From 3b3cf4cc93c9a95729d2a68c0f11929225b8e455 Mon Sep 17 00:00:00 2001 From: Michael Shigorin Date: Sun, 10 Jan 2016 12:48:06 +0300 Subject: [PATCH] QUICKSTART, mktmpdir, build.mk: hasher's /proc Either /etc/hasher-priv/system or /etc/hasher-priv/user.d/$USER must contain at least "allowed_mountpoints=/proc" for mkimage to work for mkimage-profiles; thanks Daniil Golovanov for providing feedback indicating the lack of the corresponding checks. --- QUICKSTART | 2 +- bin/mktmpdir | 14 ++++++++++++++ lib/build.mk | 2 +- 3 files changed, 16 insertions(+), 2 deletions(-) diff --git a/QUICKSTART b/QUICKSTART index db64a2ec..3916a34f 100644 --- a/QUICKSTART +++ b/QUICKSTART @@ -5,7 +5,7 @@ http://en.altlinux.org/Hasher; large tmpfs helps a lot). ~~~~~~~~~ - ALT Linux 7.0 или выше (возможна адаптация "вниз") - установленный mkimage (свежий, как и hasher) -- пользователь с правом запуска hasher +- пользователь с правом запуска hasher и подключения /proc к нему полезно ~~~~~~~ diff --git a/bin/mktmpdir b/bin/mktmpdir index 329a19cf..b96dffa6 100755 --- a/bin/mktmpdir +++ b/bin/mktmpdir @@ -6,6 +6,14 @@ DIRS="$TMP $TMPDIR $HOME/hasher /tmp /var/tmp .." MINSIZE=262144 # face control criterion +# mkimage needs /proc among those, be clear about that +check_allowed_mountpoints() +{ + grep -wqs "^allowed_mountpoints=[^#]*/proc" \ + /etc/hasher-priv/system \ + `/usr/libexec/hasher-priv/getconf.sh` +} + # poor man's SourceIfExists() try_source() { [ -f "$1" ] && . "$1"; } @@ -59,6 +67,12 @@ choose_tmpdir() { } # bringing it all together +if ! check_allowed_mountpoints; then + echo "error: hasher's allowed_mountpoints do not include /proc;" + echo "please check hasher docs and /etc/hasher-priv/system" + exit 1 +fi >&2 + TMPDIRS="`contemplate_dirs $DIRS`" if [ -z "$TMPDIRS" ]; then echo "error: no suitable directories found;" diff --git a/lib/build.mk b/lib/build.mk index 5d48276b..97ebb65c 100644 --- a/lib/build.mk +++ b/lib/build.mk @@ -4,7 +4,7 @@ ANSI_FAIL ?= 1;31 MAX_LINES = 200 MAX_ERRORS = 5 -GOTCHA := ^(((\*\* )?(E:|[Ee]rror|[Ww]arning).*)|(.* (FAILURE|FATAL|ERROR|conflicts|Depends:) .*)|(.* (Stop|failed|not found)\.))$$ +GOTCHA := ^(((\*\* )?(E:|[Ee]rror|[Ww]arning).*)|(.* (FAILURE|FATAL|ERROR|conflicts|Depends:) .*)|(.* (Stop|failed|not found)\.)|(not allowed))$$ ifndef MKIMAGE_PROFILES $(error this makefile is designed to be included in toplevel one)