ptrcnull/ptrcports
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity Actions

root-enter: upgrade to 9

Browse source 
go back to shell script
This commit is contained in:
ptrcnull 2023-02-25 07:41:32 +01:00
parent b57062484a
commit d9779306e4
Signed by: ptrcnull
GPG key ID: 411F7B30801DD9CA
2 changed files with 94 additions and 74 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
root-enter/APKBUILD
View file

@ -1,13 +1,12 @@
# Contributor: Patrycja Rosa <alpine@ptrcnull.me> # Contributor: Patrycja Rosa <alpine@ptrcnull.me>
# Maintainer: Patrycja Rosa <alpine@ptrcnull.me> # Maintainer: Patrycja Rosa <alpine@ptrcnull.me>
pkgname=root-enter pkgname=root-enter
pkgver=8 pkgver=9
pkgrel=0 pkgrel=0
pkgdesc="enter chroot with mounts" pkgdesc="enter chroot with mounts"
url="https://git.ddd.rip/ptrcnull/ptrcports" url="https://git.ddd.rip/ptrcnull/ptrcports"
arch="noarch" arch="noarch"
license="BSD-2-Clause" license="BSD-2-Clause"
depends="execline"
source="enter" source="enter"
builddir="$srcdir" builddir="$srcdir"
options="!check" options="!check"
@ -17,5 +16,5 @@ package() {
} }
sha512sums=" sha512sums="
2c46100bb0c1a2a1b683d3e6070a970fcdd0bf688ccdfa3bcf4310b8f4ea0a69946a3a1b3cffec18af70eb09fb53a977a034318a7be4f103a864239880f4a1be enter 4a054f60ded2e17c8eca35ff30b2e23b00dba58b7208f62121ffce849502838022f61ea2a1ddc4b6c80e63cbb33e1a331f1d7aecace5ada5bd6b0ae23cd790ea enter
" "

159
root-enter/enter
View file

@ -1,83 +1,104 @@
#!/bin/execlineb #!/bin/sh
set -eu
elgetopt "be:u:c:" # make sure we're root
if [ "$(id -u)" != 0 ]; then
sucmd="su -c"
if command -v doas >/dev/null; then
sucmd="doas"
elif command -v sudo >/dev/null; then
sucmd="sudo"
fi
multisubstitute { exec $sucmd env HOME="$HOME" USERNAME="$(id -u -n)" "$0" "$@"
importas -D "0" build ELGETOPT_b fi
importas -D "" extra_mounts ELGETOPT_e
importas -D "" user_arg ELGETOPT_u
importas -D "" command_arg ELGETOPT_c
importas -D "" dest 1
importas -i USER USER
importas -i HOME HOME
}
# and make sure we're in a separate mount namespace
if [ "$(readlink /proc/$$/ns/mnt | cut -d: -f2)" = "$(readlink /proc/1/ns/mnt | cut -d: -f2)" ]; then
exec unshare -m "$0" "$@"
fi
bindpoints="/etc/resolv.conf"
command=""
user="$USERNAME"
while getopts "be:u:c:" opt; do
case $opt in
'b') bindpoints="
$bindpoints
$HOME/aports
$HOME/packages
$HOME/.abuild
" ;;
'e') bindpoints="$bindpoints $OPTARG" ;;
'u') user="$OPTARG" ;;
'c') command="$OPTARG" ;;
*) echo "unknown $opt" ;;
esac
done
shift $(( $OPTIND - 1 ))
dest="$1"
shift shift
elgetpositionals
emptyenv -oP
backtick -D "ash -l" command { if [ ! -d "$dest" ]; then
ifelse { test -n $command_arg } { echo "no such directory: $dest"
echo $command_arg
}
ifelse { test $# -gt 0 } {
echo $@
}
echo ash -l
}
importas -ui command command
# TODO: add -s to that when not using `su` later
backtick -D "" -E user { ifelse { test -n $user_arg } { echo $user_arg } echo $USER }
backtick -D "" -E build_mounts {
if { test $build = 1 }
echo "
${HOME}/aports
${HOME}/packages
${HOME}/.abuild
"
}
define -s -C bindpoints "/etc/resolv.conf ${build_mounts} ${extra_mounts}"
ifelse -n { test -d $dest } {
foreground { echo "no such file or directory: $dest" }
exit 1 exit 1
} fi
ifelse -n { test -x ${dest}/bin/sh } { if [ ! -x "$dest"/bin/sh ]; then
foreground { echo "$dest does not contain executable /bin/sh" } echo "$dest does not contain executable /bin/sh"
exit 1 exit 1
} fi
backtick -E uid { id -u } mount -t proc proc "$dest"/proc
backtick -E -D "exec" sucmd { if { test $uid != 0 } echo doas } mount -t sysfs sysfs "$dest"/sys
$sucmd mount -t tmpfs tmpfs "$dest"/tmp
# some mini kernels don't have devtmpfs
if grep -q devtmpfs /proc/filesystems; then
mount -t devtmpfs devtmpfs "$dest"/dev
else
mount -t tmpfs tmpfs "$dest"/dev
unshare -m if [ -x "$dest"/sbin/mdev ]; then
echo "devtmpfs not supported - running 'mdev -s' instead"
chroot "$dest" /sbin/mdev -s
else
echo "devtmpfs not supported - devices need to be created manually"
fi
fi
mount -t devpts devpts "$dest"/dev/pts
mount -t tmpfs tmpfs "$dest"/dev/shm
foreground { mount -t devtmpfs devtmpfs ${dest}/dev } for bindpoint in $bindpoints; do
foreground { mount -t tmpfs shm ${dest}/dev/shm } if [ -f "$bindpoint" ]; then
foreground { mount -t devpts devpts ${dest}/dev/pts } touch "$dest"/"$bindpoint"
foreground { mount -t sysfs sysfs ${dest}/sys } else
foreground { mount -t proc proc ${dest}/proc } mkdir -p "$dest"/"$bindpoint"
foreground { mount -t tmpfs tmpfs ${dest}/tmp } fi
foreground {
forx -E point { $bindpoints }
# ensure $point exists in destination mount --bind "$bindpoint" "$dest"/"$bindpoint"
ifthenelse { test -f $point } { done
touch ${dest}${point}
} {
mkdir -p ${dest}${point}
}
mount --bind $point ${dest}${point} # if running on chromeos, fixup symlink exec
} # https://goo.gl/8xICW6
# https://github.com/dnschneid/crouton/commit/5cb7ad05
if [ -e "/run/chrome" ]; then
if mount -n -t securityfs -o nodev,noexec,nosuid securityfs /sys/kernel/security; then
policies=/sys/kernel/security/chromiumos/inode_security_policies
if [ -d "$policies" ]; then
for policy in "$policies/allow_"*; do
printf "$(realpath "$dest")" > "$policy"
done
fi
umount /sys/kernel/security
fi
fi
chroot ${dest} if [ "$command" ]; then
exec chroot "$dest" su $user -c "$command"
su $user -c "$command" elif [ "$#" -gt 0 ]; then
exec chroot "$dest" su $user -c "$*"
else
exec chroot "$dest" login -f $user
fi