lib/scripts: Handle script interpreters

Seen in the wild with `vagrant`'s use of `%post -p /usr/bin/ruby`. This was a
very easy fix, and actually makes the code a little bit nicer, as we no longer
need to explicitly make the script executable, since we now pass it as
`argv[1]`, the same way librpm does. That in turn would make it possible to fix
the TODO and use `bwrap --file`, but that can come later.

Closes: https://github.com/projectatomic/rpm-ostree/issues/856

Closes: #858
Approved by: jlebon
This commit is contained in:
Colin Walters 2017-07-02 09:22:33 -04:00 committed by Atomic Bot
parent 1f33f42c7a
commit 14431f7f09
3 changed files with 12 additions and 8 deletions

View File

@ -140,6 +140,7 @@ static gboolean
run_script_in_bwrap_container (int rootfs_fd,
const char *name,
const char *scriptdesc,
const char *argv0,
const char *script,
GCancellable *cancellable,
GError **error)
@ -163,11 +164,6 @@ run_script_in_bwrap_container (int rootfs_fd,
g_prefix_error (error, "Writing script to %s: ", postscript_path_host);
goto out;
}
if (fchmodat (rootfs_fd, postscript_path_host, 0755, 0) != 0)
{
glnx_set_error_from_errno (error);
goto out;
}
/* We need to make the mount point in the case where we're doing
* package layering, since the host `/var` tree is empty. We
@ -210,6 +206,7 @@ run_script_in_bwrap_container (int rootfs_fd,
goto out;
rpmostree_bwrap_append_child_argv (bwrap,
argv0,
postscript_path_container,
/* http://www.rpm.org/max-rpm/s1-rpm-inside-scripts.html#S3-RPM-INSIDE-PRE-SCRIPT */
"1",
@ -263,7 +260,8 @@ run_known_rpm_script (const KnownRpmScriptKind *rpmscript,
return glnx_throw (error, "Package '%s' has (currently) unsupported %s script in '%s'",
dnf_package_get_name (pkg), lua_builtin, desc);
if (!run_script_in_bwrap_container (rootfs_fd, dnf_package_get_name (pkg), desc, script,
if (!run_script_in_bwrap_container (rootfs_fd, dnf_package_get_name (pkg), desc,
argv0, script,
cancellable, error))
return glnx_prefix_error (error, "Running %s for %s", desc, dnf_package_get_name (pkg));
break;

View File

@ -377,7 +377,7 @@ Summary: %{name}
License: GPLv2+
EOF
local build= install= files= pretrans= pre= post= posttrans=
local build= install= files= pretrans= pre= post= posttrans= post_interp=
while [ $# -ne 0 ]; do
local section=$1; shift
local arg=$1; shift
@ -388,6 +388,8 @@ EOF
echo "Provides: $arg" >> $spec;;
conflicts)
echo "Conflicts: $arg" >> $spec;;
post_interp)
post_interp="$arg"; post="$1"; shift;;
version|release|arch|build|install|files|pretrans|pre|post|posttrans)
declare $section="$arg";;
*)
@ -415,7 +417,7 @@ $pretrans
${pre:+%pre}
$pre
${post:+%post}
${post:+%post} ${post_interp:+-p ${post_interp}}
$post
${posttrans:+%posttrans}

View File

@ -32,6 +32,7 @@ vm_build_rpm scriptpkg1 \
pre "groupadd -r scriptpkg1" \
pretrans "# http://lists.rpm.org/pipermail/rpm-ecosystem/2016-August/000391.html
echo i should've been ignored && exit 1" \
post_interp /usr/bin/python 'open("/usr/lib/rpmostreetestinterp", "w")' \
posttrans "# Firewalld; https://github.com/projectatomic/rpm-ostree/issues/638
. /etc/os-release || :
# See https://github.com/projectatomic/rpm-ostree/pull/647
@ -59,6 +60,9 @@ echo "ok no embarrassing crud leftover"
vm_cmd getent group scriptpkg1
echo "ok group scriptpkg1 active"
vm_has_files "/usr/lib/rpmostreetestinterp"
echo "ok interp"
# And now, things that should fail
vm_build_rpm rofiles-violation \
post "echo should fail >> /usr/share/licenses/glibc/COPYING"