From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Fri, 20 Dec 2024 14:10:31 +0000 (+0100)
Subject: Don't spawn a shell in sandbox if no command is provided
X-Git-Tag: v25~99
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9bc33adc7fc41f4e9383ae8da08b1c6e82158d5e;p=thirdparty%2Fmkosi.git

Don't spawn a shell in sandbox if no command is provided

We need https://github.com/systemd/systemd/issues/35000 to make this
not confusing. Currently there's zero feedback that a user is in a sandbox
shell.
---

diff --git a/mkosi/__init__.py b/mkosi/__init__.py
index 6ca7c30f3..be5e7e851 100644
--- a/mkosi/__init__.py
+++ b/mkosi/__init__.py
@@ -3749,7 +3749,9 @@ def build_image(context: Context) -> None:
 
 
 def run_sandbox(args: Args, config: Config) -> None:
-    cmdline = args.cmdline or [os.getenv("SHELL", "bash")]
+    if not args.cmdline:
+        die("Please specify a command to execute in the sandbox")
+
     mounts = finalize_crypto_mounts(config, relaxed=True)
 
     # Since we reuse almost every top level directory from the host except /usr, the crypto mountpoints
@@ -3764,7 +3766,7 @@ def run_sandbox(args: Args, config: Config) -> None:
             )
 
     run(
-        cmdline,
+        args.cmdline,
         stdin=sys.stdin,
         stdout=sys.stdout,
         env=os.environ | {"MKOSI_IN_SANDBOX": "1"},