josch/mmdebstrap
2
3
Fork 6
Code Issues 8 Pull requests 1 Projects Releases Wiki Activity

Compare commits

base: josch:b78fb638e7520b4b2168511d8093a4916825f7df
Branches Tags
josch:main
josch:1.5.4
josch:1.5.3
josch:1.5.2
josch:1.5.1
josch:1.5.0
josch:1.4.3
josch:1.4.2
josch:1.4.1
josch:1.4.0
josch:1.3.8
josch:1.3.7
josch:1.3.6
josch:1.3.5
josch:1.3.4
josch:1.3.3
josch:1.3.2
josch:1.3.1
josch:1.3.0
josch:1.2.5
josch:1.2.4
josch:1.2.3
josch:1.2.2
josch:1.2.1
josch:1.2.0
josch:1.1.0
josch:1.0.1
josch:1.0.0
josch:0.8.6
josch:0.8.5
josch:0.8.4
josch:0.8.3
josch:0.8.2
josch:0.8.1
josch:0.8.0
josch:0.7.5
josch:0.7.4
josch:0.7.3
josch:0.7.2
josch:0.7.1
josch:0.7.0
josch:0.6.1
josch:0.6.0
josch:0.5.1
josch:0.5.0
josch:0.4.1
josch:0.4.0
josch:0.3.0
josch:0.2.0
josch:0.1.0
..
compare: josch:825ad0bf735b574ccd692c7d7e91a9cb0d7172e0
Branches Tags
josch:main
josch:1.5.4
josch:1.5.3
josch:1.5.2
josch:1.5.1
josch:1.5.0
josch:1.4.3
josch:1.4.2
josch:1.4.1
josch:1.4.0
josch:1.3.8
josch:1.3.7
josch:1.3.6
josch:1.3.5
josch:1.3.4
josch:1.3.3
josch:1.3.2
josch:1.3.1
josch:1.3.0
josch:1.2.5
josch:1.2.4
josch:1.2.3
josch:1.2.2
josch:1.2.1
josch:1.2.0
josch:1.1.0
josch:1.0.1
josch:1.0.0
josch:0.8.6
josch:0.8.5
josch:0.8.4
josch:0.8.3
josch:0.8.2
josch:0.8.1
josch:0.8.0
josch:0.7.5
josch:0.7.4
josch:0.7.3
josch:0.7.2
josch:0.7.1
josch:0.7.0
josch:0.6.1
josch:0.6.0
josch:0.5.1
josch:0.5.0
josch:0.4.1
josch:0.4.0
josch:0.3.0
josch:0.2.0
josch:0.1.0

No commits in common. "b78fb638e7520b4b2168511d8093a4916825f7df" and "825ad0bf735b574ccd692c7d7e91a9cb0d7172e0" have entirely different histories.
b78fb638e7 ... 825ad0bf73

18 changed files with 41 additions and 5 deletions
Show stats Expand all files Collapse all files

2
.mailmap
View file

@ -1,6 +1,4 @@
Johannes Schauer Marin Rodrigues <josch@mister-muffin.de> Johannes Schauer Marin Rodrigues <josch@mister-muffin.de>
Johannes Schauer Marin Rodrigues <josch@mister-muffin.de> <j.schauer@email.de> Johannes Schauer Marin Rodrigues <josch@mister-muffin.de> <j.schauer@email.de>
Johannes Schauer Marin Rodrigues <josch@mister-muffin.de> <josch@debian.org>
Johannes Schauer Marin Rodrigues <josch@mister-muffin.de> <Johannes Schauer Marin Rodrigues josch@debian.org>
Helmut Grohne <helmut@subdivi.de> <helmut.grohne@intenta.de> Helmut Grohne <helmut@subdivi.de> <helmut.grohne@intenta.de>
Benjamin Drung <benjamin.drung@ionos.com> <benjamin.drung@cloud.ionos.com> Benjamin Drung <benjamin.drung@ionos.com> <benjamin.drung@cloud.ionos.com>

1
tests/as-debootstrap-unshare-wrapper
View file

@ -6,6 +6,7 @@ if [ ! -e /mmdebstrap-testenv ]; then
echo "this test modifies the system and should only be run inside a container" >&2 echo "this test modifies the system and should only be run inside a container" >&2
exit 1 exit 1
fi fi
sysctl -w kernel.unprivileged_userns_clone=1
useradd --home-dir /home/user --create-home user useradd --home-dir /home/user --create-home user
runuser -u user -- {{ CMD }} --variant=custom --mode=unshare --setup-hook='env container=lxc debootstrap unstable "$1" {{ MIRROR }}' - /tmp/debian-mm.tar {{ MIRROR }} runuser -u user -- {{ CMD }} --variant=custom --mode=unshare --setup-hook='env container=lxc debootstrap unstable "$1" {{ MIRROR }}' - /tmp/debian-mm.tar {{ MIRROR }}

2
tests/auto-mode-without-unshare-capabilities
View file

@ -6,9 +6,7 @@ if [ ! -e /mmdebstrap-testenv ]; then
exit 1 exit 1
fi fi
useradd --home-dir /home/user --create-home user useradd --home-dir /home/user --create-home user
if [ -e /proc/sys/kernel/unprivileged_userns_clone ] && [ "$(sysctl -n kernel.unprivileged_userns_clone)" = "1" ]; then
sysctl -w kernel.unprivileged_userns_clone=0 sysctl -w kernel.unprivileged_userns_clone=0
fi
runuser -u user -- {{ CMD }} --mode=auto --variant=apt {{ DIST }} /tmp/debian-chroot.tar.gz {{ MIRROR }} runuser -u user -- {{ CMD }} --mode=auto --variant=apt {{ DIST }} /tmp/debian-chroot.tar.gz {{ MIRROR }}
tar -tf /tmp/debian-chroot.tar.gz | sort | diff -u tar1.txt - tar -tf /tmp/debian-chroot.tar.gz | sort | diff -u tar1.txt -
rm /tmp/debian-chroot.tar.gz rm /tmp/debian-chroot.tar.gz

1
tests/check-for-bit-by-bit-identical-format-output
View file

@ -6,6 +6,7 @@ if [ ! -e /mmdebstrap-testenv ]; then
exit 1 exit 1
fi fi
useradd --home-dir /home/user --create-home user useradd --home-dir /home/user --create-home user
sysctl -w kernel.unprivileged_userns_clone=1
export SOURCE_DATE_EPOCH={{ SOURCE_DATE_EPOCH }} export SOURCE_DATE_EPOCH={{ SOURCE_DATE_EPOCH }}
{{ CMD }} --mode=root --variant={{ VARIANT }} {{ DIST }} /tmp/debian-chroot-root.{{ FORMAT }} {{ MIRROR }} {{ CMD }} --mode=root --variant={{ VARIANT }} {{ DIST }} /tmp/debian-chroot-root.{{ FORMAT }} {{ MIRROR }}
if [ "{{ FORMAT }}" = tar ]; then if [ "{{ FORMAT }}" = tar ]; then

7
tests/create-arm64-tarball
View file

@ -8,6 +8,13 @@ if [ "$(id -u)" -eq 0 ] && ! id -u user > /dev/null 2>&1; then
fi fi
useradd --home-dir /home/user --create-home user useradd --home-dir /home/user --create-home user
fi fi
if [ "{{ MODE }}" = unshare ]; then
if [ ! -e /mmdebstrap-testenv ]; then
echo "this test modifies the system and should only be run inside a container" >&2
exit 1
fi
sysctl -w kernel.unprivileged_userns_clone=1
fi
prefix= prefix=
[ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != "root" ] && prefix="runuser -u user --" [ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != "root" ] && prefix="runuser -u user --"
[ "{{ MODE }}" = "fakechroot" ] && prefix="$prefix fakechroot fakeroot" [ "{{ MODE }}" = "fakechroot" ] && prefix="$prefix fakechroot fakeroot"

1
tests/create-gzip-compressed-tarball
View file

@ -6,6 +6,7 @@ if [ ! -e /mmdebstrap-testenv ]; then
exit 1 exit 1
fi fi
useradd --home-dir /home/user --create-home user useradd --home-dir /home/user --create-home user
sysctl -w kernel.unprivileged_userns_clone=1
runuser -u user -- {{ CMD }} --mode=unshare --variant=apt {{ DIST }} /tmp/debian-chroot.tar.gz {{ MIRROR }} runuser -u user -- {{ CMD }} --mode=unshare --variant=apt {{ DIST }} /tmp/debian-chroot.tar.gz {{ MIRROR }}
printf '\037\213\010' | cmp --bytes=3 /tmp/debian-chroot.tar.gz - printf '\037\213\010' | cmp --bytes=3 /tmp/debian-chroot.tar.gz -
tar -tf /tmp/debian-chroot.tar.gz | sort | diff -u tar1.txt - tar -tf /tmp/debian-chroot.tar.gz | sort | diff -u tar1.txt -

7
tests/create-tarball-dry-run
View file

@ -16,6 +16,13 @@ if [ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != root ] && [ "{{ MODE }}" != auto ];
fi fi
useradd --home-dir /home/user --create-home user useradd --home-dir /home/user --create-home user
fi fi
if [ "{{ MODE }}" = unshare ]; then
if [ ! -e /mmdebstrap-testenv ]; then
echo "this test modifies the system and should only be run inside a container" >&2
exit 1
fi
sysctl -w kernel.unprivileged_userns_clone=1
fi
prefix="runuser -u user --" prefix="runuser -u user --"
if [ "{{ VARIANT }}" = extract ] || [ "{{ VARIANT }}" = custom ]; then if [ "{{ VARIANT }}" = extract ] || [ "{{ VARIANT }}" = custom ]; then
include="$(tr '\n' ',' < pkglist.txt)" include="$(tr '\n' ',' < pkglist.txt)"

1
tests/custom-tmpdir
View file

@ -8,6 +8,7 @@ fi
# https://www.etalabs.net/sh_tricks.html # https://www.etalabs.net/sh_tricks.html
quote () { printf %s\\n "$1" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/'/" ; } quote () { printf %s\\n "$1" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/'/" ; }
useradd --home-dir /home/user --create-home user useradd --home-dir /home/user --create-home user
sysctl -w kernel.unprivileged_userns_clone=1
homedir=$(runuser -u user -- sh -c 'cd && pwd') homedir=$(runuser -u user -- sh -c 'cd && pwd')
# apt:test/integration/test-apt-key # apt:test/integration/test-apt-key
TMPDIR_ADD="This is fü\$\$ing cràzy, \$(apt -v)\$!" TMPDIR_ADD="This is fü\$\$ing cràzy, \$(apt -v)\$!"

1
tests/cwd-directory-not-accessible-by-unshared-user
View file

@ -6,6 +6,7 @@ if [ ! -e /mmdebstrap-testenv ]; then
exit 1 exit 1
fi fi
useradd --home-dir /home/user --create-home user useradd --home-dir /home/user --create-home user
sysctl -w kernel.unprivileged_userns_clone=1
mkdir /tmp/debian-chroot mkdir /tmp/debian-chroot
chmod 700 /tmp/debian-chroot chmod 700 /tmp/debian-chroot
chown user:user /tmp/debian-chroot chown user:user /tmp/debian-chroot

1
tests/fail-without-etc-subuid
View file

@ -6,6 +6,7 @@ if [ ! -e /mmdebstrap-testenv ]; then
exit 1 exit 1
fi fi
useradd --home-dir /home/user --create-home user useradd --home-dir /home/user --create-home user
sysctl -w kernel.unprivileged_userns_clone=1
rm /etc/subuid rm /etc/subuid
ret=0 ret=0
runuser -u user -- {{ CMD }} --mode=unshare --variant=apt {{ DIST }} /tmp/debian-chroot {{ MIRROR }} || ret=$? runuser -u user -- {{ CMD }} --mode=unshare --variant=apt {{ DIST }} /tmp/debian-chroot {{ MIRROR }} || ret=$?

1
tests/fail-without-username-in-etc-subuid
View file

@ -6,6 +6,7 @@ if [ ! -e /mmdebstrap-testenv ]; then
exit 1 exit 1
fi fi
useradd --home-dir /home/user --create-home user useradd --home-dir /home/user --create-home user
sysctl -w kernel.unprivileged_userns_clone=1
awk -F: '$1!="user"' /etc/subuid > /etc/subuid.tmp awk -F: '$1!="user"' /etc/subuid > /etc/subuid.tmp
mv /etc/subuid.tmp /etc/subuid mv /etc/subuid.tmp /etc/subuid
ret=0 ret=0

1
tests/jessie-or-older
View file

@ -6,6 +6,7 @@ if [ ! -e /mmdebstrap-testenv ]; then
exit 1 exit 1
fi fi
useradd --home-dir /home/user --create-home user useradd --home-dir /home/user --create-home user
sysctl -w kernel.unprivileged_userns_clone=1
export SOURCE_DATE_EPOCH={{ SOURCE_DATE_EPOCH }} export SOURCE_DATE_EPOCH={{ SOURCE_DATE_EPOCH }}
filter() { filter() {

1
tests/missing-dev-sys-proc-inside-the-chroot
View file

@ -6,4 +6,5 @@ if [ ! -e /mmdebstrap-testenv ]; then
exit 1 exit 1
fi fi
useradd --home-dir /home/user --create-home user useradd --home-dir /home/user --create-home user
sysctl -w kernel.unprivileged_userns_clone=1
runuser -u user -- {{ CMD }} --mode=unshare --variant=custom --include=dpkg,dash,diffutils,coreutils,libc-bin,sed {{ DIST }} /dev/null {{ MIRROR }} runuser -u user -- {{ CMD }} --mode=unshare --variant=custom --include=dpkg,dash,diffutils,coreutils,libc-bin,sed {{ DIST }} /dev/null {{ MIRROR }}

1
tests/missing-device-nodes-outside-the-chroot
View file

@ -7,6 +7,7 @@ if [ ! -e /mmdebstrap-testenv ]; then
fi fi
rm /dev/console rm /dev/console
useradd --home-dir /home/user --create-home user useradd --home-dir /home/user --create-home user
sysctl -w kernel.unprivileged_userns_clone=1
runuser -u user -- {{ CMD }} --mode=unshare --variant=apt {{ DIST }} /tmp/debian-chroot.tar {{ MIRROR }} runuser -u user -- {{ CMD }} --mode=unshare --variant=apt {{ DIST }} /tmp/debian-chroot.tar {{ MIRROR }}
tar -tf /tmp/debian-chroot.tar | sort | diff -u tar1.txt - tar -tf /tmp/debian-chroot.tar | sort | diff -u tar1.txt -
rm /tmp/debian-chroot.tar rm /tmp/debian-chroot.tar

1
tests/root-mode-inside-unshare-chroot
View file

@ -11,6 +11,7 @@ if [ ! -e /mmdebstrap-testenv ]; then
fi fi
[ "$(whoami)" = "root" ] [ "$(whoami)" = "root" ]
useradd --home-dir /home/user --create-home user useradd --home-dir /home/user --create-home user
sysctl -w kernel.unprivileged_userns_clone=1
cat << 'SCRIPT' > script.sh cat << 'SCRIPT' > script.sh
#!/bin/sh #!/bin/sh
set -eu set -eu

7
tests/special-hooks-with-mode-mode
View file

@ -8,6 +8,13 @@ if [ "$(id -u)" -eq 0 ] && ! id -u user > /dev/null 2>&1; then
fi fi
useradd --home-dir /home/user --create-home user useradd --home-dir /home/user --create-home user
fi fi
if [ "{{ MODE }}" = unshare ]; then
if [ ! -e /mmdebstrap-testenv ]; then
echo "this test modifies the system and should only be run inside a container" >&2
exit 1
fi
sysctl -w kernel.unprivileged_userns_clone=1
fi
prefix= prefix=
[ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != "root" ] && prefix="runuser -u user --" [ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != "root" ] && prefix="runuser -u user --"
[ "{{ MODE }}" = "fakechroot" ] && prefix="$prefix fakechroot fakeroot" [ "{{ MODE }}" = "fakechroot" ] && prefix="$prefix fakechroot fakeroot"

1
tests/tarfilter-idshift
View file

@ -9,6 +9,7 @@ trap "rm -f /tmp/debian-chroot.tar /tmp/debian-chroot-shifted.tar /tmp/debian-ch
useradd --home-dir /home/user --create-home user useradd --home-dir /home/user --create-home user
echo user:100000:65536 | cmp /etc/subuid - echo user:100000:65536 | cmp /etc/subuid -
echo user:100000:65536 | cmp /etc/subgid - echo user:100000:65536 | cmp /etc/subgid -
sysctl -w kernel.unprivileged_userns_clone=1
# include iputils-ping so that we can verify that tarfilter does not remove # include iputils-ping so that we can verify that tarfilter does not remove
# extended attributes # extended attributes
# run through tarshift no-op to create a tarball that should be bit-by-bit # run through tarshift no-op to create a tarball that should be bit-by-bit

7
tests/unpack-doc-debian
View file

@ -8,6 +8,13 @@ if [ "$(id -u)" -eq 0 ] && ! id -u user > /dev/null 2>&1; then
fi fi
useradd --home-dir /home/user --create-home user useradd --home-dir /home/user --create-home user
fi fi
if [ "{{ MODE }}" = unshare ]; then
if [ ! -e /mmdebstrap-testenv ]; then
echo "this test modifies the system and should only be run inside a container" >&2
exit 1
fi
sysctl -w kernel.unprivileged_userns_clone=1
fi
prefix= prefix=
[ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != "root" ] && prefix="runuser -u user --" [ "$(id -u)" -eq 0 ] && [ "{{ MODE }}" != "root" ] && prefix="runuser -u user --"
[ "{{ MODE }}" = "fakechroot" ] && prefix="$prefix fakechroot fakeroot" [ "{{ MODE }}" = "fakechroot" ] && prefix="$prefix fakechroot fakeroot"