- Added -B src:dest (like -b) but this makes bind mounts in
read-only mode.
- Get rid of setfsuid(), it's unnecessary.
- Make sure chrootdir is not '/', use realpath().
- Always set SECBIT_NOROOT, see capabilities(7).
- Do not mount recursively, right now this only mounts
/dev (ro), /dev/shm (rw), /sys (ro) and /proc (ro).
Previously any mount below any specific mount were recursively
mounted in chrootdir.
- Do not use nftw(3), this won't clean up the tree properly.
Rather use scandir(3) with alphasort, like xbps-create(1).
- Don't drop privs in the parent to make sure that the
temp overlayfs tree can be removed properly.
This fixes the issues while building go modules and others
with xbps-src.
This reverts commit f6a6385b42d6946b8b72e1084b4827591967e147.
Does not work as expected, and does not fix the real issue
which is still not understood.
The remount is done to use nosuid, but we can get
rid of the remount just because of this specific
option that does not have too much value for our
general usage (xbps-src).
Go modules seem to have too restrictive permissions on
its builddir, making xbps-uchroot(1) unable to remove
its directory tree due to insufficient permissions.
Run nftw() twice, the first run to set chmod 755, and
second run to remove the file.
Fixes `xbps-src -t` with any pkg that uses `build_style=go`.
This should avoid lots of temp dirs in the buildbot
builders while building go modules and others.
See the manual page:
XBPS-DIGEST(1) General Commands Manual XBPS-DIGEST(1)
NAME
xbps-digest - XBPS utility to generate message digests
SYNOPSIS
xbps-digest [OPTIONS] [FILE] [FILE+N]
DESCRIPTION
The xbps-digest utility generates message digests for specified FILE or
stdin if unset.
OPTIONS
-m, --mode mode
Sets the message digest mode. Supported: sha256. If unset, defaults
to sha256.
-h, --help
Show the help message.
-V, --version
Show the version information.
SEE ALSO
xbps.d(5), xbps-checkvers(1), xbps-create(1), xbps-dgraph(1),
xbps-fbulk(1), xbps-install(1), xbps-pkgdb(1), xbps-query(1),
xbps-reconfigure(1), xbps-remove(1), xbps-rindex(1), xbps-uchroot(1),
xbps-uunshare(1)
AUTHORS
Juan Romero Pardines <xtraeme@gmail.com>
BUGS
Probably, but I try to make this not happen. Use it under your own
responsibility and enjoy your life.
Report bugs at https://github.com/void-linux/xbps/issues
June 12, 2019
Signed-off-by: Juan RP <xtraeme@gmail.com>