From: Michael Tremer <michael.tremer@ipfire.org>
Date: Sat, 12 Oct 2024 13:22:50 +0000 (+0000)
Subject: jail: Make the entire jail private
X-Git-Tag: 0.9.30~1087
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=25158fbeb01599b239cf87457c310fd2cf45ff23;p=pakfire.git

jail: Make the entire jail private

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/src/libpakfire/include/pakfire/jail.h b/src/libpakfire/include/pakfire/jail.h
index 084f434de..0ec24f666 100644
--- a/src/libpakfire/include/pakfire/jail.h
+++ b/src/libpakfire/include/pakfire/jail.h
@@ -21,7 +21,11 @@
 #ifndef PAKFIRE_JAIL_H
 #define PAKFIRE_JAIL_H
 
+#ifdef PAKFIRE_PRIVATE
+
+#include <pakfire/cgroup.h>
 #include <pakfire/pakfire.h>
+#include <pakfire/pty.h>
 
 struct pakfire_jail;
 
@@ -66,11 +70,6 @@ enum pakfire_jail_exec_flags {
 
 int pakfire_jail_exec(struct pakfire_jail* jail, const char* argv[], int flags, char** output);
 
-#ifdef PAKFIRE_PRIVATE
-
-#include <pakfire/cgroup.h>
-#include <pakfire/pty.h>
-
 // Resource limits
 int pakfire_jail_set_cgroup(struct pakfire_jail* jail, struct pakfire_cgroup* cgroup);
 
@@ -94,5 +93,4 @@ int pakfire_jail_ldconfig(struct pakfire* pakfire);
 int pakfire_jail_run_systemd_tmpfiles(struct pakfire* pakfire);
 
 #endif /* PAKFIRE_PRIVATE */
-
 #endif /* PAKFIRE_JAIL_H */
diff --git a/src/libpakfire/jail.c b/src/libpakfire/jail.c
index 3e12cf6e8..017dc6eb9 100644
--- a/src/libpakfire/jail.c
+++ b/src/libpakfire/jail.c
@@ -55,7 +55,6 @@
 #include <pakfire/mount.h>
 #include <pakfire/pakfire.h>
 #include <pakfire/path.h>
-#include <pakfire/private.h>
 #include <pakfire/pty.h>
 #include <pakfire/pwd.h>
 #include <pakfire/string.h>
@@ -205,7 +204,7 @@ static int pakfire_jail_setup_interactive_env(struct pakfire_jail* jail) {
 	return 0;
 }
 
-PAKFIRE_EXPORT int pakfire_jail_create(struct pakfire_jail** jail, struct pakfire* pakfire) {
+int pakfire_jail_create(struct pakfire_jail** jail, struct pakfire* pakfire) {
 	int r;
 
 	const char* arch = pakfire_get_effective_arch(pakfire);
@@ -265,13 +264,13 @@ ERROR:
 	return r;
 }
 
-PAKFIRE_EXPORT struct pakfire_jail* pakfire_jail_ref(struct pakfire_jail* jail) {
+struct pakfire_jail* pakfire_jail_ref(struct pakfire_jail* jail) {
 	++jail->nrefs;
 
 	return jail;
 }
 
-PAKFIRE_EXPORT struct pakfire_jail* pakfire_jail_unref(struct pakfire_jail* jail) {
+struct pakfire_jail* pakfire_jail_unref(struct pakfire_jail* jail) {
 	if (--jail->nrefs > 0)
 		return jail;
 
@@ -281,7 +280,7 @@ PAKFIRE_EXPORT struct pakfire_jail* pakfire_jail_unref(struct pakfire_jail* jail
 
 // Resource Limits
 
-PAKFIRE_EXPORT int pakfire_jail_nice(struct pakfire_jail* jail, int nice) {
+int pakfire_jail_nice(struct pakfire_jail* jail, int nice) {
 	// Check if nice level is in range
 	if (nice < -19 || nice > 20) {
 		errno = EINVAL;
@@ -346,7 +345,7 @@ static int pakfire_jail_find_env(struct pakfire_jail* jail, const char* key) {
 }
 
 // Returns the value of an environment variable or NULL
-PAKFIRE_EXPORT const char* pakfire_jail_get_env(struct pakfire_jail* jail,
+const char* pakfire_jail_get_env(struct pakfire_jail* jail,
 		const char* key) {
 	int i = pakfire_jail_find_env(jail, key);
 	if (i < 0)
@@ -356,7 +355,7 @@ PAKFIRE_EXPORT const char* pakfire_jail_get_env(struct pakfire_jail* jail,
 }
 
 // Sets an environment variable
-PAKFIRE_EXPORT int pakfire_jail_set_env(struct pakfire_jail* jail,
+int pakfire_jail_set_env(struct pakfire_jail* jail,
 		const char* key, const char* value) {
 	// Find the index where to write this value to
 	int i = pakfire_jail_find_env(jail, key);
@@ -382,7 +381,7 @@ PAKFIRE_EXPORT int pakfire_jail_set_env(struct pakfire_jail* jail,
 }
 
 // Imports an environment
-PAKFIRE_EXPORT int pakfire_jail_import_env(struct pakfire_jail* jail, const char* env[]) {
+int pakfire_jail_import_env(struct pakfire_jail* jail, const char* env[]) {
 	if (!env)
 		return 0;
 
@@ -414,7 +413,7 @@ PAKFIRE_EXPORT int pakfire_jail_import_env(struct pakfire_jail* jail, const char
 
 // Timeout
 
-PAKFIRE_EXPORT int pakfire_jail_set_timeout(
+int pakfire_jail_set_timeout(
 		struct pakfire_jail* jail, unsigned int timeout) {
 	// Store value
 	jail->timeout = timeout;
@@ -686,7 +685,7 @@ ERROR:
 
 // Mountpoints
 
-PAKFIRE_EXPORT int pakfire_jail_bind(struct pakfire_jail* jail,
+int pakfire_jail_bind(struct pakfire_jail* jail,
 		const char* source, const char* target, int flags) {
 	struct pakfire_jail_mountpoint* mp = NULL;
 	int r;
@@ -1562,7 +1561,7 @@ ERROR:
 	return ctx.exit;
 }
 
-PAKFIRE_EXPORT int pakfire_jail_exec(struct pakfire_jail* jail,
+int pakfire_jail_exec(struct pakfire_jail* jail,
 		const char* argv[], int flags, char** output) {
 	return __pakfire_jail_exec(jail, argv, flags, NULL, NULL, NULL, NULL, output);
 }
diff --git a/src/libpakfire/libpakfire.sym b/src/libpakfire/libpakfire.sym
index 11e364f97..a04722348 100644
--- a/src/libpakfire/libpakfire.sym
+++ b/src/libpakfire/libpakfire.sym
@@ -171,18 +171,6 @@ global:
 	pakfire_key_unref;
 	pakfire_key_verify;
 
-	# jail
-	pakfire_jail_bind;
-	pakfire_jail_create;
-	pakfire_jail_exec;
-	pakfire_jail_get_env;
-	pakfire_jail_import_env;
-	pakfire_jail_nice;
-	pakfire_jail_ref;
-	pakfire_jail_set_env;
-	pakfire_jail_set_timeout;
-	pakfire_jail_unref;
-
 	# log
 	pakfire_log_stderr;
 	pakfire_log_syslog;