From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id kM+3JKntu15WHgAA0tVLHw (envelope-from ) for ; Wed, 13 May 2020 12:52:57 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0 with LMTPS id OO3VE7jtu16xJwAA1q6Kng (envelope-from ) for ; Wed, 13 May 2020 12:53:12 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id CD12E940EED for ; Wed, 13 May 2020 12:53:09 +0000 (UTC) Received: from localhost ([::1]:41130 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jYqso-0001dC-RM for larch@yhetil.org; Wed, 13 May 2020 08:53:10 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:40774) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jYqsh-0001U8-Jb for guix-patches@gnu.org; Wed, 13 May 2020 08:53:03 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:46095) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1jYqsh-0001SK-Ak for guix-patches@gnu.org; Wed, 13 May 2020 08:53:03 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1jYqsh-0007y7-9F for guix-patches@gnu.org; Wed, 13 May 2020 08:53:03 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#41189] [PATCH v2 2/4] pack: Factorize store references in wrapper. Resent-From: Ludovic =?UTF-8?Q?Court=C3=A8s?= Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Wed, 13 May 2020 12:53:03 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 41189 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 41189@debbugs.gnu.org Cc: Ludovic =?UTF-8?Q?Court=C3=A8s?= Received: via spool by 41189-submit@debbugs.gnu.org id=B41189.158937435130552 (code B ref 41189); Wed, 13 May 2020 12:53:03 +0000 Received: (at 41189) by debbugs.gnu.org; 13 May 2020 12:52:31 +0000 Received: from localhost ([127.0.0.1]:57632 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jYqsB-0007wd-A9 for submit@debbugs.gnu.org; Wed, 13 May 2020 08:52:31 -0400 Received: from eggs.gnu.org ([209.51.188.92]:37724) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jYqsA-0007vk-2z for 41189@debbugs.gnu.org; Wed, 13 May 2020 08:52:30 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:35571) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jYqs4-0001Ku-FZ; Wed, 13 May 2020 08:52:24 -0400 Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=44970 helo=gnu.org) by fencepost.gnu.org with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1jYqs3-0006Fm-Ir; Wed, 13 May 2020 08:52:24 -0400 From: Ludovic =?UTF-8?Q?Court=C3=A8s?= Date: Wed, 13 May 2020 14:52:13 +0200 Message-Id: <20200513125215.27740-3-ludo@gnu.org> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200513125215.27740-1-ludo@gnu.org> References: <87tv0l9njp.fsf@inria.fr> <20200513125215.27740-1-ludo@gnu.org> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Score: -2.3 (--) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-Spam-Score: -3.3 (---) X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" X-Scanner: scn0 X-Spam-Score: -0.01 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Scan-Result: default: False [-0.01 / 13.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; GENERIC_REPUTATION(0.00)[-0.53972947172804]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:209.51.188.0/24:c]; IP_REPUTATION_HAM(0.00)[asn: 22989(0.06), country: US(-0.00), ip: 209.51.188.17(-0.54)]; DWL_DNSWL_FAIL(0.00)[209.51.188.17:server fail]; MX_GOOD(-0.50)[cached: eggs.gnu.org]; RCPT_COUNT_TWO(0.00)[2]; MAILLIST(-0.20)[mailman]; FORGED_RECIPIENTS_MAILLIST(0.00)[]; RCVD_IN_DNSWL_FAIL(0.00)[209.51.188.17:server fail]; RCVD_TLS_LAST(0.00)[]; R_DKIM_NA(0.00)[]; ASN(0.00)[asn:22989, ipnet:209.51.188.0/24, country:US]; MIME_TRACE(0.00)[0:+]; TAGGED_FROM(0.00)[larch=yhetil.org]; ARC_NA(0.00)[]; FROM_NEQ_ENVFROM(0.00)[ludo@gnu.org,guix-patches-bounces@gnu.org]; FROM_HAS_DN(0.00)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[gnu.org]; HAS_LIST_UNSUB(-0.01)[]; MID_CONTAINS_FROM(1.00)[]; RWL_MAILSPIKE_POSSIBLE(0.00)[209.51.188.17:from]; RCVD_COUNT_SEVEN(0.00)[9]; FORGED_SENDER_MAILLIST(0.00)[] X-TUID: Yk7tnByaQn0U * gnu/packages/aux-files/run-in-namespace.c (original_store): New variable. (exec_in_user_namespace, exec_with_proot, main): Use it instead of the literal "@STORE_DIRECTORY@". --- gnu/packages/aux-files/run-in-namespace.c | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/gnu/packages/aux-files/run-in-namespace.c b/gnu/packages/aux-files/run-in-namespace.c index 6beac7fd53..6e97359078 100644 --- a/gnu/packages/aux-files/run-in-namespace.c +++ b/gnu/packages/aux-files/run-in-namespace.c @@ -42,6 +42,10 @@ #include #include +/* The original store, "/gnu/store" by default. */ +static const char original_store[] = "@STORE_DIRECTORY@"; + + /* Like 'malloc', but abort if 'malloc' returns NULL. */ static void * xmalloc (size_t size) @@ -228,7 +232,7 @@ exec_in_user_namespace (const char *store, int argc, char *argv[]) bind-mounted in the right place. */ int err; char *new_root = mkdtemp (strdup ("/tmp/guix-exec-XXXXXX")); - char *new_store = concat (new_root, "@STORE_DIRECTORY@"); + char *new_store = concat (new_root, original_store); char *cwd = get_current_dir_name (); /* Create a child with separate namespaces and set up bind-mounts from @@ -307,11 +311,11 @@ exec_with_proot (const char *store, int argc, char *argv[]) int proot_specific_argc = 4; int proot_argc = argc + proot_specific_argc; char *proot_argv[proot_argc + 1], *proot; - char bind_spec[strlen (store) + 1 + sizeof "@STORE_DIRECTORY@"]; + char bind_spec[strlen (store) + 1 + sizeof original_store]; strcpy (bind_spec, store); strcat (bind_spec, ":"); - strcat (bind_spec, "@STORE_DIRECTORY@"); + strcat (bind_spec, original_store); proot = concat (store, PROOT_PROGRAM); @@ -413,8 +417,7 @@ main (int argc, char *argv[]) /* SELF is something like "/home/ludo/.local/gnu/store/…-foo/bin/ls" and we want to extract "/home/ludo/.local/gnu/store". */ size_t index = strlen (self) - - strlen ("@WRAPPED_PROGRAM@") - + strlen ("@STORE_DIRECTORY@"); + - strlen ("@WRAPPED_PROGRAM@") + strlen (original_store); char *store = strdup (self); store[index] = '\0'; @@ -424,7 +427,7 @@ main (int argc, char *argv[]) @WRAPPED_PROGRAM@ right away. This is not just an optimization: it's needed when running one of these wrappers from within an unshare'd namespace, because 'unshare' fails with EPERM in that context. */ - if (strcmp (store, "@STORE_DIRECTORY@") != 0 + if (strcmp (store, original_store) != 0 && lstat ("@WRAPPED_PROGRAM@", &statbuf) != 0) { const struct engine *engine = execution_engine (); -- 2.26.2