core: Neuter systemctl during script execution

`systemctl start/stop/try-restart` are all useless for us in scripts, since changes should only affect the *next* boot. `systemctl enable` is also wrong - one should use presets instead. Currently, systemd has code to detect whether it's inside a chroot, which works for mock, but *not* for Docker or bubblewrap. (We should teach systemd a nicer way to disable itself, but even if we did that we'd have to support old scripts) So, this fixes layering `glusterfs` in CAHC. Closes: #432 Approved by: jlebon
2016-08-16 14:36:05 -04:00 · 2016-08-16 14:36:05 -04:00 · 589a8e0974
commit 589a8e0974
parent 6900c616ec
1 changed files with 35 additions and 0 deletions
--- a/src/libpriv/rpmostree-core.c
+++ b/src/libpriv/rpmostree-core.c
@ -2046,11 +2046,36 @@ rpmostree_context_assemble_commit (RpmOstreeContext      *self,
  if (!noscripts)
    {
      gboolean have_passwd;
+      gboolean have_systemctl;

      if (!rpmostree_passwd_prepare_rpm_layering (tmprootfs_dfd, &have_passwd,
                                                  cancellable, error))
        goto out;

+      /* Also neuter systemctl - at least glusterfs calls it
+       * in %post without disallowing errors.  Anyways,
+       */
+      if (renameat (tmprootfs_dfd, "usr/bin/systemctl",
+                    tmprootfs_dfd, "usr/bin/systemctl.rpmostreesave") < 0)
+        {
+          if (errno == ENOENT)
+            have_systemctl = FALSE;
+          else
+            {
+              glnx_set_prefix_error_from_errno (error, "%s", "Renaming usr/bin/systemctl");
+              goto out;
+            }
+        }
+      else
+        {
+          have_systemctl = TRUE;
+          if (symlinkat ("true", tmprootfs_dfd, "usr/bin/systemctl") < 0)
+            {
+              glnx_set_error_from_errno (error);
+              goto out;
+            }
+        }
+
      for (i = 0; i < n_rpmts_elements; i++)
        {
          rpmte te = rpmtsElement (ordering_ts, i);
@ -2064,6 +2089,16 @@ rpmostree_context_assemble_commit (RpmOstreeContext      *self,
            goto out;
        }

+      if (have_systemctl)
+        {
+          if (renameat (tmprootfs_dfd, "usr/bin/systemctl.rpmostreesave",
+                        tmprootfs_dfd, "usr/bin/systemctl") < 0)
+            {
+              glnx_set_error_from_errno (error);
+              goto out;
+            }
+        }
+
      if (have_passwd)
        {
          if (!rpmostree_passwd_complete_rpm_layering (tmprootfs_dfd, error))