unify /proc mounting between root and unshare mode and fall back to rbind-mounting
This makes unshare mode work on salsaci and debci.
This commit is contained in:
parent
d9e6d62328
commit
9ebb3d07ac
1 changed files with 17 additions and 15 deletions
28
mmdebstrap
28
mmdebstrap
|
@ -1417,12 +1417,13 @@ sub setup_mounts {
|
||||||
&& !-d "/proc") {
|
&& !-d "/proc") {
|
||||||
warning("skipping bind-mounting /proc because"
|
warning("skipping bind-mounting /proc because"
|
||||||
. " /proc on the outside is not a directory");
|
. " /proc on the outside is not a directory");
|
||||||
} elsif ($options->{mode} eq 'root') {
|
} elsif (any { $_ eq $options->{mode} } ('root', 'unshare')) {
|
||||||
# we don't know whether we run in root mode inside an unshared
|
# we don't know whether we run in root mode inside an unshared
|
||||||
# user namespace or as real root so we first try the real mount and
|
# user namespace or as real root so we first try the real mount and
|
||||||
# then fall back to mounting in a way that works in unshared
|
# then fall back to mounting in a way that works in unshared
|
||||||
if (
|
if (
|
||||||
0 == system(
|
$options->{mode} eq 'root'
|
||||||
|
&& 0 == system(
|
||||||
'mount', '-t', 'proc', '-o', 'ro', 'proc',
|
'mount', '-t', 'proc', '-o', 'ro', 'proc',
|
||||||
"$options->{root}/proc"
|
"$options->{root}/proc"
|
||||||
)
|
)
|
||||||
|
@ -1451,22 +1452,23 @@ sub setup_mounts {
|
||||||
0 == system('umount', '--no-mtab', "$options->{root}/proc")
|
0 == system('umount', '--no-mtab', "$options->{root}/proc")
|
||||||
or warning("umount /proc failed: $?");
|
or warning("umount /proc failed: $?");
|
||||||
};
|
};
|
||||||
} else {
|
} elsif (
|
||||||
error "mount /proc failed: $?";
|
# if mounting proc failed, try bind-mounting it read-only as a
|
||||||
}
|
# last resort
|
||||||
} elsif ($options->{mode} eq 'unshare') {
|
0 == system(
|
||||||
# naturally we have to clean up after ourselves in sudo mode where
|
'mount', '-o',
|
||||||
# we do a real mount. But we also need to unmount in unshare mode
|
'rbind', '/proc',
|
||||||
# because otherwise, even with the --one-file-system tar option,
|
"$options->{root}/proc"
|
||||||
# the permissions of the mount source will be stored and not the
|
)
|
||||||
# mount target (the directory)
|
) {
|
||||||
push @cleanup_tasks, sub {
|
push @cleanup_tasks, sub {
|
||||||
# since we cannot write to /etc/mtab we need --no-mtab
|
# since we cannot write to /etc/mtab we need --no-mtab
|
||||||
0 == system('umount', '--no-mtab', "$options->{root}/proc")
|
0 == system('umount', '--no-mtab', "$options->{root}/proc")
|
||||||
or warning("umount /proc failed: $?");
|
or warning("umount /proc failed: $?");
|
||||||
};
|
};
|
||||||
0 == system('mount', '-t', 'proc', 'proc', "$options->{root}/proc")
|
} else {
|
||||||
or error "mount /proc failed: $?";
|
error "mount /proc failed: $?";
|
||||||
|
}
|
||||||
} elsif (any { $_ eq $options->{mode} } ('fakechroot', 'chrootless')) {
|
} elsif (any { $_ eq $options->{mode} } ('fakechroot', 'chrootless')) {
|
||||||
# we cannot mount in fakechroot mode
|
# we cannot mount in fakechroot mode
|
||||||
} else {
|
} else {
|
||||||
|
|
Loading…
Reference in a new issue