mhameed
/
cdist
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

better mounting of virtual filesystems in chroot 

Signed-off-by: Steven Armstrong <steven@icarus.ethz.ch>
This commit is contained in:
Steven Armstrong 2013-09-14 21:55:51 +02:00
parent a9109c94a4
commit a035b52a0d
2 changed files with 23 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
cdist/conf/type/__chroot_mount/gencode-remote
View File

@ -23,13 +23,25 @@ chroot="/$__object_id"
cat << DONE
# Prepare chroot
[ -d "${chroot}/proc" ] || mkdir "${chroot}/proc"
mount -t proc none "${chroot}/proc"
mountpoint -q "${chroot}/proc" \
|| mount -t proc -o nosuid,noexec,nodev proc "${chroot}/proc"
[ -d "${chroot}/sys" ] || mkdir "${chroot}/sys"
mount -t sysfs none "${chroot}/sys"
mountpoint -q "${chroot}/sys" \
|| mount -t sysfs -o nosuid,noexec,nodev sys "${chroot}/sys"
[ -d "${chroot}/dev" ] || mkdir "${chroot}/dev"
mount --rbind /dev "${chroot}/dev"
mountpoint -q "${chroot}/dev" \
|| mount -t devtmpfs -o mode=0755,nosuid udev "${chroot}/dev"
[ -d "${chroot}/dev/pts" ] || mkdir "${chroot}/dev/pts"
mountpoint -q "${chroot}/dev/pts" \
|| mount -t devpts -o mode=0620,gid=5,nosuid,noexec devpts "${chroot}/dev/pts"
[ -d "${chroot}/tmp" ] || mkdir -m 1777 "${chroot}/tmp"
mount -t tmpfs none "${chroot}/tmp"
mountpoint -q "${chroot}/tmp" \
|| mount -t tmpfs -o mode=1777,strictatime,nodev,nosuid tmpfs "${chroot}/tmp"
if [ ! -f "${chroot}/etc/resolv.conf" ]; then
cp /etc/resolv.conf "${chroot}/etc/"
fi

11
cdist/conf/type/__chroot_umount/gencode-remote
View File

@ -22,12 +22,15 @@ chroot="/$__object_id"
cat << DONE
umount -l "${chroot}/tmp"
umount -l "${chroot}/dev/pts"
umount -l "${chroot}/dev"
umount -l "${chroot}/sys"
umount -l "${chroot}/proc"
rm -f "${chroot}/etc/resolv.conf"
# ensure /etc/resolvconf/resolv.conf.d/tail is not linked to \
# e.g. /etc/resolvconf/resolv.conf.d/original
rm -f "${chroot}/etc/resolvconf/resolv.conf.d/tail"
touch "${chroot}/etc/resolvconf/resolv.conf.d/tail"
if [ -d "${chroot}/etc/resolvconf/resolv.conf.d" ]; then
# ensure /etc/resolvconf/resolv.conf.d/tail is not linked to \
# e.g. /etc/resolvconf/resolv.conf.d/original
rm -f "${chroot}/etc/resolvconf/resolv.conf.d/tail"
touch "${chroot}/etc/resolvconf/resolv.conf.d/tail"
fi
DONE