mirror of
https://gitlab.postmarketos.org/postmarketOS/pmbootstrap.git
synced 2025-07-13 11:29:46 +03:00
a29076572b
Use sandbox functions to unshare the entire pmbootstrap process with user namespaces. This lets us do whatever we want without polluting the global mount namepsace, and eliminates the need for "pmbootstrap shutdown". Currently install is broken since it uses loop devices, this should be addressed by using something like systemd.repartd (or doing all the offset calculation and gpt stuff ourselves). Signed-off-by: Casey Connolly <kcxt@postmarketos.org>
44 lines
1.2 KiB
Python
Executable file
44 lines
1.2 KiB
Python
Executable file
#!/usr/bin/env python3
|
|
# -*- encoding: UTF-8 -*-
|
|
# Copyright 2023 Oliver Smith
|
|
# SPDX-License-Identifier: GPL-3.0-or-later
|
|
# PYTHON_ARGCOMPLETE_OK
|
|
import sys
|
|
import pmb
|
|
import os
|
|
from pmb.init import sandbox
|
|
|
|
original_uid = os.geteuid()
|
|
|
|
sandbox.acquire_privileges(become_root=False)
|
|
# Unshare mount namespace
|
|
sandbox.unshare(sandbox.CLONE_NEWNS)
|
|
# sandbox.seccomp_suppress(chown=True)
|
|
|
|
# print("Caps: ")
|
|
# with open("/proc/self/status", "rb") as f:
|
|
# for line in f.readlines():
|
|
# if line.startswith(b"CapEff:"):
|
|
# print(line)
|
|
|
|
# print(f"cap_sys_admin: {sandbox.have_effective_cap(sandbox.CAP_SYS_ADMIN)}")
|
|
# print(f"single user: {sandbox.userns_has_single_user()}")
|
|
|
|
# We set up a very basic mount environment, where we just bind mount the host
|
|
# rootfs in. We can extend this in the future to isolate the pmb workdir but
|
|
# for now this is enough.
|
|
fsops = [
|
|
sandbox.BindOperation(
|
|
"/",
|
|
"/",
|
|
readonly=False,
|
|
required=True,
|
|
relative=False,
|
|
)
|
|
]
|
|
sandbox.setup_mounts(fsops)
|
|
|
|
# A convenience wrapper for running pmbootstrap from the git repository. This
|
|
# script is not part of the python packaging, so don't add more logic here!
|
|
if __name__ == "__main__":
|
|
sys.exit(pmb.main(original_uid=original_uid))
|