diff options
author | Sam Thursfield <sam.thursfield@codethink.co.uk> | 2013-03-04 16:58:59 +0000 |
---|---|---|
committer | Sam Thursfield <sam.thursfield@codethink.co.uk> | 2013-03-13 15:20:03 +0000 |
commit | bd3e607439a0d3fe03bfac0eeea4701ff606b1e1 (patch) | |
tree | 78c2bdf78d221694aea5d31f73a6e7187b005caf | |
parent | a20a6bdf6ed75c6bd5c06a25961e0c6bec93bdd6 (diff) | |
download | morph-bd3e607439a0d3fe03bfac0eeea4701ff606b1e1.tar.gz |
Only bind mount necessary directories in chroot
If for example /bin is a symlink, we shouldn't and can't mount the host
system's /bin over the top.
-rw-r--r-- | morphlib/stagingarea.py | 12 |
1 files changed, 5 insertions, 7 deletions
diff --git a/morphlib/stagingarea.py b/morphlib/stagingarea.py index de29eede..418ef15d 100644 --- a/morphlib/stagingarea.py +++ b/morphlib/stagingarea.py @@ -278,16 +278,14 @@ class StagingArea(object): else: cwd = '/' - not_readonly_dirs = [self.builddirname, self.destdirname, + do_not_mount_dirs = [self.builddirname, self.destdirname, 'dev', 'proc', 'tmp'] - dirs = os.listdir(self.dirname) - for excluded_dir in not_readonly_dirs: - dirs.remove(excluded_dir) real_argv = ['linux-user-chroot'] - - for entry in dirs: - real_argv += ['--mount-readonly', '/'+entry] + for d in os.listdir(self.dirname): + if d not in do_not_mount_dirs: + if os.path.isdir(os.path.join(self.dirname, d)): + real_argv += ['--mount-readonly', '/'+d] real_argv += [self.dirname] real_argv += ['sh', '-c', 'cd "$1" && shift && exec "$@"', '--', cwd] |