sysroot: Support specifying bwrap arguments

Prep for use with zipl.
2025-01-11 09:18:20 +03:00 · 2023-12-01 08:14:15 -05:00 · 2023-12-01 08:14:15 -05:00 · 744569723d
commit 744569723d
parent 791337fa46
2 changed files with 15 additions and 8 deletions
--- a/src/libostree/ostree-sysroot-deploy.c
+++ b/src/libostree/ostree-sysroot-deploy.c
@ -3165,8 +3165,9 @@ child_setup_fchdir (gpointer data)
 * Derived from rpm-ostree's rust/src/bwrap.rs
 */
 gboolean
-_ostree_sysroot_run_in_deployment (int deployment_dfd, const gchar *const *child_argv,
-                                   gint *exit_status, gchar **stdout, GError **error)
+_ostree_sysroot_run_in_deployment (int deployment_dfd, const char *const *bwrap_argv,
+                                   const gchar *const *child_argv, gint *exit_status,
+                                   gchar **stdout, GError **error)
 {
  static const gchar *const COMMON_ARGV[] = { "/usr/bin/bwrap",
                                              "--dev",
@ -3229,6 +3230,11 @@ _ostree_sysroot_run_in_deployment (int deployment_dfd, const gchar *const *child

  for (char **it = (char **)COMMON_ARGV; it && *it; it++)
    g_ptr_array_add (args, *it);
+  for (char **it = (char **)bwrap_argv; it && *it; it++)
+    g_ptr_array_add (args, *it);
+
+  // Separate bwrap args from child args
+  g_ptr_array_add (args, "--");

  for (char **it = (char **)child_argv; it && *it; it++)
    g_ptr_array_add (args, *it);
@ -3264,8 +3270,8 @@ sysroot_finalize_selinux_policy (int deployment_dfd, GError **error)
   * flag is not supported by semodule.
   */
  static const gchar *const SEMODULE_HELP_ARGV[] = { "semodule", "--help", NULL };
-  if (!_ostree_sysroot_run_in_deployment (deployment_dfd, SEMODULE_HELP_ARGV, &exit_status, &stdout,
-                                          error))
+  if (!_ostree_sysroot_run_in_deployment (deployment_dfd, NULL, SEMODULE_HELP_ARGV, &exit_status,
+                                          &stdout, error))
    return FALSE;
  if (!g_spawn_check_exit_status (exit_status, error))
    return glnx_prefix_error (error, "failed to run semodule");
@ -3279,8 +3285,8 @@ sysroot_finalize_selinux_policy (int deployment_dfd, GError **error)

  ot_journal_print (LOG_INFO, "Refreshing SELinux policy");
  guint64 start_msec = g_get_monotonic_time () / 1000;
-  if (!_ostree_sysroot_run_in_deployment (deployment_dfd, SEMODULE_REBUILD_ARGV, &exit_status, NULL,
-                                          error))
+  if (!_ostree_sysroot_run_in_deployment (deployment_dfd, NULL, SEMODULE_REBUILD_ARGV, &exit_status,
+                                          NULL, error))
    return FALSE;
  guint64 end_msec = g_get_monotonic_time () / 1000;
  ot_journal_print (LOG_INFO, "Refreshed SELinux policy in %" G_GUINT64_FORMAT " ms",
--- a/src/libostree/ostree-sysroot-private.h
+++ b/src/libostree/ostree-sysroot-private.h
@ -150,8 +150,9 @@ gboolean _ostree_sysroot_rmrf_deployment (OstreeSysroot *sysroot, OstreeDeployme

 char *_ostree_sysroot_get_runstate_path (OstreeDeployment *deployment, const char *key);

-gboolean _ostree_sysroot_run_in_deployment (int deployment_dfd, const gchar *const *child_argv,
-                                            gint *exit_status, gchar **stdout, GError **error);
+gboolean _ostree_sysroot_run_in_deployment (int deployment_dfd, const char *const *bwrap_argv,
+                                            const gchar *const *child_argv, gint *exit_status,
+                                            gchar **stdout, GError **error);

 char *_ostree_sysroot_join_lines (GPtrArray *lines);