add verbose mode to test_unshare() so that it can report what went wrong
This commit is contained in:
parent
3ffc8ea35f
commit
b0979d1d6b
1 changed files with 25 additions and 23 deletions
48
mmdebstrap
48
mmdebstrap
|
@ -87,8 +87,12 @@ sub get_tar_compress_options($) {
|
||||||
return ();
|
return ();
|
||||||
}
|
}
|
||||||
|
|
||||||
sub test_unshare() {
|
sub test_unshare($) {
|
||||||
|
my $verbose = shift;
|
||||||
if ($EFFECTIVE_USER_ID == 0) {
|
if ($EFFECTIVE_USER_ID == 0) {
|
||||||
|
if ($verbose) {
|
||||||
|
print STDERR "E: cannot use unshare mode when executing as root\n";
|
||||||
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
# arguments to syscalls have to be stored in their own variable or
|
# arguments to syscalls have to be stored in their own variable or
|
||||||
|
@ -99,9 +103,12 @@ sub test_unshare() {
|
||||||
my $pid = fork() // die "fork() failed: $!";
|
my $pid = fork() // die "fork() failed: $!";
|
||||||
if ($pid == 0) {
|
if ($pid == 0) {
|
||||||
my $ret = syscall &SYS_unshare, $unshare_flags;
|
my $ret = syscall &SYS_unshare, $unshare_flags;
|
||||||
if (($ret >> 8) == 0) {
|
if ($ret == 0) {
|
||||||
exit 0;
|
exit 0;
|
||||||
} else {
|
} else {
|
||||||
|
if ($verbose) {
|
||||||
|
print STDERR "E: unshare syscall failed: $!\n";
|
||||||
|
}
|
||||||
exit 1;
|
exit 1;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -113,10 +120,24 @@ sub test_unshare() {
|
||||||
# executed without parameters
|
# executed without parameters
|
||||||
system "newuidmap 2>/dev/null";
|
system "newuidmap 2>/dev/null";
|
||||||
if (($? >> 8) != 1) {
|
if (($? >> 8) != 1) {
|
||||||
|
if ($verbose) {
|
||||||
|
if (($? >> 8) == 127) {
|
||||||
|
print STDERR "E: cannot find newuidmap\n";
|
||||||
|
} else {
|
||||||
|
print STDERR "E: newuidmap returned unknown exit status\n";
|
||||||
|
}
|
||||||
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
system "newgidmap 2>/dev/null";
|
system "newgidmap 2>/dev/null";
|
||||||
if (($? >> 8) != 1) {
|
if (($? >> 8) != 1) {
|
||||||
|
if ($verbose) {
|
||||||
|
if (($? >> 8) == 127) {
|
||||||
|
print STDERR "E: cannot find newgidmap\n";
|
||||||
|
} else {
|
||||||
|
print STDERR "E: newgidmap returned unknown exit status\n";
|
||||||
|
}
|
||||||
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
return 1;
|
return 1;
|
||||||
|
@ -1392,7 +1413,7 @@ sub main() {
|
||||||
if ($options->{mode} eq 'auto') {
|
if ($options->{mode} eq 'auto') {
|
||||||
if ($EFFECTIVE_USER_ID == 0) {
|
if ($EFFECTIVE_USER_ID == 0) {
|
||||||
$options->{mode} = 'root';
|
$options->{mode} = 'root';
|
||||||
} elsif (test_unshare()) {
|
} elsif (test_unshare(0)) {
|
||||||
$options->{mode} = 'unshare';
|
$options->{mode} = 'unshare';
|
||||||
} elsif (system('proot --version>/dev/null') == 0) {
|
} elsif (system('proot --version>/dev/null') == 0) {
|
||||||
$options->{mode} = 'proot';
|
$options->{mode} = 'proot';
|
||||||
|
@ -1432,26 +1453,7 @@ sub main() {
|
||||||
exec 'fakechroot', 'fakeroot', $PROGRAM_NAME, @ARGVORIG;
|
exec 'fakechroot', 'fakeroot', $PROGRAM_NAME, @ARGVORIG;
|
||||||
}
|
}
|
||||||
} elsif ($options->{mode} eq 'unshare') {
|
} elsif ($options->{mode} eq 'unshare') {
|
||||||
if (!test_unshare()) {
|
if (!test_unshare(1)) {
|
||||||
if ($EFFECTIVE_USER_ID == 0) {
|
|
||||||
print STDERR "I: cannot use unshare mode when executing as root\n";
|
|
||||||
}
|
|
||||||
system "newuidmap 2>/dev/null";
|
|
||||||
if (($? >> 8) != 1) {
|
|
||||||
if (($? >> 8) == 127) {
|
|
||||||
print STDERR "I: cannot find newuidmap\n";
|
|
||||||
} else {
|
|
||||||
print STDERR "I: newuidmap returned unknown exit status\n";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
system "newgidmap 2>/dev/null";
|
|
||||||
if (($? >> 8) != 1) {
|
|
||||||
if (($? >> 8) == 127) {
|
|
||||||
print STDERR "I: cannot find newgidmap\n";
|
|
||||||
} else {
|
|
||||||
print STDERR "I: newgidmap returned unknown exit status\n";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
my $procfile = '/proc/sys/kernel/unprivileged_userns_clone';
|
my $procfile = '/proc/sys/kernel/unprivileged_userns_clone';
|
||||||
open(my $fh, '<', $procfile) or die "failed to open $procfile: $!";
|
open(my $fh, '<', $procfile) or die "failed to open $procfile: $!";
|
||||||
chomp(my $content = do { local $/; <$fh> });
|
chomp(my $content = do { local $/; <$fh> });
|
||||||
|
|
Loading…
Reference in a new issue