e86dc13c49
This will fix rpm-ostree-in-mock-in-koji. The drawback is minor: post scripts will have network access. But we're going to be testing the no-network case in our Docker-based builds, so that's fine. Closes: #672 Approved by: jlebon
27 lines
911 B
Bash
Executable File
27 lines
911 B
Bash
Executable File
#!/bin/bash
|
|
# Run a shell (or program) like how rpm-ostree would run RPM scriptlets. Useful
|
|
# for quickly testing changes to the script environment.
|
|
rootfs=$1
|
|
shift
|
|
cd ${rootfs}
|
|
# ⚠⚠⚠ If you change this, also update src/libpriv/rpmostree-scripts.c ⚠⚠⚠
|
|
BWRAP_ARGV="--dev /dev --proc /proc --dir /tmp --chdir / \
|
|
--unshare-pid --unshare-uts \
|
|
--unshare-ipc --unshare-cgroup-try \
|
|
"
|
|
if ! test "${container:-}" = "systemd-nspawn"; then
|
|
BWRAP_ARGV="$BWRAP_ARGV --unshare-net"
|
|
fi
|
|
|
|
for src in /sys/{block,bus,class,dev}; do
|
|
BWRAP_ARGV="$BWRAP_ARGV --ro-bind $src $src"
|
|
done
|
|
for src in lib{,32,64} bin sbin; do
|
|
if test -L $src; then
|
|
BWRAP_ARGV="$BWRAP_ARGV --symlink usr/$src $src"
|
|
fi
|
|
done
|
|
BWRAP_ARGV="$BWRAP_ARGV --ro-bind usr /usr --ro-bind ./var /var --bind ./usr/etc /etc --tmpfs /var/tmp"
|
|
echo exec bwrap $BWRAP_ARGV "$@"
|
|
exec env PS1='bwrap$ ' bwrap $BWRAP_ARGV "$@"
|