Compare commits
No commits in common. "055e1719b95960496a0cda88535fd00e9a395516" and "dd774b4f2008d98220ef3a24e959c21d0fcf27f9" have entirely different histories.
055e1719b9
...
dd774b4f20
9 changed files with 80 additions and 159 deletions
|
|
@ -69,7 +69,7 @@ mirror="http://127.0.0.1/debian"
|
|||
|
||||
export HAVE_QEMU HAVE_BINFMT RUN_MA_SAME_TESTS DEFAULT_DIST SOURCE_DATE_EPOCH CMD mirror
|
||||
|
||||
./coverage.py "$@"
|
||||
./coverage.py
|
||||
|
||||
if [ -e shared/cover_db.img ]; then
|
||||
# produce report inside the VM to make sure that the versions match or
|
||||
|
|
|
|||
10
coverage.txt
10
coverage.txt
|
|
@ -283,16 +283,10 @@ Test: debootstrap-no-op-options
|
|||
Needs-Root: true
|
||||
|
||||
Test: verbose
|
||||
Variants: - standard
|
||||
Skip-If:
|
||||
variant == "-" and hostarch not in ["armel", "armhf", "mipsel"] # #1031276
|
||||
variant == "standard" and hostarch in ["armel", "armhf", "mipsel"] # #1031276
|
||||
Needs-Root: true
|
||||
|
||||
Test: debug
|
||||
Variants: - standard
|
||||
Skip-If:
|
||||
variant == "-" and hostarch not in ["armel", "armhf", "mipsel"] # #1031276
|
||||
variant == "standard" and hostarch in ["armel", "armhf", "mipsel"] # #1031276
|
||||
Needs-Root: true
|
||||
|
||||
Test: quiet
|
||||
Needs-Root: true
|
||||
|
|
|
|||
|
|
@ -20,10 +20,7 @@ deletecache() {
|
|||
return 1
|
||||
fi
|
||||
# be very careful with removing the old directory
|
||||
# experimental is pulled in with USE_HOST_APT_CONFIG=yes on debci
|
||||
# when testing a package from experimental
|
||||
for dist in oldstable stable testing unstable experimental; do
|
||||
# deleting artifacts from test "debootstrap"
|
||||
for dist in oldstable stable testing unstable; do
|
||||
for variant in minbase buildd -; do
|
||||
if [ -e "$dir/debian-$dist-$variant.tar" ]; then
|
||||
rm "$dir/debian-$dist-$variant.tar"
|
||||
|
|
@ -31,18 +28,6 @@ deletecache() {
|
|||
echo "does not exist: $dir/debian-$dist-$variant.tar" >&2
|
||||
fi
|
||||
done
|
||||
# deleting artifacts from test "mmdebstrap"
|
||||
for variant in essential apt minbase buildd - standard; do
|
||||
for format in tar ext2 squashfs; do
|
||||
if [ -e "$dir/mmdebstrap-$dist-$variant.$format" ]; then
|
||||
# attempt to delete for all dists because DEFAULT_DIST might've been different the last time
|
||||
rm "$dir/mmdebstrap-$dist-$variant.$format"
|
||||
elif [ "$dist" = "$DEFAULT_DIST" ]; then
|
||||
# only warn about non-existance when it's expected to exist
|
||||
echo "does not exist: $dir/mmdebstrap-$dist-$variant.$format" >&2
|
||||
fi
|
||||
done
|
||||
done
|
||||
if [ -e "$dir/debian/dists/$dist" ]; then
|
||||
rm --one-file-system --recursive "$dir/debian/dists/$dist"
|
||||
else
|
||||
|
|
@ -78,16 +63,11 @@ deletecache() {
|
|||
rm --one-file-system "$f"
|
||||
fi
|
||||
done
|
||||
# on i386 and amd64, the intel-microcode and amd64-microcode packages
|
||||
# from non-free-firwame get pulled in because they are
|
||||
# priority:standard with USE_HOST_APT_CONFIG=yes
|
||||
for c in main non-free-firmware; do
|
||||
if [ -e "$dir/debian/pool/$c" ]; then
|
||||
rm --one-file-system --recursive "$dir/debian/pool/$c"
|
||||
if [ -e "$dir/debian/pool/main" ]; then
|
||||
rm --one-file-system --recursive "$dir/debian/pool/main"
|
||||
else
|
||||
echo "does not exist: $dir/debian/pool/$c" >&2
|
||||
echo "does not exist: $dir/debian/pool/main" >&2
|
||||
fi
|
||||
done
|
||||
if [ -e "$dir/debian-security/pool/updates/main" ]; then
|
||||
rm --one-file-system --recursive "$dir/debian-security/pool/updates/main"
|
||||
else
|
||||
|
|
|
|||
144
mmdebstrap
144
mmdebstrap
|
|
@ -305,23 +305,14 @@ sub shellescape {
|
|||
|
||||
sub test_unshare_userns {
|
||||
my $verbose = shift;
|
||||
my $fail = shift;
|
||||
|
||||
local *maybe_warn = sub {
|
||||
my $msg = shift;
|
||||
my $unshare_fail = shift;
|
||||
if ($EFFECTIVE_USER_ID == 0) {
|
||||
my $msg = "cannot unshare user namespace when executing as root";
|
||||
if ($verbose) {
|
||||
if ($fail) {
|
||||
error $msg;
|
||||
} else {
|
||||
warning $msg;
|
||||
}
|
||||
} else {
|
||||
debug $msg;
|
||||
}
|
||||
};
|
||||
|
||||
if ($EFFECTIVE_USER_ID == 0) {
|
||||
maybe_warn("cannot unshare user namespace when executing as root");
|
||||
return 0;
|
||||
}
|
||||
# arguments to syscalls have to be stored in their own variable or
|
||||
|
|
@ -335,7 +326,12 @@ sub test_unshare_userns {
|
|||
if ($ret == 0) {
|
||||
exit 0;
|
||||
} else {
|
||||
maybe_warn("unshare syscall failed: $!");
|
||||
my $msg = "unshare syscall failed: $!";
|
||||
if ($verbose) {
|
||||
warning $msg;
|
||||
} else {
|
||||
debug $msg;
|
||||
}
|
||||
exit 1;
|
||||
}
|
||||
}
|
||||
|
|
@ -348,140 +344,120 @@ sub test_unshare_userns {
|
|||
system "newuidmap 2>/dev/null";
|
||||
if (($? >> 8) != 1) {
|
||||
if (($? >> 8) == 127) {
|
||||
maybe_warn("cannot find newuidmap");
|
||||
my $msg = "cannot find newuidmap";
|
||||
if ($verbose) {
|
||||
if ($unshare_fail) {
|
||||
error $msg;
|
||||
} else {
|
||||
maybe_warn("newuidmap returned unknown exit status: $?");
|
||||
warning $msg;
|
||||
}
|
||||
} else {
|
||||
debug $msg;
|
||||
}
|
||||
} else {
|
||||
my $msg = "newuidmap returned unknown exit status: $?";
|
||||
if ($verbose) {
|
||||
warning $msg;
|
||||
} else {
|
||||
debug $msg;
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
system "newgidmap 2>/dev/null";
|
||||
if (($? >> 8) != 1) {
|
||||
if (($? >> 8) == 127) {
|
||||
maybe_warn("cannot find newgidmap");
|
||||
} else {
|
||||
maybe_warn("newgidmap returned unknown exit status: $?");
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
my @idmap = read_subuid_subgid($verbose);
|
||||
if (scalar @idmap == 0) {
|
||||
maybe_warn("failed to parse /etc/subuid and /etc/subgid");
|
||||
return 0;
|
||||
}
|
||||
# too much can go wrong when doing the dance required to unsharing the user
|
||||
# namespace, so instead of adding more complexity to support maybe_warn()
|
||||
# to a function that is already too complex, we use eval()
|
||||
eval {
|
||||
$pid = get_unshare_cmd(
|
||||
sub {
|
||||
if ($EFFECTIVE_USER_ID == 0) {
|
||||
exit 0;
|
||||
} else {
|
||||
exit 1;
|
||||
}
|
||||
},
|
||||
\@idmap
|
||||
);
|
||||
waitpid $pid, 0;
|
||||
if ($? != 0) {
|
||||
maybe_warn("failed to unshare the user namespace");
|
||||
return 0;
|
||||
}
|
||||
};
|
||||
if ($@) {
|
||||
maybe_warn($@);
|
||||
return 0;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
sub read_subuid_subgid {
|
||||
my $verbose = shift;
|
||||
my @result = ();
|
||||
my $username = getpwuid $REAL_USER_ID;
|
||||
my ($subid, $num_subid, $fh, $n);
|
||||
|
||||
local *maybe_warn = sub {
|
||||
my $msg = shift;
|
||||
my $msg = "cannot find newgidmap";
|
||||
if ($verbose) {
|
||||
warning $msg;
|
||||
} else {
|
||||
debug $msg;
|
||||
}
|
||||
};
|
||||
} else {
|
||||
my $msg = "newgidmap returned unknown exit status: $?";
|
||||
if ($verbose) {
|
||||
warning $msg;
|
||||
} else {
|
||||
debug $msg;
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
sub read_subuid_subgid() {
|
||||
my $username = getpwuid $REAL_USER_ID;
|
||||
my ($subid, $num_subid, $fh, $n);
|
||||
my @result = ();
|
||||
|
||||
if (!-e "/etc/subuid") {
|
||||
maybe_warn("/etc/subuid doesn't exist");
|
||||
warning "/etc/subuid doesn't exist";
|
||||
return;
|
||||
}
|
||||
if (!-r "/etc/subuid") {
|
||||
maybe_warn("/etc/subuid is not readable");
|
||||
warning "/etc/subuid is not readable";
|
||||
return;
|
||||
}
|
||||
|
||||
open $fh, "<", "/etc/subuid"
|
||||
or maybe_warn("cannot open /etc/subuid for reading: $!");
|
||||
if (!$fh) {
|
||||
return;
|
||||
}
|
||||
or error "cannot open /etc/subuid for reading: $!";
|
||||
while (my $line = <$fh>) {
|
||||
($n, $subid, $num_subid) = split(/:/, $line, 3);
|
||||
last if ($n eq $username);
|
||||
}
|
||||
close $fh;
|
||||
if (!length $subid) {
|
||||
maybe_warn("/etc/subuid is empty");
|
||||
warning "/etc/subuid is empty";
|
||||
return;
|
||||
}
|
||||
if ($n ne $username) {
|
||||
maybe_warn("no entry in /etc/subuid for $username");
|
||||
warning "no entry in /etc/subuid for $username";
|
||||
return;
|
||||
}
|
||||
push @result, ["u", 0, $subid, $num_subid];
|
||||
|
||||
if (scalar(@result) < 1) {
|
||||
maybe_warn("/etc/subuid does not contain an entry for $username");
|
||||
warning "/etc/subuid does not contain an entry for $username";
|
||||
return;
|
||||
}
|
||||
if (scalar(@result) > 1) {
|
||||
maybe_warn("/etc/subuid contains multiple entries for $username");
|
||||
warning "/etc/subuid contains multiple entries for $username";
|
||||
return;
|
||||
}
|
||||
|
||||
if (!-e "/etc/subgid") {
|
||||
maybe_warn("/etc/subgid doesn't exist");
|
||||
warning "/etc/subgid doesn't exist";
|
||||
return;
|
||||
}
|
||||
if (!-r "/etc/subgid") {
|
||||
maybe_warn("/etc/subgid is not readable");
|
||||
warning "/etc/subgid is not readable";
|
||||
return;
|
||||
}
|
||||
|
||||
open $fh, "<", "/etc/subgid"
|
||||
or maybe_warn("cannot open /etc/subgid for reading: $!");
|
||||
if (!$fh) {
|
||||
return;
|
||||
}
|
||||
or error "cannot open /etc/subgid for reading: $!";
|
||||
while (my $line = <$fh>) {
|
||||
($n, $subid, $num_subid) = split(/:/, $line, 3);
|
||||
last if ($n eq $username);
|
||||
}
|
||||
close $fh;
|
||||
if (!length $subid) {
|
||||
maybe_warn("/etc/subgid is empty");
|
||||
warning "/etc/subgid is empty";
|
||||
return;
|
||||
}
|
||||
if ($n ne $username) {
|
||||
maybe_warn("no entry in /etc/subgid for $username");
|
||||
warning "no entry in /etc/subgid for $username";
|
||||
return;
|
||||
}
|
||||
push @result, ["g", 0, $subid, $num_subid];
|
||||
|
||||
if (scalar(@result) < 2) {
|
||||
maybe_warn("/etc/subgid does not contain an entry for $username");
|
||||
warning "/etc/subgid does not contain an entry for $username";
|
||||
return;
|
||||
}
|
||||
if (scalar(@result) > 2) {
|
||||
maybe_warn("/etc/subgid contains multiple entries for $username");
|
||||
warning "/etc/subgid contains multiple entries for $username";
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
@ -4377,7 +4353,7 @@ sub main() {
|
|||
}
|
||||
my @idmap = ();
|
||||
if ($EFFECTIVE_USER_ID != 0) {
|
||||
@idmap = read_subuid_subgid 1;
|
||||
@idmap = read_subuid_subgid;
|
||||
}
|
||||
my $pid = get_unshare_cmd(
|
||||
sub {
|
||||
|
|
@ -5689,7 +5665,7 @@ sub main() {
|
|||
# for unshare mode the rootfs directory has to have appropriate
|
||||
# permissions
|
||||
if ($EFFECTIVE_USER_ID != 0 and $options->{mode} eq 'unshare') {
|
||||
@idmap = read_subuid_subgid 1;
|
||||
@idmap = read_subuid_subgid;
|
||||
# sanity check
|
||||
if ( scalar(@idmap) != 2
|
||||
|| $idmap[0][0] ne 'u'
|
||||
|
|
|
|||
|
|
@ -5,21 +5,14 @@ export SOURCE_DATE_EPOCH={{ SOURCE_DATE_EPOCH }}
|
|||
|
||||
trap "rm -f /tmp/debian-chroot-{{ MODE }}.{{ FORMAT }}" EXIT INT TERM
|
||||
|
||||
case {{ MODE }} in unshare|fakechroot) : ;; *) exit 1;; esac
|
||||
|
||||
prefix=
|
||||
if [ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != "root" ] && [ "{{ MODE }}" != "auto" ]; then
|
||||
if ! id "${SUDO_USER:-user}" >/dev/null 2>&1; then
|
||||
if ! id "${SUDO_USER:-user}" >/dev/null 2>&1; then
|
||||
if [ ! -e /mmdebstrap-testenv ]; then
|
||||
echo "this test modifies the system and should only be run inside a container" >&2
|
||||
exit 1
|
||||
fi
|
||||
useradd --home-dir "/home/${SUDO_USER:-user}" --create-home "${SUDO_USER:-user}"
|
||||
fi
|
||||
prefix="runuser -u ${SUDO_USER:-user} --"
|
||||
fi
|
||||
|
||||
$prefix {{ CMD }} --mode={{ MODE }} --variant={{ VARIANT }} {{ DIST }} /tmp/debian-chroot-{{ MODE }}.{{ FORMAT }} {{ MIRROR }}
|
||||
runuser -u "${SUDO_USER:-user}" -- {{ CMD }} --mode={{ MODE }} --variant={{ VARIANT }} {{ DIST }} /tmp/debian-chroot-{{ MODE }}.{{ FORMAT }} {{ MIRROR }}
|
||||
cmp ./cache/mmdebstrap-{{ DIST }}-{{ VARIANT }}.{{ FORMAT }} /tmp/debian-chroot-{{ MODE }}.{{ FORMAT }} \
|
||||
|| diffoscope ./cache/mmdebstrap-{{ DIST }}-{{ VARIANT }}.{{ FORMAT }} /tmp/debian-chroot-{{ MODE }}.{{ FORMAT }}
|
||||
|
||||
|
|
|
|||
17
tests/debug
17
tests/debug
|
|
@ -1,17 +1,6 @@
|
|||
#!/bin/sh
|
||||
set -eu
|
||||
export LC_ALL=C.UTF-8
|
||||
export SOURCE_DATE_EPOCH={{ SOURCE_DATE_EPOCH }}
|
||||
|
||||
trap "rm -f /tmp/debian-chroot.tar" EXIT INT TERM
|
||||
|
||||
# we use variant standard in verbose mode to see the maximum number of packages
|
||||
# that was chosen in case of USE_HOST_APT_CONFIG=yes
|
||||
# we use variant important on arches where variant standard is not bit-by-bit
|
||||
# reproducible due to #1031276
|
||||
case {{ VARIANT }} in standard|-) : ;; *) exit 1;; esac
|
||||
|
||||
{{ CMD }} --variant={{ VARIANT }} --debug {{ DIST }} /tmp/debian-chroot.tar {{ MIRROR }}
|
||||
|
||||
cmp ./cache/mmdebstrap-{{ DIST }}-{{ VARIANT }}.tar /tmp/debian-chroot.tar \
|
||||
|| diffoscope ./cache/mmdebstrap-{{ DIST }}-{{ VARIANT }}.tar /tmp/debian-chroot.tar
|
||||
{{ CMD }} --mode=root --variant=apt --debug {{ DIST }} /tmp/debian-chroot {{ MIRROR }}
|
||||
tar -C /tmp/debian-chroot --one-file-system -c . | tar -t | sort | diff -u tar1.txt -
|
||||
rm -r /tmp/debian-chroot
|
||||
|
|
|
|||
|
|
@ -13,4 +13,4 @@ if [ "$ret" = 0 ]; then
|
|||
echo expected failure but got exit $ret >&2
|
||||
exit 1
|
||||
fi
|
||||
[ ! -e /tmp/debian-chroot ]
|
||||
rm -r /tmp/debian-chroot
|
||||
|
|
|
|||
|
|
@ -14,4 +14,4 @@ if [ "$ret" = 0 ]; then
|
|||
echo expected failure but got exit $ret >&2
|
||||
exit 1
|
||||
fi
|
||||
[ ! -e /tmp/debian-chroot ]
|
||||
rm -r /tmp/debian-chroot
|
||||
|
|
|
|||
|
|
@ -1,17 +1,6 @@
|
|||
#!/bin/sh
|
||||
set -eu
|
||||
export LC_ALL=C.UTF-8
|
||||
export SOURCE_DATE_EPOCH={{ SOURCE_DATE_EPOCH }}
|
||||
|
||||
trap "rm -f /tmp/debian-chroot.tar" EXIT INT TERM
|
||||
|
||||
# we use variant standard in verbose mode to see the maximum number of packages
|
||||
# that was chosen in case of USE_HOST_APT_CONFIG=yes
|
||||
# we use variant important on arches where variant standard is not bit-by-bit
|
||||
# reproducible due to #1031276
|
||||
case {{ VARIANT }} in standard|-) : ;; *) exit 1;; esac
|
||||
|
||||
{{ CMD }} --variant={{ VARIANT }} --verbose {{ DIST }} /tmp/debian-chroot.tar {{ MIRROR }}
|
||||
|
||||
cmp ./cache/mmdebstrap-{{ DIST }}-{{ VARIANT }}.tar /tmp/debian-chroot.tar \
|
||||
|| diffoscope ./cache/mmdebstrap-{{ DIST }}-{{ VARIANT }}.tar /tmp/debian-chroot.tar
|
||||
{{ CMD }} --mode=root --variant=apt --verbose {{ DIST }} /tmp/debian-chroot {{ MIRROR }}
|
||||
tar -C /tmp/debian-chroot --one-file-system -c . | tar -t | sort | diff -u tar1.txt -
|
||||
rm -r /tmp/debian-chroot
|
||||
|
|
|
|||
Loading…
Reference in a new issue