Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sysusers prep patches #1763

Closed
wants to merge 5 commits into from
Closed

sysusers prep patches #1763

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
184c207
compose: Support RPMOSTREE_PRESERVE_TMPDIR=on-fail
cgwalters Feb 22, 2019
a5e2743
bwrap: Add an API to take a file descriptor
cgwalters Feb 22, 2019
00da746
main: Move cancellable creation later
cgwalters Feb 22, 2019
e5c8b11
tests: Don't make system user with differently-named group
cgwalters Feb 22, 2019
ac81cb0
fixup! compose: Support RPMOSTREE_PRESERVE_TMPDIR=on-fail
cgwalters Feb 23, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion src/app/main.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -391,7 +391,6 @@ int
main (int argc,
char **argv)
{
GCancellable *cancellable = g_cancellable_new ();
RpmOstreeCommand *command;
const char *command_name = NULL;
g_autofree char *prgname = NULL;
Expand All @@ -417,6 +416,8 @@ main (int argc,

setlocale (LC_ALL, "");

GCancellable *cancellable = g_cancellable_new ();

/*
* Parse the global options. We rearrange the options as
* necessary, in order to pass relevant options through
Expand Down
20 changes: 16 additions & 4 deletions src/app/rpmostree-compose-builtin-tree.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -108,6 +108,7 @@ typedef struct {
RpmOstreeContext *corectx;
GFile *treefile_path;
GHashTable *metadata;
gboolean failed;
GLnxTmpDir workdir_tmp;
int workdir_dfd;
int rootfs_dfd;
Expand Down Expand Up @@ -137,7 +138,9 @@ rpm_ostree_tree_compose_context_free (RpmOstreeTreeComposeContext *ctx)
/* Only close workdir_dfd if it's not owned by the tmpdir */
if (!ctx->workdir_tmp.initialized)
glnx_close_fd (&ctx->workdir_dfd);
if (g_getenv ("RPMOSTREE_PRESERVE_TMPDIR"))
const char *preserve = g_getenv ("RPMOSTREE_PRESERVE_TMPDIR");
if (ctx->workdir_tmp.initialized &&
(preserve && (!g_str_equal (preserve, "on-fail") || ctx->failed)))
g_print ("Preserved workdir: %s\n", ctx->workdir_tmp.path);
else
(void)glnx_tmpdir_delete (&ctx->workdir_tmp, NULL, NULL);
Expand Down Expand Up @@ -1111,7 +1114,10 @@ rpmostree_compose_builtin_install (int argc,
return FALSE;
gboolean changed;
if (!impl_install_tree (self, &changed, cancellable, error))
return FALSE;
{
self->failed = TRUE;
return FALSE;
}
if (opt_unified_core)
{
if (!glnx_renameat (self->workdir_tmp.src_dfd, self->workdir_tmp.path,
Expand Down Expand Up @@ -1268,12 +1274,18 @@ rpmostree_compose_builtin_tree (int argc,
return FALSE;
gboolean changed;
if (!impl_install_tree (self, &changed, cancellable, error))
return FALSE;
{
self->failed = TRUE;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we want this for rpmostree_compose_builtin_commit and rpmostree_compose_builtin_install too?

return FALSE;
}
if (changed)
{
/* Do the ostree commit */
if (!impl_commit_tree (self, cancellable, error))
return FALSE;
{
self->failed = TRUE;
return FALSE;
}
/* Finally process the --touch-if-changed option */
if (!process_touch_if_changed (error))
return FALSE;
Expand Down
43 changes: 27 additions & 16 deletions src/libpriv/rpmostree-bwrap.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -415,6 +415,15 @@ rpmostree_bwrap_setenv (RpmOstreeBwrap *bwrap, const char *name, const char *val
g_subprocess_launcher_setenv (bwrap->launcher, name, value, TRUE);
}

/* Transfer ownership of @source_fd to child at @target_fd */
void
rpmostree_bwrap_take_fd (RpmOstreeBwrap *bwrap,
int source_fd,
int target_fd)
{
g_subprocess_launcher_take_fd (bwrap->launcher, source_fd, target_fd);
}

/* Execute @bwrap, optionally capturing stdout or stderr. Must have been configured. After
* executing this method, the @bwrap instance cannot be run again.
*/
Expand All @@ -425,27 +434,15 @@ rpmostree_bwrap_run_captured (RpmOstreeBwrap *bwrap,
GCancellable *cancellable,
GError **error)
{
GSubprocessLauncher *launcher = bwrap->launcher;

g_assert (!bwrap->executed);
bwrap->executed = TRUE;

/* Set up our error message */
const char *errmsg = glnx_strjoina ("Executing bwrap(", bwrap->child_argv0, ")");
GLNX_AUTO_PREFIX_ERROR (errmsg, error);

/* Add the final NULL */
g_ptr_array_add (bwrap->argv, NULL);

if (stdout_buf)
g_subprocess_launcher_set_flags (bwrap->launcher, G_SUBPROCESS_FLAGS_STDOUT_PIPE);
if (stderr_buf)
g_subprocess_launcher_set_flags (bwrap->launcher, G_SUBPROCESS_FLAGS_STDERR_PIPE);

g_subprocess_launcher_set_child_setup (launcher, bwrap_child_setup, bwrap, NULL);
g_autoptr(GSubprocess) subproc =
g_subprocess_launcher_spawnv (launcher, (const char *const*)bwrap->argv->pdata,
error);
const char *errmsg = glnx_strjoina ("Executing bwrap(", bwrap->child_argv0, ")");
GLNX_AUTO_PREFIX_ERROR (errmsg, error);

g_autoptr(GSubprocess) subproc = rpmostree_bwrap_execute (bwrap, error);
if (!subproc)
return FALSE;

Expand Down Expand Up @@ -488,6 +485,20 @@ rpmostree_bwrap_run (RpmOstreeBwrap *bwrap,
return rpmostree_bwrap_run_captured (bwrap, NULL, NULL, cancellable, error);
}

GSubprocess *
rpmostree_bwrap_execute (RpmOstreeBwrap *bwrap, GError **error)
{
g_autoptr(GSubprocessLauncher) launcher = g_steal_pointer (&bwrap->launcher);
g_assert (!bwrap->executed);
bwrap->executed = TRUE;

/* Add the final NULL */
g_ptr_array_add (bwrap->argv, NULL);

g_subprocess_launcher_set_child_setup (launcher, bwrap_child_setup, bwrap, NULL);
return g_subprocess_launcher_spawnv (launcher, (const char *const*)bwrap->argv->pdata, error);
}

/* Execute /bin/true inside a bwrap container on the host */
gboolean
rpmostree_bwrap_selftest (GError **error)
Expand Down
6 changes: 6 additions & 0 deletions src/libpriv/rpmostree-bwrap.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,10 @@ void rpmostree_bwrap_append_child_argva (RpmOstreeBwrap *bwrap, int argc, char *

void rpmostree_bwrap_setenv (RpmOstreeBwrap *bwrap, const char *name, const char *value);

void rpmostree_bwrap_take_fd (RpmOstreeBwrap *bwrap,
int source_fd,
int target_fd);

void rpmostree_bwrap_set_child_setup (RpmOstreeBwrap *bwrap,
GSpawnChildSetupFunc func,
gpointer data);
Expand All @@ -63,6 +67,8 @@ gboolean rpmostree_bwrap_run_captured (RpmOstreeBwrap *bwrap,
GCancellable *cancellable,
GError **error);

GSubprocess * rpmostree_bwrap_execute (RpmOstreeBwrap *bwrap, GError **error);

gboolean rpmostree_bwrap_run (RpmOstreeBwrap *bwrap,
GCancellable *cancellable,
GError **error);
Expand Down
2 changes: 1 addition & 1 deletion tests/vmcheck/test-layering-non-root-caps.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ vm_build_rpm nonrootcap \
cp nonrootcap nrc-\$mode.sh
done" \
pre "groupadd -r nrcgroup
useradd -r nrcuser -g nrcgroup -s /sbin/nologin" \
useradd -r nrcuser -s /sbin/nologin" \
install "mkdir -p %{buildroot}/etc
install nrc.conf %{buildroot}/etc
ln -sr %{buildroot}/etc/nrc.conf %{buildroot}/etc/nrc-link.conf
Expand Down