinks is used which provides a copy-on-write layer. +The artifact cache on Linux systems is implemented using a content-addressable +hardlink farm, which can allow us to stage artifacts using hardlinks instead of +copying them. To avoid cache corruption it is vital that hardlinked files +cannot be overwritten. In cases where the root filesystem inside the sandbox +needs to be writable, a custom FUSE filesystem named SafeHardlinks is used +which provides a copy-on-write layer. Some of the operations on filesystem metadata listed above are not prohibited by the sandbox, but will instead be silently dropped when an artifact is |