lib/scripts: Handle script interpreters
Seen in the wild with `vagrant`'s use of `%post -p /usr/bin/ruby`. This was a very easy fix, and actually makes the code a little bit nicer, as we no longer need to explicitly make the script executable, since we now pass it as `argv[1]`, the same way librpm does. That in turn would make it possible to fix the TODO and use `bwrap --file`, but that can come later. Closes: https://github.com/projectatomic/rpm-ostree/issues/856 Closes: #858 Approved by: jlebon
This commit is contained in:
parent
1f33f42c7a
commit
14431f7f09
@ -140,6 +140,7 @@ static gboolean
|
||||
run_script_in_bwrap_container (int rootfs_fd,
|
||||
const char *name,
|
||||
const char *scriptdesc,
|
||||
const char *argv0,
|
||||
const char *script,
|
||||
GCancellable *cancellable,
|
||||
GError **error)
|
||||
@ -163,11 +164,6 @@ run_script_in_bwrap_container (int rootfs_fd,
|
||||
g_prefix_error (error, "Writing script to %s: ", postscript_path_host);
|
||||
goto out;
|
||||
}
|
||||
if (fchmodat (rootfs_fd, postscript_path_host, 0755, 0) != 0)
|
||||
{
|
||||
glnx_set_error_from_errno (error);
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* We need to make the mount point in the case where we're doing
|
||||
* package layering, since the host `/var` tree is empty. We
|
||||
@ -210,6 +206,7 @@ run_script_in_bwrap_container (int rootfs_fd,
|
||||
goto out;
|
||||
|
||||
rpmostree_bwrap_append_child_argv (bwrap,
|
||||
argv0,
|
||||
postscript_path_container,
|
||||
/* http://www.rpm.org/max-rpm/s1-rpm-inside-scripts.html#S3-RPM-INSIDE-PRE-SCRIPT */
|
||||
"1",
|
||||
@ -263,7 +260,8 @@ run_known_rpm_script (const KnownRpmScriptKind *rpmscript,
|
||||
return glnx_throw (error, "Package '%s' has (currently) unsupported %s script in '%s'",
|
||||
dnf_package_get_name (pkg), lua_builtin, desc);
|
||||
|
||||
if (!run_script_in_bwrap_container (rootfs_fd, dnf_package_get_name (pkg), desc, script,
|
||||
if (!run_script_in_bwrap_container (rootfs_fd, dnf_package_get_name (pkg), desc,
|
||||
argv0, script,
|
||||
cancellable, error))
|
||||
return glnx_prefix_error (error, "Running %s for %s", desc, dnf_package_get_name (pkg));
|
||||
break;
|
||||
|
@ -377,7 +377,7 @@ Summary: %{name}
|
||||
License: GPLv2+
|
||||
EOF
|
||||
|
||||
local build= install= files= pretrans= pre= post= posttrans=
|
||||
local build= install= files= pretrans= pre= post= posttrans= post_interp=
|
||||
while [ $# -ne 0 ]; do
|
||||
local section=$1; shift
|
||||
local arg=$1; shift
|
||||
@ -388,6 +388,8 @@ EOF
|
||||
echo "Provides: $arg" >> $spec;;
|
||||
conflicts)
|
||||
echo "Conflicts: $arg" >> $spec;;
|
||||
post_interp)
|
||||
post_interp="$arg"; post="$1"; shift;;
|
||||
version|release|arch|build|install|files|pretrans|pre|post|posttrans)
|
||||
declare $section="$arg";;
|
||||
*)
|
||||
@ -415,7 +417,7 @@ $pretrans
|
||||
${pre:+%pre}
|
||||
$pre
|
||||
|
||||
${post:+%post}
|
||||
${post:+%post} ${post_interp:+-p ${post_interp}}
|
||||
$post
|
||||
|
||||
${posttrans:+%posttrans}
|
||||
|
@ -32,6 +32,7 @@ vm_build_rpm scriptpkg1 \
|
||||
pre "groupadd -r scriptpkg1" \
|
||||
pretrans "# http://lists.rpm.org/pipermail/rpm-ecosystem/2016-August/000391.html
|
||||
echo i should've been ignored && exit 1" \
|
||||
post_interp /usr/bin/python 'open("/usr/lib/rpmostreetestinterp", "w")' \
|
||||
posttrans "# Firewalld; https://github.com/projectatomic/rpm-ostree/issues/638
|
||||
. /etc/os-release || :
|
||||
# See https://github.com/projectatomic/rpm-ostree/pull/647
|
||||
@ -59,6 +60,9 @@ echo "ok no embarrassing crud leftover"
|
||||
vm_cmd getent group scriptpkg1
|
||||
echo "ok group scriptpkg1 active"
|
||||
|
||||
vm_has_files "/usr/lib/rpmostreetestinterp"
|
||||
echo "ok interp"
|
||||
|
||||
# And now, things that should fail
|
||||
vm_build_rpm rofiles-violation \
|
||||
post "echo should fail >> /usr/share/licenses/glibc/COPYING"
|
||||
|
Loading…
Reference in New Issue
Block a user