From: Michael Tremer Date: Sun, 17 Jul 2022 18:09:29 +0000 (+0000) Subject: execute: Switch back to chroot() X-Git-Tag: 0.9.28~695 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c7b9ea4f1febdb8f56dfe775c5c2d26963d72ecc;p=pakfire.git execute: Switch back to chroot() pivot_root() seems to be very complicated to use and will require us to have the container run on a different file system. That is however not possible when Pakfire is running as an un-privileged user. Since pivot_root() does not seem to offer any advantages over chroot(), we switch back to chroot() which is easier to use. Signed-off-by: Michael Tremer --- diff --git a/src/libpakfire/execute.c b/src/libpakfire/execute.c index f4cde9465..1780b3436 100644 --- a/src/libpakfire/execute.c +++ b/src/libpakfire/execute.c @@ -84,10 +84,6 @@ static int clone3(struct clone_args* args, size_t size) { return syscall(__NR_clone3, args, size); } -static int pivot_root(const char* new_root, const char* put_old) { - return syscall(__NR_pivot_root, new_root, put_old); -} - static int pakfire_execute_buffer_is_full(const struct pakfire_execute_buffer* buffer) { return (sizeof(buffer->data) == buffer->used); } @@ -547,8 +543,6 @@ static int pakfire_execute_fork(void* data) { const char* root = pakfire_get_path(pakfire); const char* arch = pakfire_get_arch(pakfire); - char oldroot[PATH_MAX]; - DEBUG(pakfire, "Execution environment has been forked as PID %d\n", getpid()); DEBUG(pakfire, " root : %s\n", root); DEBUG(pakfire, " cgroup : %s\n", env->cgroup); @@ -561,11 +555,6 @@ static int pakfire_execute_fork(void* data) { // Change root (unless root is /) if (strcmp(root, "/") != 0) { - // Disable mount propagation on / - r = pakfire_disable_mount_propagation(pakfire, "/"); - if (r) - return r; - // Mount everything r = pakfire_mount_all(pakfire, MOUNT_IN_NEW_NS); if (r) @@ -574,23 +563,10 @@ static int pakfire_execute_fork(void* data) { // Log all mountpoints pakfire_mount_list(pakfire); - // Move the old root to here - r = pakfire_string_format(oldroot, "%s/.oldroot.XXXXXX", root); - if (r < 0) { - ERROR(pakfire, "Could not figure out where the old root directory is going: %m\n"); - return r; - } - - // Create temporary directory - if (!pakfire_mkdtemp(oldroot)) { - ERROR(pakfire, "Could not create temporary directory: %m\n"); - return r; - } - - // Call pivot_root() - r = pivot_root(root, oldroot); + // Call chroot() + r = chroot(root); if (r) { - ERROR(pakfire, "pivot_root() to %s failed: %m\n", root); + ERROR(pakfire, "chroot() to %s failed: %m\n", root); return 1; } @@ -600,22 +576,6 @@ static int pakfire_execute_fork(void* data) { ERROR(pakfire, "chdir() after chroot() failed: %m\n"); return 1; } - - const char* __oldroot = oldroot + strlen(root); - - // Umount the old root directory - r = umount2(__oldroot, MNT_DETACH); - if (r) { - ERROR(pakfire, "Could not umount old root directory: %m\n"); - return r; - } - - // Remove the old root directory - r = rmdir(__oldroot); - if (r) { - ERROR(pakfire, "Could not remove the old root directory: %m\n"); - return r; - } } // Set personality diff --git a/src/libpakfire/include/pakfire/mount.h b/src/libpakfire/include/pakfire/mount.h index 6f1b9a056..fba1ae735 100644 --- a/src/libpakfire/include/pakfire/mount.h +++ b/src/libpakfire/include/pakfire/mount.h @@ -30,8 +30,6 @@ enum pakfire_mount_flags { MOUNT_IN_NEW_NS = (1 << 0), }; -int pakfire_disable_mount_propagation(struct pakfire* pakfire, const char* path); - int pakfire_mount_list(struct pakfire* pakfire); int pakfire_mount(struct pakfire* pakfire, const char* source, const char* target,