Commit Graph

44 Commits

Author SHA1 Message Date
Juan RP
b9fb5e1cc8 xbps-uchroot: support read-only bind mounts, misc improvements.
- Added -B src:dest (like -b) but this makes bind mounts in
  read-only mode.

- Get rid of setfsuid(), it's unnecessary.

- Make sure chrootdir is not '/', use realpath().

- Always set SECBIT_NOROOT, see capabilities(7).

- Do not mount recursively, right now this only mounts
  /dev (ro), /dev/shm (rw), /sys (ro) and /proc (ro).
  Previously any mount below any specific mount were recursively
  mounted in chrootdir.
2020-04-14 20:01:44 +02:00
Juan RP
28154f488c xbps-uchroot: fix indentation 2020-02-13 09:06:29 +01:00
Juan RP
6ccee8fd5e xbps-uchroot: overlayfs fixes v2.
- Do not use nftw(3), this won't clean up the tree properly.
  Rather use scandir(3) with alphasort, like xbps-create(1).

- Don't drop privs in the parent to make sure that the
  temp overlayfs tree can be removed properly.

This fixes the issues while building go modules and others
with xbps-src.
2020-02-13 09:06:29 +01:00
Juan RP
71a594f681
Revert "xbps-uchroot: make sure to cleanup tempdir with overlayfs."
This reverts commit f6a6385b42.

Does not work as expected, and does not fix the real issue
which is still not understood.
2020-02-08 20:43:23 +01:00
Juan RP
3a0ca77264
xbps-uchroot: stop remounting / unnecessarily.
The remount is done to use nosuid, but we can get
rid of the remount just because of this specific
option that does not have too much value for our
general usage (xbps-src).
2020-02-06 08:50:12 +01:00
Juan RP
f6a6385b42
xbps-uchroot: make sure to cleanup tempdir with overlayfs.
Go modules seem to have too restrictive permissions on
its builddir, making xbps-uchroot(1) unable to remove
its directory tree due to insufficient permissions.

Run nftw() twice, the first run to set chmod 755, and
second run to remove the file.

Fixes `xbps-src -t` with any pkg that uses `build_style=go`.

This should avoid lots of temp dirs in the buildbot
builders while building go modules and others.
2020-02-04 13:17:26 +01:00
Doan Tran Cong Danh
36a7ddd4ae xbps-uchroot: document end of options argument
Signed-off-by: Doan Tran Cong Danh <congdanhqx@gmail.com>
2019-11-24 12:28:45 +01:00
Juan RP
8cea3e351b xbps-fetch(1): new utility that replaces 'xbps-uhelper fetch'.
xbps-install(1): document all libfetch env vars.

Signed-off-by: Juan RP <xtraeme@gmail.com>
2019-06-12 18:07:24 +02:00
Juan RP
9cda7ef72a xbps-digest(1): new utility that replaces "xbps-uhelper digest".
See the manual page:

XBPS-DIGEST(1)              General Commands Manual             XBPS-DIGEST(1)

NAME
     xbps-digest - XBPS utility to generate message digests

SYNOPSIS
     xbps-digest [OPTIONS] [FILE] [FILE+N]

DESCRIPTION
     The xbps-digest utility generates message digests for specified FILE or
     stdin if unset.

OPTIONS
     -m, --mode mode
         Sets the message digest mode. Supported: sha256.  If unset, defaults
         to sha256.

     -h, --help
         Show the help message.

     -V, --version
         Show the version information.

SEE ALSO
     xbps.d(5), xbps-checkvers(1), xbps-create(1), xbps-dgraph(1),
     xbps-fbulk(1), xbps-install(1), xbps-pkgdb(1), xbps-query(1),
     xbps-reconfigure(1), xbps-remove(1), xbps-rindex(1), xbps-uchroot(1),
     xbps-uunshare(1)

AUTHORS
     Juan Romero Pardines <xtraeme@gmail.com>

BUGS
     Probably, but I try to make this not happen. Use it under your own
     responsibility and enjoy your life.

     Report bugs at https://github.com/void-linux/xbps/issues

                                 June 12, 2019

Signed-off-by: Juan RP <xtraeme@gmail.com>
2019-06-12 16:15:18 +02:00
Foxlet
0f33859701 Fix namespace violation 2018-09-25 22:11:30 -04:00
Frank Steinborn
f366d6cb11 manpages: change URL for bug reporting to new GitHub repo 2018-09-23 17:51:07 +02:00
Enno Boland
f4060aff6c Revert "bin/xbps-uchroot: stop option parsing at the first nonoption argument"
This reverts commit 948ba8d7d1.
2018-04-16 14:00:29 +02:00
Juan RP
9c0d795810 Merge pull request #207 from Duncaen/relative
xbps-uchroot and xbps-uunshare usability improvements
2017-10-25 09:14:40 +02:00
Duncaen
948ba8d7d1 bin/xbps-uchroot: stop option parsing at the first nonoption argument 2016-09-25 22:26:38 +02:00
Duncaen
c5784e9cc3 bin/xbps-uchroot: allow relative chroot directory 2016-09-25 22:23:05 +02:00
Duncaen
414256292a bin/xbps-uchroot: mount / as private 2016-09-20 17:45:56 +02:00
Duncaen
bc5b38218a bin/xbps-uchroot: call clone only once if its successful 2016-09-20 17:39:13 +02:00
Andrea Brancaleoni
03d29f64b8 bin/xbps-uchroot: add docker support (#176) 2016-07-17 20:41:12 +02:00
Juan RP
5117ff84a2 xbps-uchroot: do not fail if the mount MS_MOVE operation fails.
This could happen if chrootdir is in a shared mount or when it's not
a real mountpoint. Just continue with chroot().
2016-04-30 17:34:32 +02:00
Bheesham Persaud
0a0cd42682 Minor changes to the documentation. 2015-10-30 02:01:29 -04:00
Juan RP
fa7d8bdfc5 xbps-xxx.1: responsability -> responsibility. 2015-10-28 10:03:41 +01:00
Juan RP
4211f5cd09 New manual page for xbps-fbulk(1). 2015-10-28 09:37:09 +01:00
Juan RP
60c4eb7c7a Merge pull request #103 from CMB/getopt
Use getopt_long instead of getopt, for musl.
2015-06-22 08:09:19 +02:00
Juan RP
22f982df77 xbps-uchroot: fix warning with old clang (hi travis). 2015-06-22 08:02:57 +02:00
Christopher Brannon
b1e6efeebe Use getopt_long instead of getopt, for musl. 2015-06-21 07:06:18 -07:00
Juan RP
5ebd4a6dfb xbps-uchroot: handle SIG{INT,TERM,QUIT} signals to cleanup temp masterdir. 2015-06-11 11:21:35 +02:00
Juan RP
fcdd71aac4 Move xbps utils manpages to the section 1 (user commands). 2015-05-16 09:46:10 +02:00
Juan RP
4a97810c0b xbps-uchroot: assert that strdup() does not fail. 2015-05-06 11:38:06 +02:00
Juan RP
7d6d1805f3 xbps-uchroot: replace -D/-H/-S with -b src/dest and switch to getopt(3). 2015-05-06 11:24:47 +02:00
Juan RP
6a087f5a1f xbps-uchroot.8: document -t and detail -o. 2015-04-27 17:50:46 +02:00
Juan RP
149f48fb8e xbps-uchroot: added -t option to mount a tmpfs for overlayfs. 2015-04-23 15:05:29 +02:00
Juan RP
31bf6c5309 xbps-uchroot: added -o <opts> to pass options to the temporary tmpfs mount. 2015-04-20 20:44:42 +02:00
Juan RP
d50a6866bc xbps-uchroot: with -O, don't make tmpfs a private mount.
This seems to avoid the weird build issues with xbps-fbulk.
2015-04-16 19:07:40 +02:00
Juan RP
f78c2986d4 xbps-uchroot: try to bind mount /proc if a new instance fails.
This should help uchroot to work in the travis-ci containers (hopefully).
2015-04-11 08:47:40 +02:00
Juan RP
ea0f1731e3 xbps-uchroot: added -O to use overlayfs on tmpfs in a tempdir. 2015-03-26 03:15:17 +01:00
Juan RP
395e147c6c xbps.d(5) - XBPS configuration directory 2014-12-09 11:41:35 +01:00
Juan RP
578c3add0c xbps-uchroot: mount sys/dev recursively to access to /dev/pts (thanks chris2). 2014-11-05 15:57:21 +01:00
Juan RP
966718bb7d bin/*/*.8: fixed mdoc errors/warnings reported by mandoc -Wall. 2014-09-30 11:36:08 +02:00
Enno Boland
2fe65dccec rename xbps-packages to void-packages 2014-09-26 14:24:06 +02:00
Juan RP
c8c331bd9a xbps-uchroot.8: document required kernel options. 2014-08-23 09:20:07 +02:00
Juan RP
c5d56bbf83 xbps-uchroot(8): do not remount / unnecessarily. 2014-08-12 07:53:59 +02:00
Juan RP
ae70e2c7f4 xbps-uchroot: fixed clang warnings. 2014-05-15 17:05:11 +02:00
Juan RP
5c3c192d16 xbps-uchroot(8): now with a manual page. 2014-04-18 09:45:25 +02:00
Juan RP
9ace61225d xbps-uchroot: new utility merged from xbps-src, must have appropiate permissions to work. 2014-04-01 10:26:22 +02:00