mkimage-profiles/features.in/build-vm/lib/90-build-vm.mk
Michael Shigorin f293239d5b build-vm: try system tar2fs first
It's at least removing the very obvious user->root
attack through (maliciously) modifying bin/tar2fs
and waiting for it to be run; if mkimage-profiles
is installed system-wide as a package, the script
from /usr/share/mkimage-profiles will be tried so
those willing to allow vm/* build to themselves
can provide for a passwordless sudo (as described
in doc/vm.txt) to run a root-only writable script,
not user-writable.

Still not perfect but a step away from the abyss.
2016-11-07 19:47:53 +03:00

54 lines
1.5 KiB
Makefile

# step 4: build the virtual machine image
IMAGE_PACKAGES = $(DOT_BASE) \
$(SYSTEM_PACKAGES) \
$(COMMON_PACKAGES) \
$(BASE_PACKAGES) \
$(THE_PACKAGES) \
$(call list,$(BASE_LISTS) $(THE_LISTS))
# intermediate chroot archive
VM_TARBALL := $(IMAGE_OUTDIR)/$(IMAGE_NAME).tar
VM_RAWDISK := $(IMAGE_OUTDIR)/$(IMAGE_NAME).raw
VM_FSTYPE ?= ext4
VM_SIZE ?= 0
check-sudo:
@if ! type -t sudo >&/dev/null; then \
echo "** error: sudo not available, see doc/vm.txt" >&2; \
exit 1; \
fi
prepare-image: check-sudo
@if [ -x $(MKIMAGE_PREFIX)/bin/tar2fs ]; then \
TOPDIR=$(MKIMAGE_PREFIX); \
fi; \
if ! sudo $(TOPDIR)/bin/tar2fs \
"$(VM_TARBALL)" "$(VM_RAWDISK)" $(VM_SIZE) $(VM_FSTYPE); then \
echo "** error: sudo tar2fs failed, see also doc/vm.txt" >&2; \
exit 1; \
fi
convert-image: prepare-image
@case "$(IMAGE_TYPE)" in \
"img") mv "$(VM_RAWDISK)" "$(IMAGE_OUTPATH)"; exit 0;; \
"vhd") VM_FORMAT="vpc";; \
*) VM_FORMAT="$(IMAGE_TYPE)"; \
esac; \
if ! type -t qemu-img >&/dev/null; then \
echo "** warning: qemu-img not available" >&2; \
else \
qemu-img convert -O "$$VM_FORMAT" \
"$(VM_RAWDISK)" "$(IMAGE_OUTPATH)"; \
rm "$(VM_RAWDISK)"; \
if [ -z "$(DEBUG)" ]; then rm "$(VM_TARBALL)"; fi; \
fi
run-image-scripts: GLOBAL_CLEANUP_PACKAGES := $(CLEANUP_PACKAGES)
# override
pack-image: MKI_PACK_RESULTS := tar:$(VM_TARBALL)
all: $(GLOBAL_DEBUG) build-image copy-tree run-image-scripts pack-image \
convert-image postprocess $(GLOBAL_CLEAN_WORKDIR)