diff options
author | Richard Maw <richard.maw@codethink.co.uk> | 2013-08-23 14:23:39 +0000 |
---|---|---|
committer | Richard Maw <richard.maw@codethink.co.uk> | 2013-08-23 14:23:39 +0000 |
commit | ddb66abddcc810db9b4cc26dae689c929042e4f3 (patch) | |
tree | d1990495859da2be4b9cc02ef98190f35df93c0f /morphlib/stagingarea.py | |
parent | 593cdfe6650d7ca1e0a8fd6742f93404ca6a76a1 (diff) | |
parent | ec1665b75f646eec5db6078a190dab36096fe213 (diff) | |
download | morph-ddb66abddcc810db9b4cc26dae689c929042e4f3.tar.gz |
Merge branch 'baserock/richardmaw/S8563/bootstrap-rootfs-protection'
Reviewed-by: Lars Wirzenius
Diffstat (limited to 'morphlib/stagingarea.py')
-rw-r--r-- | morphlib/stagingarea.py | 67 |
1 files changed, 36 insertions, 31 deletions
diff --git a/morphlib/stagingarea.py b/morphlib/stagingarea.py index f4deb0f9..72c1207d 100644 --- a/morphlib/stagingarea.py +++ b/morphlib/stagingarea.py @@ -252,8 +252,8 @@ class StagingArea(object): builddir = self.builddir(source) destdir = self.destdir(source) - self.builddirname = self.relative(builddir).lstrip('/') - self.destdirname = self.relative(destdir).lstrip('/') + self.builddirname = builddir + self.destdirname = destdir self.do_mounts(setup_mounts) @@ -279,37 +279,42 @@ class StagingArea(object): kwargs['env'].update(kwargs['extra_env']) del kwargs['extra_env'] + cwd = kwargs.get('cwd') or '/' + if 'cwd' in kwargs: + cwd = kwargs['cwd'] + del kwargs['cwd'] + else: + cwd = '/' + + chroot_dir = self.dirname if self.use_chroot else '/' + temp_dir = kwargs["env"].get("TMPDIR", "/tmp") + + staging_dirs = [self.builddirname, self.destdirname] if self.use_chroot: - cwd = kwargs.get('cwd') or '/' - if 'cwd' in kwargs: - cwd = kwargs['cwd'] - del kwargs['cwd'] - else: - cwd = '/' - - do_not_mount_dirs = [self.builddirname, self.destdirname, - 'dev', 'proc', 'tmp'] - - real_argv = ['linux-user-chroot'] - for d in os.listdir(self.dirname): - if d not in do_not_mount_dirs: - if os.path.isdir(os.path.join(self.dirname, d)): - real_argv += ['--mount-readonly', '/'+d] - real_argv += ['--unshare-net'] - real_argv += [self.dirname] - - real_argv += ['sh', '-c', 'cd "$1" && shift && exec "$@"', '--', - cwd] - real_argv += argv + staging_dirs += ["dev", "proc", temp_dir.lstrip('/')] + do_not_mount_dirs = [os.path.join(self.dirname, d) + for d in staging_dirs] + if not self.use_chroot: + do_not_mount_dirs += [temp_dir] - try: - return self._app.runcmd(real_argv, **kwargs) - except cliapp.AppException as e: - raise cliapp.AppException('In staging area %s: running ' - 'command \'%s\' failed.' % - (self.dirname, ' '.join(argv))) - else: - return self._app.runcmd(argv, **kwargs) + logging.debug("Not mounting dirs %r" % do_not_mount_dirs) + + real_argv = ['linux-user-chroot', '--chdir', cwd, '--unshare-net'] + for d in morphlib.fsutils.invert_paths(os.walk(chroot_dir), + do_not_mount_dirs): + if not os.path.islink(d): + real_argv += ['--mount-readonly', self.relative(d)] + + real_argv += [chroot_dir] + + real_argv += argv + + try: + return self._app.runcmd(real_argv, **kwargs) + except cliapp.AppException as e: + raise cliapp.AppException('In staging area %s: running ' + 'command \'%s\' failed.' % + (self.dirname, ' '.join(argv))) def abort(self): # pragma: no cover '''Handle what to do with a staging area in the case of failure. |