From 7f129f5a8f509124d9b7d289832862a3145a123c Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Thu, 30 May 2024 05:24:54 +0200 Subject: Merging upstream version 0.85.9. Signed-off-by: Daniel Baumann --- bin/sbuild | 2 +- bin/sbuild-qemu | 12 ++++-------- lib/Sbuild/ChrootUnshare.pm | 7 ++++--- lib/Sbuild/Conf.pm | 18 +++++++++++++----- lib/Sbuild/Utility.pm | 4 ++++ 5 files changed, 26 insertions(+), 17 deletions(-) diff --git a/bin/sbuild b/bin/sbuild index 4f0db29..106c17e 100755 --- a/bin/sbuild +++ b/bin/sbuild @@ -54,7 +54,7 @@ my $conf = Sbuild::Conf::new(); exit 1 if !defined($conf); my $options = Sbuild::Options->new($conf, "sbuild", "1"); exit 1 if !defined($options); -check_group_membership() if $conf->get('CHROOT_MODE') eq 'schroot'; +check_group_membership() if $conf->get('CHROOT_MODE') eq 'schroot' && $conf->get('SCHROOT') eq 'schroot'; if (!$conf->get('MAINTAINER_NAME') && ($conf->get('BIN_NMU') || $conf->get('APPEND_TO_VERSION'))) { diff --git a/bin/sbuild-qemu b/bin/sbuild-qemu index 52ab6ff..c7373b8 100755 --- a/bin/sbuild-qemu +++ b/bin/sbuild-qemu @@ -40,6 +40,7 @@ IMAGEDIR = os.environ.get( os.path.join(os.path.expanduser('~'), '.cache', 'sbuild'), ) +DEFAULT_DIST = 'unstable' DEFAULT_ARCH = subprocess.check_output( ['dpkg', '--print-architecture'], text=True, @@ -118,7 +119,6 @@ def main(): peeker.add_argument( '--dist', action='store', - default='unstable', ) peeker.add_argument( '--arch', @@ -146,14 +146,11 @@ def main(): else: image = os.path.join(IMAGEDIR, parsed_args.image) else: - guessed_name = f'{peeked_args.dist}-autopkgtest-{build_arch}.img' + guessed_name = f'{peeked_args.dist or DEFAULT_DIST}-autopkgtest-{build_arch}.img' if os.path.exists(os.path.abspath(guessed_name)): - images = os.path.abspath(guessed_name) + image = os.path.abspath(guessed_name) else: - image = os.path.join( - IMAGEDIR, - f'{peeked_args.dist}-autopkgtest-{build_arch}.img', - ) + image = os.path.join(IMAGEDIR, guessed_name) if not os.path.exists(image): print(f"File {image} does not exist.", file=sys.stderr) @@ -161,7 +158,6 @@ def main(): args = [ 'sbuild', - '--dist', peeked_args.dist, '--purge-build=never', '--purge-deps=never', '--chroot-mode=autopkgtest', diff --git a/lib/Sbuild/ChrootUnshare.pm b/lib/Sbuild/ChrootUnshare.pm index 8fb2350..81e90ca 100644 --- a/lib/Sbuild/ChrootUnshare.pm +++ b/lib/Sbuild/ChrootUnshare.pm @@ -306,7 +306,7 @@ sub _get_exec_argv { } return ( - 'env', 'PATH=' . $self->get_conf('PATH'), + 'env', 'PATH=' . $self->get_conf('PATH'), "USER=$user", "LOGNAME=$user", get_unshare_cmd({UNSHARE_FLAGS => $unshare, FORK => 1, IDMAP => $self->get('Uid Gid Map'), LINUX32 => $linux32}), 'sh', '-c', " rootdir=\"\$1\"; shift; user=\"\$1\"; shift; @@ -318,7 +318,7 @@ sub _get_exec_argv { shift; shift; done; hostname sbuild; - echo \"127.0.0.1 localhost\\n127.0.1.1 sbuild\" > \"\$rootdir/etc/hosts\"; + echo \"127.0.0.1 localhost\\n127.0.1.1 sbuild\\n::1 localhost ip6-localhost ip6-loopback\" > \"\$rootdir/etc/hosts\"; $network_setup mkdir -p \"\$rootdir/dev\"; for f in null zero full random urandom tty console; do @@ -337,9 +337,10 @@ sub _get_exec_argv { mount -t tmpfs tmpfs \"\$rootdir/dev/shm\"; mkdir -p \"\$rootdir/sys\"; mount -o rbind /sys \"\$rootdir/sys\"; + mount -t tmpfs tmpfs \"\$rootdir/sys/kernel\" -o mode=0000,size=4k,ro; mkdir -p \"\$rootdir/proc\"; mount -t proc proc \"\$rootdir/proc\"; - exec /usr/sbin/chroot \"\$rootdir\" $init /sbin/runuser -u \"\$user\" -- sh -c \"cd \\\"\\\$1\\\" && shift && \\\"\\\$@\\\"\" -- \"\$dir\" \"\$@\"; + exec /usr/sbin/chroot \"\$rootdir\" $init /sbin/runuser -p -u \"\$user\" -- sh -c \"cd \\\"\\\$1\\\" && shift && \\\"\\\$@\\\"\" -- \"\$dir\" \"\$@\"; ", '--', $self->get('Session ID'), $user, $dir, @bind_mounts, '--' ); } diff --git a/lib/Sbuild/Conf.pm b/lib/Sbuild/Conf.pm index d0e3f6f..ffe56d1 100644 --- a/lib/Sbuild/Conf.pm +++ b/lib/Sbuild/Conf.pm @@ -249,16 +249,18 @@ sub setup ($) { }, 'SCHROOT' => { TYPE => 'STRING', - GROUP => '__INTERNAL', + VARNAME => 'schroot', + GROUP => 'Programs', CHECK => sub { my $conf = shift; my $entry = shift; my $key = $entry->{'NAME'}; # Only validate if needed. - if ($conf->get('CHROOT_MODE') eq 'schroot') { - $validate_program->($conf, $entry); - } + if (defined $conf->_get('CHROOT_MODE') + && $conf->_get('CHROOT_MODE') eq 'schroot') { + $validate_program->($conf, $entry); + } }, DEFAULT => 'schroot', HELP => 'Path to schroot binary' @@ -734,7 +736,13 @@ sub setup ($) { if !isin($conf->get('CHROOT_MODE'), qw(schroot sudo autopkgtest unshare)); }, - DEFAULT => 'schroot', + DEFAULT => undef, + GET => sub { + my $conf = shift; + my $entry = shift; + + return ($conf->_get($entry->{'NAME'}) // 'schroot'); + }, HELP => 'Mechanism to use for chroot virtualisation. Possible value are "schroot" (default), "sudo", "autopkgtest" and "unshare".', CLI_OPTIONS => ['--chroot-mode'] }, diff --git a/lib/Sbuild/Utility.pm b/lib/Sbuild/Utility.pm index 9cdfff1..6828692 100644 --- a/lib/Sbuild/Utility.pm +++ b/lib/Sbuild/Utility.pm @@ -420,6 +420,10 @@ sub get_unshare_cmd($) { my $command = <<"EOF"; require 'syscall.ph'; +# Workaround for #1070007 (Permission denied if STDOUT points to a pipe) +use Fcntl qw(:mode); +chmod(0666, *STDOUT) if ((stat(*STDOUT))[2] & S_IFMT) == S_IFIFO; + # Create a pipe for the parent process to signal the child process that it is # done with calling unshare() so that the child can go ahead setting up # uid_map and gid_map. -- cgit v1.2.3