#include <stddef.h>
#include <sys/mount.h>
#include <sys/stat.h>
+#include <sys/sysmacros.h>
#include <sys/types.h>
// libmount
const char* fstype;
int flags;
const char* options;
- enum pakfire_mount_flags mount_flags;
} mountpoints[] = {
- // The root filesystem is a tmpfs
- { "pakfire_root", "", "tmpfs", 0, NULL, 0 },
-
- { "pakfire_proc", "proc", "proc", MS_NOSUID|MS_NOEXEC|MS_NODEV, NULL,
- MOUNT_IN_NEW_NS },
+ { "pakfire_proc", "proc", "proc", MS_NOSUID|MS_NOEXEC|MS_NODEV, NULL, },
// Bind mount /proc/sys as read-only with the following exceptions:
// * /proc/sys/net
- { "/proc/sys", "proc/sys", "bind", MS_BIND, NULL,
- MOUNT_IN_NEW_NS },
- { "/proc/sys/net", "proc/sys/net", "bind", MS_BIND, NULL,
- MOUNT_IN_NEW_NS },
- { "/proc/sys", "proc/sys", "bind", MS_BIND|MS_RDONLY|MS_REMOUNT, NULL,
- MOUNT_IN_NEW_NS },
+ { "/proc/sys", "proc/sys", "bind", MS_BIND, NULL, },
+ { "/proc/sys/net", "proc/sys/net", "bind", MS_BIND, NULL, },
+ { "/proc/sys", "proc/sys", "bind", MS_BIND|MS_RDONLY|MS_REMOUNT, NULL, },
// Bind mount /sys as read-only
- { "/sys", "sys", "bind", MS_BIND, NULL, 0 },
- { "/sys", "sys", "bind", MS_BIND|MS_RDONLY|MS_REMOUNT, NULL, 0 },
+ { "/sys", "sys", "bind", MS_BIND, NULL, },
+ { "/sys", "sys", "bind", MS_BIND|MS_RDONLY|MS_REMOUNT, NULL, },
// Create a new /dev
{ "pakfire_dev", "dev", "tmpfs", MS_NOSUID|MS_NOEXEC,
- "mode=755,size=4m,nr_inodes=64k", 0 },
- { "/dev/pts", "dev/pts", "bind", MS_BIND, NULL, 0 },
+ "mode=755,size=4m,nr_inodes=64k", },
+ { "/dev/pts", "dev/pts", "bind", MS_BIND, NULL, },
// Create a new /run
{ "pakfire_tmpfs", "run", "tmpfs", MS_NOSUID|MS_NOEXEC|MS_NODEV,
- "mode=755,size=4m,nr_inodes=1k", 0 },
+ "mode=755,size=4m,nr_inodes=1k", },
// Create a new /tmp
- { "pakfire_tmpfs", "tmp", "tmpfs", MS_NOSUID|MS_NODEV,
- "mode=755", 0 },
+ { "pakfire_tmpfs", "tmp", "tmpfs", MS_NOSUID|MS_NODEV, "mode=755", },
// The end
{ NULL },
};
-int pakfire_disable_mount_propagation(struct pakfire* pakfire, const char* path) {
- DEBUG(pakfire, "Disabling mount propagation on %s\n", path);
-
- int r = mount(NULL, path, NULL, MS_REC|MS_PRIVATE, NULL);
- if (r)
- ERROR(pakfire, "Failed to set mount propagation on %s to private: %m", path);
+static const struct pakfire_devnode {
+ const char* path;
+ int major;
+ int minor;
+ mode_t mode;
+} devnodes[] = {
+ { "/dev/null", 1, 3, S_IFCHR|S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH, },
+ { "/dev/zero", 1, 5, S_IFCHR|S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH, },
+ { "/dev/full", 1, 7, S_IFCHR|S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH, },
+ { "/dev/random", 1, 8, S_IFCHR|S_IRUSR|S_IRGRP|S_IROTH, },
+ { "/dev/urandom", 1, 9, S_IFCHR|S_IRUSR|S_IRGRP|S_IROTH, },
+ { "/dev/kmsg", 1, 11, S_IFCHR|S_IRUSR|S_IRGRP|S_IROTH, },
+ { "/dev/tty", 5, 0, S_IFCHR|S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH, },
+ { "/dev/console", 5, 1, S_IFCHR|S_IRUSR|S_IWUSR, },
+ { "/dev/ptmx", 5, 2, S_IFCHR|S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH, },
+ { "/dev/rtc0", 252, 0, S_IFCHR|S_IRUSR|S_IWUSR, },
+ { NULL },
+};
- return r;
-}
+static const struct pakfire_symlink {
+ const char* target;
+ const char* path;
+} symlinks[] = {
+ { "/proc/self/fd", "/dev/fd", },
+ { "/proc/self/fd/0", "/dev/stdin" },
+ { "/proc/self/fd/1", "/dev/stdout" },
+ { "/proc/self/fd/2", "/dev/stderr" },
+ { "/proc/kcore", "/dev/core" },
+ { NULL },
+};
/*
Easy way to iterate through all mountpoints
*/
static int pakfire_mount_foreach(struct pakfire* pakfire, int direction,
int (*callback)(struct pakfire* pakfire, struct libmnt_fs* fs, const void* data),
- const char* option, const void* data) {
+ const void* data) {
const char* root = pakfire_get_path(pakfire);
int r = 1;
if (!pakfire_string_startswith(target, root))
continue;
- // Filter by option
- if (option) {
- if (!mnt_fs_match_options(fs, option))
- continue;
- }
-
// Call the callback for each relevant mountpoint
r = callback(pakfire, fs, data);
if (r)
int pakfire_is_mountpoint(struct pakfire* pakfire, const char* path) {
return pakfire_mount_foreach(pakfire, MNT_ITER_FORWARD,
- __pakfire_is_mountpoint, NULL, path);
+ __pakfire_is_mountpoint, path);
}
int pakfire_mount(struct pakfire* pakfire, const char* source, const char* target,
DEBUG(pakfire, "Mountpoints:\n");
return pakfire_mount_foreach(pakfire, MNT_ITER_FORWARD,
- __pakfire_mount_print, NULL, NULL);
+ __pakfire_mount_print, NULL);
+}
+
+static int pakfire_populate_dev(struct pakfire* pakfire) {
+ char path[PATH_MAX];
+
+ // Create device nodes
+ for (const struct pakfire_devnode* devnode = devnodes; devnode->path; devnode++) {
+ DEBUG(pakfire, "Creating device node %s\n", devnode->path);
+
+ int r = pakfire_make_path(pakfire, path, devnode->path);
+ if (r < 0)
+ return 1;
+
+ dev_t dev = makedev(devnode->major, devnode->minor);
+
+ r = mknod(path, devnode->mode, dev);
+ if (r) {
+ ERROR(pakfire, "Could not create %s: %m\n", devnode->path);
+ return r;
+ }
+ }
+
+ // Create symlinks
+ for (const struct pakfire_symlink* s = symlinks; s->target; s++) {
+ DEBUG(pakfire, "Creating symlink %s -> %s\n", s->path, s->target);
+
+ int r = pakfire_make_path(pakfire, path, s->path);
+ if (r < 0)
+ return 1;
+
+ r = symlink(s->target, path);
+ if (r) {
+ ERROR(pakfire, "Could not create symlink %s: %m\n", s->path);
+ return r;
+ }
+ }
+
+ return 0;
}
-int pakfire_mount_all(struct pakfire* pakfire, const enum pakfire_mount_flags mount_flags) {
+int pakfire_mount_all(struct pakfire* pakfire) {
char target[PATH_MAX];
char options[PATH_MAX];
int r;
// Fetch Pakfire's root directory
const char* root = pakfire_get_path(pakfire);
- // Are we being called from a new namespace?
- const unsigned int in_new_ns = (mount_flags & MOUNT_IN_NEW_NS);
-
for (const struct pakfire_mountpoint* mp = mountpoints; mp->source; mp++) {
- if (!in_new_ns && (mp->mount_flags & MOUNT_IN_NEW_NS))
- continue;
-
- if (in_new_ns && !(mp->mount_flags & MOUNT_IN_NEW_NS))
- continue;
-
// Figure out where to mount
r = pakfire_path_join(target, root, mp->target);
if (r < 0)
return r;
- // Append namespace mount option
- if (in_new_ns) {
- if (mp->options)
- pakfire_string_format(options, "%s,%s",
- mp->options, PAKFIRE_MOUNT_OPT_NAMESPACED);
- else
- pakfire_string_set(options, PAKFIRE_MOUNT_OPT_NAMESPACED);
- } else {
- if (mp->options)
- pakfire_string_set(options, mp->options);
- else
- pakfire_string_set(options, "");
- }
-
// Create target
pakfire_mkdir(target, 0);
RETRY:
// Perform mount()
- r = pakfire_mount(pakfire, mp->source, target, mp->fstype, mp->flags, options);
+ r = pakfire_mount(pakfire, mp->source, target, mp->fstype, mp->flags, mp->options);
if (r) {
// If the target directory does not exist, we will create it
if (errno == ENOENT) {
}
}
+ // Populate /dev
+ r = pakfire_populate_dev(pakfire);
+ if (r)
+ return r;
+
return 0;
}
/*
umounts everything that hasn't been umounted, yet
*/
-int pakfire_umount_all(struct pakfire* pakfire, const char* option) {
+int pakfire_umount_all(struct pakfire* pakfire) {
return pakfire_mount_foreach(pakfire, MNT_ITER_BACKWARD,
- __pakfire_umount, option, NULL);
+ __pakfire_umount, NULL);
}
#include <sys/file.h>
#include <sys/mount.h>
#include <sys/stat.h>
-#include <sys/sysmacros.h>
#include <sys/types.h>
#include <syslog.h>
#include <unistd.h>
return (strcmp(pakfire->path, "/") == 0);
}
-static const struct pakfire_devnode {
- const char* path;
- int major;
- int minor;
- mode_t mode;
-} devnodes[] = {
- { "/dev/null", 1, 3, S_IFCHR|S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH, },
- { "/dev/zero", 1, 5, S_IFCHR|S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH, },
- { "/dev/full", 1, 7, S_IFCHR|S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH, },
- { "/dev/random", 1, 8, S_IFCHR|S_IRUSR|S_IRGRP|S_IROTH, },
- { "/dev/urandom", 1, 9, S_IFCHR|S_IRUSR|S_IRGRP|S_IROTH, },
- { "/dev/kmsg", 1, 11, S_IFCHR|S_IRUSR|S_IRGRP|S_IROTH, },
- { "/dev/tty", 5, 0, S_IFCHR|S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH, },
- { "/dev/console", 5, 1, S_IFCHR|S_IRUSR|S_IWUSR, },
- { "/dev/ptmx", 5, 2, S_IFCHR|S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH, },
- { "/dev/rtc0", 252, 0, S_IFCHR|S_IRUSR|S_IWUSR, },
- { NULL },
-};
-
-static const struct pakfire_symlink {
- const char* target;
- const char* path;
-} symlinks[] = {
- { "/proc/self/fd", "/dev/fd", },
- { "/proc/self/fd/0", "/dev/stdin" },
- { "/proc/self/fd/1", "/dev/stdout" },
- { "/proc/self/fd/2", "/dev/stderr" },
- { "/proc/kcore", "/dev/core" },
- { NULL },
-};
-
-static int pakfire_populate_dev(struct pakfire* pakfire) {
- char path[PATH_MAX];
-
- // Create device nodes
- for (const struct pakfire_devnode* devnode = devnodes; devnode->path; devnode++) {
- DEBUG(pakfire, "Creating device node %s\n", devnode->path);
-
- int r = pakfire_make_path(pakfire, path, devnode->path);
- if (r < 0)
- return 1;
-
- dev_t dev = makedev(devnode->major, devnode->minor);
-
- r = mknod(path, devnode->mode, dev);
- if (r) {
- ERROR(pakfire, "Could not create %s: %m\n", devnode->path);
- return r;
- }
- }
-
- // Create symlinks
- for (const struct pakfire_symlink* s = symlinks; s->target; s++) {
- DEBUG(pakfire, "Creating symlink %s -> %s\n", s->path, s->target);
-
- int r = pakfire_make_path(pakfire, path, s->path);
- if (r < 0)
- return 1;
-
- r = symlink(s->target, path);
- if (r) {
- ERROR(pakfire, "Could not create symlink %s: %m\n", s->path);
- return r;
- }
- }
-
- return 0;
-}
-
static int log_priority(const char* priority) {
char* end;
// Release lock (if not already done so)
pakfire_release_lock(pakfire);
- // umount everything
- pakfire_umount_all(pakfire, 0);
-
if (pakfire->destroy_on_free && *pakfire->path) {
DEBUG(pakfire, "Destroying %s\n", pakfire->path);
goto ERROR;
}
- // Mount filesystems
- r = pakfire_mount_all(p, 0);
- if (r)
- goto ERROR;
-
- // Populate /dev
- r = pakfire_populate_dev(p);
- if (r)
- goto ERROR;
-
// Mount the interpreter (if needed)
r = pakfire_mount_interpreter(p);
if (r)
projects / pakfire.git / commitdiff
