]>
Commit | Line | Data |
---|---|---|
bf5f9c24 MT |
1 | /*############################################################################# |
2 | # # | |
3 | # Pakfire - The IPFire package management system # | |
4 | # Copyright (C) 2022 Pakfire development team # | |
5 | # # | |
6 | # This program is free software: you can redistribute it and/or modify # | |
7 | # it under the terms of the GNU General Public License as published by # | |
8 | # the Free Software Foundation, either version 3 of the License, or # | |
9 | # (at your option) any later version. # | |
10 | # # | |
11 | # This program is distributed in the hope that it will be useful, # | |
12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
14 | # GNU General Public License for more details. # | |
15 | # # | |
16 | # You should have received a copy of the GNU General Public License # | |
17 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
18 | # # | |
19 | #############################################################################*/ | |
20 | ||
21 | #include <errno.h> | |
22 | #include <linux/limits.h> | |
bf5f9c24 MT |
23 | #include <stddef.h> |
24 | #include <sys/mount.h> | |
25 | #include <sys/stat.h> | |
f71c82d8 | 26 | #include <sys/sysmacros.h> |
bf5f9c24 MT |
27 | #include <sys/types.h> |
28 | ||
660120b6 | 29 | #include <pakfire/arch.h> |
bf5f9c24 MT |
30 | #include <pakfire/logging.h> |
31 | #include <pakfire/pakfire.h> | |
bc0b24a7 | 32 | #include <pakfire/parse.h> |
729827f7 | 33 | #include <pakfire/path.h> |
bf5f9c24 | 34 | #include <pakfire/mount.h> |
d973a13d | 35 | #include <pakfire/string.h> |
bf5f9c24 MT |
36 | #include <pakfire/util.h> |
37 | ||
38 | static const struct pakfire_mountpoint { | |
b2ccb363 | 39 | pakfire_mntns_t ns; |
bf5f9c24 MT |
40 | const char* source; |
41 | const char* target; | |
42 | const char* fstype; | |
43 | int flags; | |
44 | const char* options; | |
bf5f9c24 | 45 | } mountpoints[] = { |
9ab7dd21 | 46 | // Mount a new instance of /proc |
b2ccb363 MT |
47 | { |
48 | PAKFIRE_MNTNS_INNER|PAKFIRE_MNTNS_OUTER, | |
49 | "pakfire_proc", | |
50 | "proc", | |
51 | "proc", | |
52 | MS_NOSUID|MS_NOEXEC|MS_NODEV, | |
53 | NULL, | |
54 | }, | |
bf5f9c24 | 55 | |
0d9e0714 MT |
56 | /* |
57 | XXX it is kind of problematic to mount /proc twice as a process inside the | |
58 | jail can umount /proc and will then see the host's /proc. | |
59 | */ | |
60 | ||
9ab7dd21 | 61 | // Make /proc/sys read-only (except /proc/sys/net) |
b2ccb363 MT |
62 | { |
63 | PAKFIRE_MNTNS_INNER, | |
64 | "/proc/sys", | |
65 | "proc/sys", | |
66 | "bind", | |
67 | MS_BIND|MS_REC, | |
68 | NULL, | |
69 | }, | |
70 | { | |
71 | PAKFIRE_MNTNS_INNER, | |
72 | "/proc/sys/net", | |
73 | "proc/sys/net", | |
74 | "bind", | |
75 | MS_BIND|MS_REC, | |
76 | NULL, | |
77 | }, | |
78 | { | |
79 | PAKFIRE_MNTNS_INNER, | |
80 | "/proc/sys", | |
81 | "proc/sys", | |
82 | "bind", | |
83 | MS_BIND|MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_REMOUNT, | |
84 | NULL, | |
85 | }, | |
bf5f9c24 | 86 | |
9ab7dd21 | 87 | // Deny write access to /proc/sysrq-trigger (can be used to restart the host) |
b2ccb363 MT |
88 | { |
89 | PAKFIRE_MNTNS_INNER, | |
90 | "/proc/sysrq-trigger", | |
91 | "proc/sysrq-trigger", | |
92 | "bind", | |
93 | MS_BIND|MS_REC, | |
94 | NULL, | |
95 | }, | |
96 | { | |
97 | PAKFIRE_MNTNS_INNER, | |
98 | "/proc/sysrq-trigger", | |
99 | "proc/sysrq-trigger", | |
100 | "bind", | |
101 | MS_BIND|MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_REMOUNT, | |
102 | NULL, | |
103 | }, | |
9ab7dd21 MT |
104 | |
105 | // Make /proc/irq read-only | |
b2ccb363 MT |
106 | { |
107 | PAKFIRE_MNTNS_INNER, | |
108 | "/proc/irq", | |
109 | "proc/irq", | |
110 | "bind", | |
111 | MS_BIND|MS_REC, | |
112 | NULL, | |
113 | }, | |
114 | { | |
115 | PAKFIRE_MNTNS_INNER, | |
116 | "/proc/irq", | |
117 | "proc/irq", | |
118 | "bind", | |
119 | MS_BIND|MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_REMOUNT, | |
120 | NULL, | |
121 | }, | |
9ab7dd21 MT |
122 | |
123 | // Make /proc/bus read-only | |
b2ccb363 MT |
124 | { |
125 | PAKFIRE_MNTNS_INNER, | |
126 | "/proc/bus", | |
127 | "proc/bus", | |
128 | "bind", | |
129 | MS_BIND|MS_REC, | |
130 | NULL, | |
131 | }, | |
132 | { | |
133 | PAKFIRE_MNTNS_INNER, | |
134 | "/proc/bus", | |
135 | "proc/bus", | |
136 | "bind", | |
137 | MS_BIND|MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_REMOUNT, | |
138 | NULL, | |
139 | }, | |
9ab7dd21 MT |
140 | |
141 | // Bind-Mount /sys ready-only | |
b2ccb363 MT |
142 | { |
143 | PAKFIRE_MNTNS_OUTER, | |
144 | "/sys", | |
145 | "sys", | |
146 | "bind", | |
147 | MS_BIND|MS_REC, | |
148 | NULL, | |
149 | }, | |
150 | { | |
151 | PAKFIRE_MNTNS_OUTER, | |
152 | "/sys", | |
153 | "sys", | |
154 | "bind", | |
155 | MS_BIND|MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_REMOUNT, | |
156 | NULL, | |
157 | }, | |
bf5f9c24 MT |
158 | |
159 | // Create a new /dev | |
b2ccb363 MT |
160 | { |
161 | PAKFIRE_MNTNS_OUTER, | |
162 | "pakfire_dev", | |
163 | "dev", | |
164 | "tmpfs", | |
165 | MS_NOSUID|MS_NOEXEC, | |
166 | "mode=0755,size=4m,nr_inodes=64k", | |
167 | }, | |
168 | { | |
169 | PAKFIRE_MNTNS_OUTER, | |
170 | "pakfire_dev_pts", | |
171 | "dev/pts", | |
172 | "devpts", | |
173 | MS_NOSUID|MS_NOEXEC, | |
174 | "newinstance,ptmxmode=0666,mode=620", | |
175 | }, | |
cc752ada | 176 | |
99affb62 | 177 | // Create a new /dev/shm |
b2ccb363 MT |
178 | { |
179 | PAKFIRE_MNTNS_OUTER, | |
180 | "pakfire_dev_shm", | |
181 | "dev/shm", | |
182 | "tmpfs", | |
183 | MS_NOSUID|MS_NODEV|MS_STRICTATIME, | |
184 | "mode=1777,size=1024m", | |
185 | }, | |
99affb62 | 186 | |
cc752ada | 187 | // Mount /dev/mqueue |
b2ccb363 MT |
188 | { |
189 | PAKFIRE_MNTNS_INNER, | |
190 | "mqueue", | |
191 | "dev/mqueue", | |
192 | "mqueue", | |
193 | MS_NOSUID|MS_NOEXEC|MS_NODEV, | |
194 | NULL, | |
195 | }, | |
bf5f9c24 MT |
196 | |
197 | // Create a new /run | |
b2ccb363 MT |
198 | { |
199 | PAKFIRE_MNTNS_OUTER, | |
200 | "pakfire_run", | |
201 | "run", | |
202 | "tmpfs", | |
203 | MS_NOSUID|MS_NOEXEC|MS_NODEV, | |
204 | "mode=755,size=256m,nr_inodes=1k", | |
205 | }, | |
b1a6d98c MT |
206 | |
207 | // Create a new /tmp | |
b2ccb363 MT |
208 | { |
209 | PAKFIRE_MNTNS_OUTER, | |
210 | "pakfire_tmp", | |
211 | "tmp", | |
212 | "tmpfs", | |
213 | MS_NOSUID|MS_NODEV|MS_STRICTATIME, | |
214 | "mode=1777,size=4096m", | |
215 | }, | |
bf5f9c24 | 216 | |
bf5f9c24 | 217 | // The end |
b2ccb363 | 218 | {}, |
bf5f9c24 MT |
219 | }; |
220 | ||
f71c82d8 MT |
221 | static const struct pakfire_devnode { |
222 | const char* path; | |
223 | int major; | |
224 | int minor; | |
225 | mode_t mode; | |
282b732a | 226 | int flags; |
f71c82d8 | 227 | } devnodes[] = { |
282b732a MT |
228 | { "/dev/null", 1, 3, S_IFCHR|S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH, 0 }, |
229 | { "/dev/zero", 1, 5, S_IFCHR|S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH, 0 }, | |
230 | { "/dev/full", 1, 7, S_IFCHR|S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH, 0 }, | |
231 | { "/dev/random", 1, 8, S_IFCHR|S_IRUSR|S_IRGRP|S_IROTH, 0 }, | |
232 | { "/dev/urandom", 1, 9, S_IFCHR|S_IRUSR|S_IRGRP|S_IROTH, 0 }, | |
233 | { "/dev/kmsg", 1, 11, S_IFCHR|S_IRUSR|S_IRGRP|S_IROTH, 0 }, | |
234 | { "/dev/tty", 5, 0, S_IFCHR|S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH, 0 }, | |
235 | { "/dev/console", 5, 1, S_IFCHR|S_IRUSR|S_IWUSR, 0 }, | |
236 | { "/dev/rtc0", 252, 0, S_IFCHR|S_IRUSR|S_IWUSR, 0 }, | |
237 | ||
238 | // Loop Devices | |
239 | { "/dev/loop-control", 10, 237, S_IFCHR|S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP, PAKFIRE_MOUNT_LOOP_DEVICES }, | |
240 | { "/dev/loop0", 7, 0, S_IFCHR|S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP, PAKFIRE_MOUNT_LOOP_DEVICES }, | |
241 | { "/dev/loop1", 7, 1, S_IFCHR|S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP, PAKFIRE_MOUNT_LOOP_DEVICES }, | |
242 | { "/dev/loop2", 7, 2, S_IFCHR|S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP, PAKFIRE_MOUNT_LOOP_DEVICES }, | |
243 | { "/dev/loop3", 7, 3, S_IFCHR|S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP, PAKFIRE_MOUNT_LOOP_DEVICES }, | |
244 | { "/dev/loop4", 7, 4, S_IFCHR|S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP, PAKFIRE_MOUNT_LOOP_DEVICES }, | |
245 | { "/dev/loop5", 7, 5, S_IFCHR|S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP, PAKFIRE_MOUNT_LOOP_DEVICES }, | |
246 | { "/dev/loop6", 7, 6, S_IFCHR|S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP, PAKFIRE_MOUNT_LOOP_DEVICES }, | |
247 | { "/dev/loop7", 7, 7, S_IFCHR|S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP, PAKFIRE_MOUNT_LOOP_DEVICES }, | |
248 | ||
f71c82d8 MT |
249 | { NULL }, |
250 | }; | |
dc01afb6 | 251 | |
f71c82d8 MT |
252 | static const struct pakfire_symlink { |
253 | const char* target; | |
254 | const char* path; | |
255 | } symlinks[] = { | |
0675c514 | 256 | { "/dev/pts/ptmx", "/dev/ptmx", }, |
f71c82d8 MT |
257 | { "/proc/self/fd", "/dev/fd", }, |
258 | { "/proc/self/fd/0", "/dev/stdin" }, | |
259 | { "/proc/self/fd/1", "/dev/stdout" }, | |
260 | { "/proc/self/fd/2", "/dev/stderr" }, | |
261 | { "/proc/kcore", "/dev/core" }, | |
262 | { NULL }, | |
263 | }; | |
dc01afb6 | 264 | |
719e2e3e MT |
265 | int pakfire_mount_change_propagation(struct pakfire_ctx* ctx, const char* path, int propagation) { |
266 | CTX_DEBUG(ctx, "Changing mount propagation on %s\n", path); | |
9f558f7d MT |
267 | |
268 | int r = mount(NULL, path, NULL, propagation|MS_REC, NULL); | |
269 | if (r) | |
719e2e3e | 270 | CTX_ERROR(ctx, "Failed to change mount propagation on %s: %m\n", path); |
9f558f7d MT |
271 | |
272 | return r; | |
273 | } | |
274 | ||
14df7388 MT |
275 | static int pakfire_mount_is_mountpoint(struct pakfire* pakfire, const char* path) { |
276 | // XXX THIS STILL NEEDS TO BE IMPLEMENTED | |
277 | return 1; | |
278 | } | |
279 | ||
280 | int pakfire_mount_make_mounpoint(struct pakfire* pakfire, const char* path) { | |
281 | int r; | |
282 | ||
283 | // Check if path already is a mountpoint | |
284 | r = pakfire_mount_is_mountpoint(pakfire, path); | |
285 | switch (r) { | |
286 | // Already is a mountpoint | |
287 | case 0: | |
288 | return 0; | |
289 | ||
290 | // Is not a mountpoint | |
291 | case 1: | |
292 | break; | |
293 | ||
294 | default: | |
295 | ERROR(pakfire, "Could not determine whether %s is a mountpoint: %m\n", path); | |
296 | return r; | |
297 | } | |
298 | ||
299 | // Bind-mount to self | |
300 | r = mount(path, path, NULL, MS_BIND|MS_REC, NULL); | |
301 | if (r) { | |
302 | ERROR(pakfire, "Could not make %s a mountpoint: %m\n", path); | |
303 | return r; | |
304 | } | |
305 | ||
306 | return 0; | |
307 | } | |
308 | ||
163851bc | 309 | static int pakfire_mount(struct pakfire* pakfire, const char* source, const char* target, |
bf5f9c24 MT |
310 | const char* fstype, unsigned long mflags, const void* data) { |
311 | const char* options = (const char*)data; | |
bf5f9c24 MT |
312 | |
313 | // Check for some basic inputs | |
314 | if (!source || !target) { | |
315 | errno = EINVAL; | |
316 | return 1; | |
317 | } | |
318 | ||
7f970e6e | 319 | DEBUG(pakfire, "Mounting %s from %s (%s - %s)\n", target, source, fstype, options); |
bf5f9c24 | 320 | |
7f970e6e MT |
321 | // Perform mount() |
322 | int r = mount(source, target, fstype, mflags, data); | |
bf5f9c24 | 323 | if (r) { |
7f970e6e | 324 | ERROR(pakfire, "Could not mount %s: %m\n", target); |
bf5f9c24 MT |
325 | } |
326 | ||
bf5f9c24 MT |
327 | return r; |
328 | } | |
329 | ||
bc0b24a7 MT |
330 | static int __pakfire_mount_list(char* line, size_t length, void* data) { |
331 | struct pakfire_ctx* ctx = data; | |
bf5f9c24 | 332 | |
bc0b24a7 MT |
333 | // Send the line to the logger |
334 | CTX_DEBUG(ctx, " %.*s", (int)length, line); | |
335 | ||
336 | return 0; | |
337 | } | |
338 | ||
339 | int pakfire_mount_list(struct pakfire_ctx* ctx) { | |
340 | CTX_DEBUG(ctx, "Mountpoints:\n"); | |
341 | ||
342 | return pakfire_parse_file("/proc/self/mounts", __pakfire_mount_list, ctx); | |
f71c82d8 MT |
343 | } |
344 | ||
b2ccb363 | 345 | int pakfire_populate_dev(struct pakfire* pakfire, int flags) { |
f71c82d8 MT |
346 | char path[PATH_MAX]; |
347 | ||
348 | // Create device nodes | |
349 | for (const struct pakfire_devnode* devnode = devnodes; devnode->path; devnode++) { | |
350 | DEBUG(pakfire, "Creating device node %s\n", devnode->path); | |
351 | ||
282b732a MT |
352 | // Check if flags match |
353 | if (devnode->flags && !(flags & devnode->flags)) | |
354 | continue; | |
355 | ||
77e26129 MT |
356 | int r = pakfire_path(pakfire, path, "%s", devnode->path); |
357 | if (r) | |
358 | return r; | |
f71c82d8 MT |
359 | |
360 | dev_t dev = makedev(devnode->major, devnode->minor); | |
361 | ||
362 | r = mknod(path, devnode->mode, dev); | |
8f1003a3 MT |
363 | |
364 | // Continue if mknod was successful | |
365 | if (r == 0) | |
366 | continue; | |
367 | ||
368 | // If we could not create the device node because of permission issues, | |
369 | // it might be likely that we are running in a user namespace where creating | |
370 | // device nodes is not permitted. Try bind-mounting them. | |
371 | if (errno == EPERM) | |
372 | goto MOUNT; | |
373 | ||
374 | // Otherwise log an error and end | |
375 | ERROR(pakfire, "Could not create %s: %m\n", devnode->path); | |
376 | return r; | |
377 | ||
378 | MOUNT: | |
379 | // Create an empty file | |
380 | r = pakfire_touch(path, 0444); | |
f71c82d8 | 381 | if (r) { |
8f1003a3 | 382 | ERROR(pakfire, "Could not create %s: %m\n", path); |
f71c82d8 MT |
383 | return r; |
384 | } | |
8f1003a3 MT |
385 | |
386 | // Create a bind-mount over the file | |
64e3b4ff | 387 | r = pakfire_mount(pakfire, devnode->path, path, "bind", MS_BIND, NULL); |
8f1003a3 MT |
388 | if (r) |
389 | return r; | |
f71c82d8 MT |
390 | } |
391 | ||
392 | // Create symlinks | |
393 | for (const struct pakfire_symlink* s = symlinks; s->target; s++) { | |
394 | DEBUG(pakfire, "Creating symlink %s -> %s\n", s->path, s->target); | |
395 | ||
77e26129 MT |
396 | int r = pakfire_path(pakfire, path, "%s", s->path); |
397 | if (r) | |
398 | return r; | |
f71c82d8 MT |
399 | |
400 | r = symlink(s->target, path); | |
401 | if (r) { | |
402 | ERROR(pakfire, "Could not create symlink %s: %m\n", s->path); | |
403 | return r; | |
404 | } | |
405 | } | |
406 | ||
407 | return 0; | |
bf5f9c24 MT |
408 | } |
409 | ||
b2ccb363 | 410 | int pakfire_mount_interpreter(struct pakfire* pakfire) { |
660120b6 MT |
411 | char target[PATH_MAX]; |
412 | ||
413 | // Fetch the target architecture | |
652f2a99 | 414 | const char* arch = pakfire_get_effective_arch(pakfire); |
660120b6 MT |
415 | |
416 | // Can we emulate this architecture? | |
417 | char* interpreter = pakfire_arch_find_interpreter(arch); | |
418 | ||
419 | // No interpreter required | |
420 | if (!interpreter) | |
421 | return 0; | |
422 | ||
423 | DEBUG(pakfire, "Mounting interpreter %s for %s\n", interpreter, arch); | |
424 | ||
425 | // Where to mount this? | |
77e26129 MT |
426 | int r = pakfire_path(pakfire, target, "%s", interpreter); |
427 | if (r) | |
660120b6 MT |
428 | return r; |
429 | ||
430 | // Create directory | |
520ce66c | 431 | r = pakfire_mkparentdir(target, 0755); |
660120b6 MT |
432 | if (r) |
433 | return r; | |
434 | ||
435 | // Create an empty file | |
436 | FILE* f = fopen(target, "w"); | |
437 | if (!f) | |
438 | return 1; | |
439 | fclose(f); | |
440 | ||
441 | r = pakfire_mount(pakfire, interpreter, target, NULL, MS_BIND|MS_RDONLY, NULL); | |
442 | if (r) | |
443 | ERROR(pakfire, "Could not mount interpreter %s to %s: %m\n", interpreter, target); | |
444 | ||
445 | return r; | |
446 | } | |
447 | ||
b2ccb363 | 448 | int pakfire_mount_all(struct pakfire* pakfire, pakfire_mntns_t ns, int flags) { |
bf5f9c24 | 449 | char target[PATH_MAX]; |
bf5f9c24 MT |
450 | int r; |
451 | ||
b2ccb363 MT |
452 | const char* root = "/"; |
453 | ||
bf5f9c24 | 454 | // Fetch Pakfire's root directory |
b2ccb363 MT |
455 | if (ns == PAKFIRE_MNTNS_OUTER) |
456 | root = pakfire_get_path(pakfire); | |
bf5f9c24 | 457 | |
bf5f9c24 | 458 | for (const struct pakfire_mountpoint* mp = mountpoints; mp->source; mp++) { |
b2ccb363 MT |
459 | if (!(mp->ns & ns)) |
460 | continue; | |
461 | ||
bf5f9c24 | 462 | // Figure out where to mount |
819232d6 | 463 | r = pakfire_path_append(target, root, mp->target); |
56796f84 | 464 | if (r) |
bf5f9c24 MT |
465 | return r; |
466 | ||
a685a503 MT |
467 | // Create target if it doesn't exist |
468 | if (!pakfire_path_exists(target)) { | |
469 | r = pakfire_mkdir(target, 0755); | |
470 | if (r) { | |
471 | ERROR(pakfire, "Could not create %s: %m\n", target); | |
472 | return r; | |
473 | } | |
474 | } | |
bf5f9c24 | 475 | |
bf5f9c24 | 476 | // Perform mount() |
f71c82d8 | 477 | r = pakfire_mount(pakfire, mp->source, target, mp->fstype, mp->flags, mp->options); |
a685a503 | 478 | if (r) |
bf5f9c24 | 479 | return r; |
bf5f9c24 MT |
480 | } |
481 | ||
bf5f9c24 MT |
482 | return 0; |
483 | } | |
484 | ||
06d741c6 MT |
485 | int pakfire_make_ramdisk(struct pakfire* pakfire, char* path, const char* args) { |
486 | int r; | |
487 | ||
488 | // Create a new temporary directory | |
489 | char* p = pakfire_mkdtemp(path); | |
490 | if (!p) | |
491 | return -errno; | |
492 | ||
493 | // Mount the ramdisk | |
494 | r = pakfire_mount(pakfire, "pakfire_ramdisk", p, "tmpfs", 0, args); | |
495 | if (r) { | |
496 | ERROR_ERRNO(pakfire, r, "Could not mount ramdisk at %s (%s): %m\n", p, args); | |
497 | return r; | |
498 | } | |
499 | ||
500 | DEBUG(pakfire, "Ramdisk mounted at %s (%s)\n", p, args); | |
501 | ||
502 | return 0; | |
503 | } | |
504 | ||
061223f7 | 505 | int pakfire_bind(struct pakfire* pakfire, const char* src, const char* dst, int flags) { |
163851bc MT |
506 | struct stat st; |
507 | char mountpoint[PATH_MAX]; | |
508 | ||
509 | if (!dst) | |
510 | dst = src; | |
511 | ||
77e26129 MT |
512 | int r = pakfire_path(pakfire, mountpoint, "%s", dst); |
513 | if (r) | |
514 | return r; | |
163851bc MT |
515 | |
516 | DEBUG(pakfire, "Bind-mounting %s to %s\n", src, mountpoint); | |
517 | ||
518 | r = stat(src, &st); | |
519 | if (r < 0) { | |
520 | ERROR(pakfire, "Could not stat %s: %m\n", src); | |
521 | return 1; | |
522 | } | |
523 | ||
524 | // Make sure the mountpoint exists | |
525 | switch (st.st_mode & S_IFMT) { | |
526 | case S_IFDIR: | |
520ce66c | 527 | r = pakfire_mkdir(mountpoint, st.st_mode); |
163851bc MT |
528 | if (r && errno != EEXIST) |
529 | return r; | |
530 | break; | |
531 | ||
532 | case S_IFREG: | |
533 | case S_IFLNK: | |
534 | // Make parent directory | |
520ce66c | 535 | r = pakfire_mkparentdir(mountpoint, 0755); |
163851bc MT |
536 | if (r) |
537 | return r; | |
538 | ||
539 | // Create a file | |
540 | FILE* f = fopen(mountpoint, "w"); | |
541 | if (!f) | |
542 | return 1; | |
543 | fclose(f); | |
544 | break; | |
545 | ||
546 | default: | |
547 | errno = ENOTSUP; | |
548 | return 1; | |
549 | } | |
550 | ||
976fbbc8 MT |
551 | // The Linux kernel seems to be quite funny when trying to bind-mount something |
552 | // as read-only and requires us to mount the source first, and then remount it | |
553 | // again using MS_RDONLY. | |
554 | if (flags & MS_RDONLY) { | |
b16b8753 | 555 | r = pakfire_mount(pakfire, src, mountpoint, "bind", MS_BIND|MS_REC, NULL); |
976fbbc8 MT |
556 | if (r) |
557 | return r; | |
558 | ||
559 | // Add the remount flag | |
560 | flags |= MS_REMOUNT; | |
561 | } | |
562 | ||
163851bc | 563 | // Perform mount |
b16b8753 | 564 | return pakfire_mount(pakfire, src, mountpoint, "bind", flags|MS_BIND|MS_REC, NULL); |
163851bc | 565 | } |