[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[hurd] 05/17: utils/settrans: improve --chroot functionality
|
From: |
Samuel Thibault |
|
Subject: |
[hurd] 05/17: utils/settrans: improve --chroot functionality |
|
Date: |
Mon, 15 Feb 2016 09:10:02 +0000 |
This is an automated email from the git hooks/post-receive script.
sthibault pushed a commit to branch upstream
in repository hurd.
commit 35ae0168bbdae2eb7029262f49d394046a67860f
Author: Justus Winter <address@hidden>
Date: Fri Jan 15 18:56:25 2016 +0100
utils/settrans: improve --chroot functionality
Add an option '--chroot-chdir' to settrans and make it chdir to this
directory before executing the target program. Also, look up the
executable in PATH.
With these changes we no longer need to use the shell inside the
chroot in the convenience scripts, and hence do not require it to be
installed inside the chroot.
* utils/fakeroot.sh: Simplify using the new option.
* utils/remap.sh: Likewise.
* utils/settrans.c (OPT_CHROOT_CHDIR): New constant.
(options): New option 'chroot-chdir'.
(main): Handle new option. Search for target executable in PATH.
* utils/fakeauth.c (main): Likewise.
---
utils/fakeauth.c | 6 +++++-
utils/fakeroot.sh | 15 ++++++---------
utils/remap.sh | 14 ++++++--------
utils/settrans.c | 32 ++++++++++++++++++++++++++++++--
4 files changed, 47 insertions(+), 20 deletions(-)
diff --git a/utils/fakeauth.c b/utils/fakeauth.c
index ba6a3ee..004cc46 100644
--- a/utils/fakeauth.c
+++ b/utils/fakeauth.c
@@ -402,9 +402,13 @@ believe it has restricted them to different identities or
no identity at all.\
{
task_t newtask;
process_t proc;
- file_t execfile = file_name_lookup (argv[argi], O_EXEC, 0);
+ char *prefixed_name;
+ file_t execfile = file_name_path_lookup (argv[argi], getenv ("PATH"),
+ O_EXEC, 0, &prefixed_name);
if (execfile == MACH_PORT_NULL)
error (3, errno, "%s", argv[argi]);
+ if (prefixed_name)
+ argv[0] = prefixed_name;
err = task_create (mach_task_self (),
#ifdef KERN_INVALID_LEDGER
diff --git a/utils/fakeroot.sh b/utils/fakeroot.sh
index 6993365..7bc5dc7 100644
--- a/utils/fakeroot.sh
+++ b/utils/fakeroot.sh
@@ -54,12 +54,9 @@ if [ $# -eq 0 ]; then
set -- ${SHELL:-/bin/sh}
fi
-# We exec settrans, which execs the "fakeauth" command in the chroot context.
-# The `pwd` is evaluated here and now, and that result interpreted inside
-# the shell running under fakeauth to chdir there inside the chroot world.
-# That shell then execs our arguments as a command line.
-exec /bin/settrans --chroot \
- /bin/fakeauth \
- /bin/sh -c 'cd "$1" || exit ; shift ; exec "$@"' \
- "$1" "$PWD" "$@" \
- -- / /hurd/fakeroot
+# We exec settrans, which execs the "fakeauth" command in the chroot
+# context provided by /hurd/fakeroot.
+exec /bin/settrans \
+ --chroot-chdir "$PWD" \
+ --chroot /bin/fakeauth "$@" -- \
+ / /hurd/fakeroot
diff --git a/utils/remap.sh b/utils/remap.sh
index f24ed0e..40c2d76 100644
--- a/utils/remap.sh
+++ b/utils/remap.sh
@@ -57,11 +57,9 @@ if [ $# -eq 0 ]; then
set -- ${SHELL:-/bin/sh}
fi
-# We exec settrans, which execs the "fakeauth" command in the chroot context.
-# The `pwd` is evaluated here and now, and that result interpreted inside
-# the shell running under fakeauth to chdir there inside the chroot world.
-# That shell then execs our arguments as a command line.
-exec /bin/settrans --chroot \
- /bin/sh -c 'cd "$1" || exit ; shift ; exec "$@"' \
- "$1" "$PWD" "$@" \
- -- / /hurd/remap $MAPPED
+# We exec settrans, which execs the target command in the chroot
+# context provided by /hurd/remap.
+exec /bin/settrans \
+ --chroot-chdir "$PWD" \
+ --chroot "$@" -- \
+ / /hurd/remap $MAPPED
diff --git a/utils/settrans.c b/utils/settrans.c
index cd40c56..00cc358 100644
--- a/utils/settrans.c
+++ b/utils/settrans.c
@@ -18,6 +18,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */
+#include <assert.h>
#include <hurd.h>
#include <stdio.h>
#include <stdlib.h>
@@ -45,6 +46,8 @@ const char *argp_program_version = STANDARD_HURD_VERSION
(settrans);
#define _STRINGIFY(arg) #arg
#define STRINGIFY(arg) _STRINGIFY (arg)
+#define OPT_CHROOT_CHDIR -1
+
static struct argp_option options[] =
{
{"active", 'a', 0, 0, "Start TRANSLATOR and set it as NODE's active
translator" },
@@ -65,6 +68,9 @@ static struct argp_option options[] =
{"chroot", 'C', 0, 0,
"Instead of setting the node's translator, take following arguments up to"
" `--' and run that command chroot'd to the translated node."},
+ {"chroot-chdir", OPT_CHROOT_CHDIR, "DIR", 0,
+ "Change to DIR before running the chrooted command. "
+ "DIR must be an absolute path."},
{0,0,0,0, "When setting the passive translator, if there's an active
translator:"},
{"goaway", 'g', 0, 0, "Ask the active translator to go away"},
@@ -114,6 +120,7 @@ main(int argc, char *argv[])
int excl = 0;
int timeout = DEFAULT_TIMEOUT * 1000; /* ms */
char **chroot_command = 0;
+ char *chroot_chdir = "/";
/* Parse our options... */
error_t parse_opt (int key, char *arg, struct argp_state *state)
@@ -183,6 +190,12 @@ main(int argc, char *argv[])
argp_error (state, "--chroot command must be terminated with `--'");
return EINVAL;
+ case OPT_CHROOT_CHDIR:
+ if (arg[0] != '/')
+ argp_error (state, "--chroot-chdir must be absolute");
+ chroot_chdir = arg;
+ break;
+
case 'c': lookup_flags |= O_CREAT; break;
case 'L': lookup_flags &= ~O_NOTRANS; break;
@@ -325,6 +338,8 @@ main(int argc, char *argv[])
char retry_name[1024]; /* XXX */
retry_type do_retry;
mach_port_t root;
+ file_t executable;
+ char *prefixed_name;
err = fsys_getroot (active_control,
MACH_PORT_NULL, MACH_MSG_TYPE_COPY_SEND,
NULL, 0, NULL, 0, 0,
@@ -341,8 +356,21 @@ main(int argc, char *argv[])
if (setcrdir (root))
error (7, errno, "cannot install root port");
mach_port_deallocate (mach_task_self (), root);
- if (chdir ("/"))
- error (8, errno, "cannot chdir to new root");
+ if (chdir (chroot_chdir))
+ error (8, errno, "%s", chroot_chdir);
+
+ /* Lookup executable in PATH. */
+ executable = file_name_path_lookup (chroot_command[0],
+ getenv ("PATH"),
+ O_EXEC, 0,
+ &prefixed_name);
+ if (MACH_PORT_VALID (executable))
+ {
+ err = mach_port_deallocate (mach_task_self (), executable);
+ assert_perror (err);
+ if (prefixed_name)
+ chroot_command[0] = prefixed_name;
+ }
execvp (chroot_command[0], chroot_command);
error (8, errno, "cannot execute %s", chroot_command[0]);
--
Alioth's /usr/local/bin/git-commit-notice on
/srv/git.debian.org/git/pkg-hurd/hurd.git
- [hurd] branch upstream updated (0aa179e -> ffaff64), Samuel Thibault, 2016/02/15
- [hurd] 03/17: procfs: Move setting default parameters to a separate function, Samuel Thibault, 2016/02/15
- [hurd] 11/17: Fixed leaks in _netfs_translator_callback2_fn, Samuel Thibault, 2016/02/15
- [hurd] 04/17: exec: remove duplicate function call, Samuel Thibault, 2016/02/15
- [hurd] 02/17: Fix typo, Samuel Thibault, 2016/02/15
- [hurd] 16/17: Fix function name, Samuel Thibault, 2016/02/15
- [hurd] 14/17: Make sure to complete auth_server_authenticate, Samuel Thibault, 2016/02/15
- [hurd] 15/17: Fix hang on reauthentication, Samuel Thibault, 2016/02/15
- [hurd] 05/17: utils/settrans: improve --chroot functionality,
Samuel Thibault <=
- [hurd] 08/17: mach-defpager: link dynamically, Samuel Thibault, 2016/02/15
- [hurd] 09/17: devnode: fix falling back to the kernel driver, Samuel Thibault, 2016/02/15
- [hurd] 01/17: Also build exec.static, Samuel Thibault, 2016/02/15
- [hurd] 12/17: utils/vmallocate: new utility, Samuel Thibault, 2016/02/15
- [hurd] 17/17: Merge remote-tracking branch 'upstream/master' into upstream, Samuel Thibault, 2016/02/15
- [hurd] 06/17: Use refcount_t for peropen reference counting in libnetfs., Samuel Thibault, 2016/02/15
- [hurd] 07/17: Remove libfshelp/trans.h and libfshelp/locks.h., Samuel Thibault, 2016/02/15
- [hurd] 10/17: Check for a return value in netfs_make_peropen before using it in netfs_make_protid., Samuel Thibault, 2016/02/15
- [hurd] 13/17: Use libihash to store directory entries in ftpfs., Samuel Thibault, 2016/02/15