first attempt new chrooting. It is just Proof of concept

gloves-global/lib/glove/chroot_env.rb

@@ -0,0 +1,45 @@
+#--
+# Config Agents Framework
+#
+# Copyright (C) 2011 Novell, Inc.
+#   This library is free software; you can redistribute it and/or modify
+# it only under the terms of version 2.1 or version 3 of the GNU Lesser General Public
+# License as published by the Free Software Foundation.
+#
+#   This library is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+# details.
+#
+#   You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+#++
+
+# Provides chrooting ability
+module ChrootEnv
+  # Run block in changed root to dir
+  # @param [String] dir of new root
+  # @yield code that runs in changed root with all limitations
+  # @yieldreturn [Object] Returns return value of block with limitation that for serialization is used YAML, so object to serialize must support it.
+  # @note exception is transformed into hash with key error and backtrace or specialized hash for BackendException
+  def self.run dir
+    rd,wr = IO.pipe
+    fork do
+      Dir.chroot(dir)
+      rd.close
+      result = yield rescue $!
+      wr.write result Marshal.dump(result)
+      wr.close
+      exit 0
+    end
+    wr.close
+    result = Marshal.load rd.read
+    rd.close
+    Process.wait
+    if result.is_a? Exception
+      raise result.class,result.message,result.backtrace #continue with exception
+    end
+    return result
+  end
+end

gloves-global/lib/glove/configuration.rb

@@ -17,7 +17,9 @@
 #++
 
 require "singleton"
-require "dbus_clients/dbus_client"
+require "glove/chroot_env"
+require "config_agent/file_agent"
+require "config_agent/script_agent"
 
 module Glove
   class Configuration
@@ -33,14 +35,53 @@ def agent_parameters
 end
 
 #reopen config_agents so all gloves lib implicitelly use agent parameters
-module DbusClients
-  module DbusClient
-    class << self
-      alias_method :gloves_conf_extended_call, :call
-      def call name, id, type, method, options
-        options = Glove::Configuration.instance.agent_parameters.merge options
-        gloves_conf_extended_call name, id, type, method, options
+module ConfigAgent
+  module FileAgent
+    # if it start increasing lets add hooks to agents
+    alias_method :gloves_conf_extended_read, :read
+    def read params
+      chroot_dir = Glove::Configuration.instance.chroot
+      if chroot_dir
+        Glove::ChrootEnv.run(chroot_dir) do
+          gloves_conf_extended_read params
+        end
+      else
+        #first what we do is chrooting
+        gloves_conf_extended_read params
+      end
+    end
+
+    alias_method :gloves_conf_extended_write, :write
+    def write params
+      chroot_dir = Glove::Configuration.instance.chroot
+      if chroot_dir
+        Glove::ChrootEnv.run(chroot_dir) do
+          gloves_conf_extended_write params
+        end
+      else
+        #first what we do is chrooting
+        gloves_conf_extended_write params
+      end
+    end
+  end
+end
+
+module ConfigAgent
+  module ScriptAgent
+    # if it start increasing lets add hooks to agents
+    alias_method :gloves_conf_extended_call, :call
+    def call params
+      chroot_dir = Glove::Configuration.instance.chroot
+      if chroot_dir
+        Glove::ChrootEnv.run(chroot_dir) do
+          gloves_conf_extended_call params
+        end
+      else
+        #first what we do is chrooting
+        gloves_conf_extended_call params
       end
     end
   end
 end
+
+