mirror/flatpak
1
0
Fork 0
mirror of https://github.com/flatpak/flatpak.git synced 2026-03-16 22:19:47 -04:00
Code Issues Packages Projects Releases Wiki Activity

xdg-app build: Bind mount host resolv.conf during builds

Browse Source 
Its not totally unheard of to use network during builds, for
instance to download packages. This does so via a straight
(readonly) bind mount of the host version.

This is slightly different from what xdg-app run does, as
that relies on a full session and xdg-app-helper, but instead
that handles the config changing during runtime.
This commit is contained in:
Alexander Larsson
2015-05-13 16:36:59 +02:00
parent d91f297362
commit c8d2df6ad1
2 changed files with 13 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
xdg-app-builtins-build.c
View File

@@ -145,6 +145,7 @@ xdg_app_builtin_build (int argc, char **argv, GCancellable *cancellable, GError
g_ptr_array_add (argv_array, g_strdup ("-i"));
g_ptr_array_add (argv_array, g_strdup ("-f"));
g_ptr_array_add (argv_array, g_strdup ("-H"));
g_ptr_array_add (argv_array, g_strdup ("-r"));
if (!xdg_app_run_verify_environment_keys ((const char **)opt_forbid, error))
goto out;

14
xdg-app-helper.c
View File

@@ -381,6 +381,7 @@ ascii_isdigit (char c)
static bool create_etc_symlink = FALSE;
static bool create_etc_dir = TRUE;
static bool create_monitor_links = FALSE;
static bool bind_resolv_conf = FALSE;
static bool allow_dri = FALSE;
static const create_table_t create[] = {
@@ -410,6 +411,7 @@ static const create_table_t create[] = {
{ FILE_TYPE_DIR, "etc", 0755, NULL, 0, &create_etc_dir},
{ FILE_TYPE_REGULAR, "etc/passwd", 0755, NULL, 0, &create_etc_dir},
{ FILE_TYPE_REGULAR, "etc/group", 0755, NULL, 0, &create_etc_dir},
{ FILE_TYPE_REGULAR, "etc/resolv.conf", 0755, NULL, 0, &bind_resolv_conf},
{ FILE_TYPE_SYMLINK, "etc/resolv.conf", 0755, "/run/user/%1$d/xdg-app-monitor/resolv.conf", 0, &create_monitor_links},
{ FILE_TYPE_REGULAR, "etc/machine-id", 0755, NULL, 0, &create_etc_dir},
{ FILE_TYPE_DIR, "tmp/.X11-unix", 0755 },
@@ -446,6 +448,7 @@ static const create_table_t create_post[] = {
{ FILE_TYPE_BIND_RO, "etc/group", 0444, "/etc/group", 0},
{ FILE_TYPE_BIND_RO, "etc/machine-id", 0444, "/etc/machine-id", FILE_FLAGS_NON_FATAL},
{ FILE_TYPE_BIND_RO, "etc/machine-id", 0444, "/var/lib/dbus/machine-id", FILE_FLAGS_NON_FATAL | FILE_FLAGS_IF_LAST_FAILED},
{ FILE_TYPE_BIND_RO, "etc/resolv.conf", 0444, "/etc/resolv.conf", 0, &bind_resolv_conf},
};
static const mount_table_t mount_table[] = {
@@ -1484,7 +1487,7 @@ main (int argc,
if (prctl (PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) < 0)
die_with_error ("prctl(PR_SET_NO_NEW_CAPS) failed");
while ((c = getopt (argc, argv, "+inWweEsfFHa:m:b:p:x:ly:d:D:v:I:gS:")) >= 0)
while ((c = getopt (argc, argv, "+inWweEsfFHra:m:b:p:x:ly:d:D:v:I:gS:")) >= 0)
{
switch (c)
{
@@ -1571,6 +1574,10 @@ main (int argc,
pulseaudio_socket = optarg;
break;
case 'r':
bind_resolv_conf = TRUE;
break;
case 's':
share_shm = TRUE;
break;
@@ -1610,7 +1617,10 @@ main (int argc,
n_args = argc - optind;
if (monitor_path != NULL && create_etc_dir)
create_monitor_links = TRUE;
{
create_monitor_links = TRUE;
bind_resolv_conf = FALSE;
}
if (n_args < 2)
usage (argv);