diff options
Diffstat (limited to 'lib/Sbuild/ChrootUnshare.pm')
-rw-r--r-- | lib/Sbuild/ChrootUnshare.pm | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/lib/Sbuild/ChrootUnshare.pm b/lib/Sbuild/ChrootUnshare.pm index 91a7fa4..c4a3064 100644 --- a/lib/Sbuild/ChrootUnshare.pm +++ b/lib/Sbuild/ChrootUnshare.pm @@ -271,17 +271,23 @@ sub _get_exec_argv { my $dir = shift; my $user = shift; my $disable_network = shift // 0; + my $build_inside_init = shift // 0; # On systems with libnss-resolve installed there is no need for a # /etc/resolv.conf. This works around this by adding 127.0.0.53 (default # for systemd-resolved) in that case. my $network_setup = '[ -f /etc/resolv.conf ] && cat /etc/resolv.conf > "$rootdir/etc/resolv.conf" || echo "nameserver 127.0.0.53" > "$rootdir/etc/resolv.conf";'; my $unshare = CLONE_NEWNS | CLONE_NEWPID | CLONE_NEWUTS | CLONE_NEWIPC; + my $init = ""; if ($disable_network) { $unshare |= CLONE_NEWNET; $network_setup = 'ip link set lo up;> "$rootdir/etc/resolv.conf";'; } + if ($build_inside_init) { + $init = "/usr/bin/dumb-init"; + } + my @bind_mounts = (); for my $entry (@{$self->get_conf('UNSHARE_BIND_MOUNTS')}) { push @bind_mounts, $entry->{directory}, $entry->{mountpoint}; @@ -321,7 +327,7 @@ sub _get_exec_argv { mount -o rbind /sys \"\$rootdir/sys\"; mkdir -p \"\$rootdir/proc\"; mount -t proc proc \"\$rootdir/proc\"; - exec /usr/sbin/chroot \"\$rootdir\" /sbin/runuser -u \"\$user\" -- sh -c \"cd \\\"\\\$1\\\" && shift && \\\"\\\$@\\\"\" -- \"\$dir\" \"\$@\"; + exec /usr/sbin/chroot \"\$rootdir\" $init /sbin/runuser -u \"\$user\" -- sh -c \"cd \\\"\\\$1\\\" && shift && \\\"\\\$@\\\"\" -- \"\$dir\" \"\$@\"; ", '--', $self->get('Session ID'), $user, $dir, @bind_mounts, '--' ); } @@ -358,11 +364,16 @@ sub get_command_internal { } my $disable_network = 0; - if (defined($options->{'DISABLE_NETWORK'}) && $options->{'DISABLE_NETWORK'}) { + if (defined($options->{'ENABLE_NETWORK'}) && $options->{'ENABLE_NETWORK'} == 0) { $disable_network = 1; } - my @cmdline = $self->_get_exec_argv($dir, $user, $disable_network); + my $build_inside_init = 0; + if (defined($options->{'BUILD_INSIDE_INIT'}) && $options->{'BUILD_INSIDE_INIT'}) { + $build_inside_init = 1; + } + + my @cmdline = $self->_get_exec_argv($dir, $user, $disable_network, $build_inside_init); if (ref $command) { push @cmdline, @$command; } else { |