[Buildd-tools-devel] Bug#427047: schroot: Proposal for global custom mount points specification (different from 395062)
Peter Rabbitson
rabbit at rabbit.us
Fri Jun 1 13:17:58 UTC 2007
Package: schroot
Version: 1.1.4-1
Severity: wishlist
Tags: patch
Hi,
I have a similar situation to what Kees Cook described in bug #395062.
However in my case I needed to modify some of the default mounts, specifically
removing /dev/pts and making /dev an --rbind to the system /dev so I can enjoy
the functionality of udev from within the chroot. With the numerous package
updates last week, I got tired of fixing /etc/schroot/setup.d/10mount to my
liking, so this idea was born.
The proposal is very simple - I am adding support for an fstab-like file
/etc/scroot/schroot.fstab. The code is totally non-intrusive, and activates
only when the file is present. I think I have covered all the corner cases,
with corresponding non-cryptic error messages. Feel free to include this in
the distribution if you like the idea.
Cheers
Peter
P.S. I am not that good with shell scripting, a bashism might have slipped in
here or there
-------------- next part --------------
diff -ru /etc/schroot/setup.d.original/00check /etc/schroot/setup.d/00check
--- /etc/schroot/setup.d.original/00check 2007-05-29 01:14:02.000000000 +0200
+++ /etc/schroot/setup.d/00check 2007-06-01 14:41:24.000000000 +0200
@@ -16,6 +16,8 @@
# Foundation, Inc., 59 Temple Place, Suite 330, Boston,
# MA 02111-1307 USA
+FSTAB="/etc/schroot/schroot.fstab"
+
if [ $1 = "setup-start" ] || [ $1 = "setup-recover" ]; then
if [ "$AUTH_VERBOSITY" = "verbose" ]; then
@@ -80,4 +82,17 @@
exit 1
fi
+ # Check ownership and permissions of schroot.fstab
+ if [ -f "$FSTAB" ]; then
+
+ if [ `stat --printf '%u%g' "$FSTAB"` != "00" ] ; then
+ echo "$FSTAB must be owned by root"
+ exit 1
+ fi
+
+ if stat --printf '%A' "$FSTAB" | grep -v '^-.......--$' ; then
+ echo "$FSTAB can not have write/execute permissions for others"
+ exit 1
+ fi
+ fi
fi
diff -ru /etc/schroot/setup.d.original/10mount /etc/schroot/setup.d/10mount
--- /etc/schroot/setup.d.original/10mount 2007-05-29 01:14:02.000000000 +0200
+++ /etc/schroot/setup.d/10mount 2007-06-01 14:57:06.000000000 +0200
@@ -18,6 +18,8 @@
set -e
+FSTAB="/etc/schroot/schroot.fstab"
+
# Mount a filesystem
# $1: mount options
# $2: mount device
@@ -39,6 +41,41 @@
mount $VERBOSE $1 "$2" "$3"
}
+# Mount filesystems described in the local fstab file $FSTAB
+# The full file format specification is supported as described in fstab(5),
+# including UUID and LABEL device/partition specifications.
+#
+# The cat/echo/piping acrobatics is necessary to accomodate files without
+# trailing newlines
+do_mount_fstab()
+{
+ (cat $FSTAB; echo) |
+ (
+ LN=0
+ while read m_dev m_loc m_type m_opts m_trailing; do
+ LN=$(($LN+1))
+ if [ -z $m_dev ] || echo $m_dev | grep -q '^#'; then continue; fi
+
+ if [ -z $m_loc ] || [ -z $m_type ] ; then
+ echo "Malformed mount specification in $FSTAB line $LN"
+ exit 1
+ fi
+
+ if [ "$m_type" = "ignore" ] ; then continue; fi
+
+ m_args="-t $m_type"
+ if [ "x$m_opts" != "x" ]; then
+ m_args="$m_args -o $m_opts"
+ fi
+
+ m_dev=$(echo "$m_dev" | sed -e 's/^LABEL=/-L /')
+ m_dev=$(echo "$m_dev" | sed -e 's/^UUID=/-U /')
+
+ do_mount "$m_args" "$m_dev" "${CHROOT_PATH}/$m_loc"
+ done
+ )
+}
+
# Unmount all filesystem under specified location
# $1: mount base location
do_umount_all()
@@ -95,11 +132,22 @@
fi
if [ "$CHROOT_TYPE" != "plain" ]; then
- do_mount "-t proc" "proc" "${CHROOT_PATH}/proc"
- do_mount "-o rw,bind" "/dev/pts" "${CHROOT_PATH}/dev/pts"
- do_mount "-t tmpfs" "tmpfs" "${CHROOT_PATH}/dev/shm"
- do_mount "-o rw,bind" "/home" "${CHROOT_PATH}/home"
- do_mount "-o rw,bind" "/tmp" "${CHROOT_PATH}/tmp"
+ if [ -f "$FSTAB" ] ; then
+ if [ "$AUTH_VERBOSITY" = "verbose" ]; then
+ echo "Mounting locations found in $FSTAB:"
+ fi
+ do_mount_fstab
+
+ else
+ if [ "$AUTH_VERBOSITY" = "verbose" ]; then
+ echo "No local $FSTAB found, mounting defaults:"
+ fi
+ do_mount "-t proc" "proc" "${CHROOT_PATH}/proc"
+ do_mount "-o rw,bind" "/dev/pts" "${CHROOT_PATH}/dev/pts"
+ do_mount "-t tmpfs" "tmpfs" "${CHROOT_PATH}/dev/shm"
+ do_mount "-o rw,bind" "/home" "${CHROOT_PATH}/home"
+ do_mount "-o rw,bind" "/tmp" "${CHROOT_PATH}/tmp"
+ fi
fi
elif [ $1 = "setup-stop" ]; then
-------------- next part --------------
# This is the schroot mount definition file. Its syntax closely follows the
# one of your system fstab, as described in fstab(5), with these EXCEPTIONS:
#
# * Only the first four fields (fs_spec, fs_file, fs_vfstype and fs_mntopts)
# are significant. Any additional fields like fs_freq and fs_passno are
# ignored. A side effect of this is that trailing comments are allowed.
#
# * All mount points specified in the second field (fs_file) will be prefixed
# with the chroot directory. Thus all mount point paths must be specified as
# seen from within the chroot.
#
# The following are the default mounts every system is expected to have.
# Be extra careful when modifying them - it might prevent you from logging
# into your new shiny chroot.
proc /proc proc
/dev/pts /dev/pts none rw,bind
tmpfs /dev/shm tmpfs
/home /home none rw,bind
/tmp /tmp none rw,bind
More information about the Buildd-tools-devel
mailing list