diff options
Diffstat (limited to 'lib/Sbuild')
-rw-r--r-- | lib/Sbuild/ChrootUnshare.pm | 7 | ||||
-rw-r--r-- | lib/Sbuild/Conf.pm | 18 | ||||
-rw-r--r-- | lib/Sbuild/Utility.pm | 4 |
3 files changed, 21 insertions, 8 deletions
diff --git a/lib/Sbuild/ChrootUnshare.pm b/lib/Sbuild/ChrootUnshare.pm index 8fb2350..81e90ca 100644 --- a/lib/Sbuild/ChrootUnshare.pm +++ b/lib/Sbuild/ChrootUnshare.pm @@ -306,7 +306,7 @@ sub _get_exec_argv { } return ( - 'env', 'PATH=' . $self->get_conf('PATH'), + 'env', 'PATH=' . $self->get_conf('PATH'), "USER=$user", "LOGNAME=$user", get_unshare_cmd({UNSHARE_FLAGS => $unshare, FORK => 1, IDMAP => $self->get('Uid Gid Map'), LINUX32 => $linux32}), 'sh', '-c', " rootdir=\"\$1\"; shift; user=\"\$1\"; shift; @@ -318,7 +318,7 @@ sub _get_exec_argv { shift; shift; done; hostname sbuild; - echo \"127.0.0.1 localhost\\n127.0.1.1 sbuild\" > \"\$rootdir/etc/hosts\"; + echo \"127.0.0.1 localhost\\n127.0.1.1 sbuild\\n::1 localhost ip6-localhost ip6-loopback\" > \"\$rootdir/etc/hosts\"; $network_setup mkdir -p \"\$rootdir/dev\"; for f in null zero full random urandom tty console; do @@ -337,9 +337,10 @@ sub _get_exec_argv { mount -t tmpfs tmpfs \"\$rootdir/dev/shm\"; mkdir -p \"\$rootdir/sys\"; mount -o rbind /sys \"\$rootdir/sys\"; + mount -t tmpfs tmpfs \"\$rootdir/sys/kernel\" -o mode=0000,size=4k,ro; mkdir -p \"\$rootdir/proc\"; mount -t proc proc \"\$rootdir/proc\"; - exec /usr/sbin/chroot \"\$rootdir\" $init /sbin/runuser -u \"\$user\" -- sh -c \"cd \\\"\\\$1\\\" && shift && \\\"\\\$@\\\"\" -- \"\$dir\" \"\$@\"; + exec /usr/sbin/chroot \"\$rootdir\" $init /sbin/runuser -p -u \"\$user\" -- sh -c \"cd \\\"\\\$1\\\" && shift && \\\"\\\$@\\\"\" -- \"\$dir\" \"\$@\"; ", '--', $self->get('Session ID'), $user, $dir, @bind_mounts, '--' ); } diff --git a/lib/Sbuild/Conf.pm b/lib/Sbuild/Conf.pm index d0e3f6f..ffe56d1 100644 --- a/lib/Sbuild/Conf.pm +++ b/lib/Sbuild/Conf.pm @@ -249,16 +249,18 @@ sub setup ($) { }, 'SCHROOT' => { TYPE => 'STRING', - GROUP => '__INTERNAL', + VARNAME => 'schroot', + GROUP => 'Programs', CHECK => sub { my $conf = shift; my $entry = shift; my $key = $entry->{'NAME'}; # Only validate if needed. - if ($conf->get('CHROOT_MODE') eq 'schroot') { - $validate_program->($conf, $entry); - } + if (defined $conf->_get('CHROOT_MODE') + && $conf->_get('CHROOT_MODE') eq 'schroot') { + $validate_program->($conf, $entry); + } }, DEFAULT => 'schroot', HELP => 'Path to schroot binary' @@ -734,7 +736,13 @@ sub setup ($) { if !isin($conf->get('CHROOT_MODE'), qw(schroot sudo autopkgtest unshare)); }, - DEFAULT => 'schroot', + DEFAULT => undef, + GET => sub { + my $conf = shift; + my $entry = shift; + + return ($conf->_get($entry->{'NAME'}) // 'schroot'); + }, HELP => 'Mechanism to use for chroot virtualisation. Possible value are "schroot" (default), "sudo", "autopkgtest" and "unshare".', CLI_OPTIONS => ['--chroot-mode'] }, diff --git a/lib/Sbuild/Utility.pm b/lib/Sbuild/Utility.pm index 9cdfff1..6828692 100644 --- a/lib/Sbuild/Utility.pm +++ b/lib/Sbuild/Utility.pm @@ -420,6 +420,10 @@ sub get_unshare_cmd($) { my $command = <<"EOF"; require 'syscall.ph'; +# Workaround for #1070007 (Permission denied if STDOUT points to a pipe) +use Fcntl qw(:mode); +chmod(0666, *STDOUT) if ((stat(*STDOUT))[2] & S_IFMT) == S_IFIFO; + # Create a pipe for the parent process to signal the child process that it is # done with calling unshare() so that the child can go ahead setting up # uid_map and gid_map. |