First cut a new mock launcher

Michael_E_Brown at Dell.com Michael_E_Brown at Dell.com
Wed Jun 14 17:31:49 UTC 2006 

Nice start. A couple discussion points:

void debug(const char *format, ...)
{
#ifdef DEBUG

instead of #ifdef DEBUG, can we have an env var that controls this
on/off? (No recompile)

#define NSFLAG		"NAMESPACE=1"

What is the purpose of this?


	// elevate our privileges 
	if (setreuid (geteuid (), geteuid ()))
		error("setreuid failed: %s", strerror(errno));
	debug("running with uid: %d, gid: %d\n", getuid(), getgid());

Is this necessary? It seems to me like this is something that can be
done in mock.py for the cases where it is necessary, as mock.py might
need to know the user id of the person running mock, and so it can
switch back to that user for writing output files.
--
Michael

> -----Original Message-----
> From: fedora-buildsys-list-bounces at redhat.com 
> [mailto:fedora-buildsys-list-bounces at redhat.com] On Behalf Of 
> Clark Williams
> Sent: Wednesday, June 14, 2006 10:46 AM
> To: Discussion of Fedora build system
> Subject: First cut a new mock launcher
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Attached is the C source that is my first attempt at a mock 
> launcher program. This program is built as the executable 
> /usr/bin/mock with setuid:root, setgid:mock and will exec 
> python with the input file /usr/bin/mock.py.  The program 
> successfully  launches python, but I haven't worked through 
> all the issues to complete a build (yet). I know that mock.py 
> needs to be modified to remove the dont-run-as-root test and 
> I've made a first cut at removing mock-helper from .cfg 
> files, but I'm sure there are other things that need to be 
> done. I have checked nothing into CVS at this point and even 
> if/when I do, I suspect I'll be working off a branch for a while.
> 
> Note that the program makes use of Linux namespaces. This 
> *should* make our handling of mount points within the chroot 
> (/proc, /sys,
> etc.) a bit easier to clean up, since when the process dies 
> the mounts should just go away. I haven't verified this 
> though, so caveat emptor.
> 
> Anyway, it's a starting point. Please look it over and 
> provide feedback.
> 
> Clark
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.3 (GNU/Linux)
> Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
> 
> iD8DBQFEkC9DHyuj/+TTEp0RAq+4AKCn4hj3bGInJBMWd1Bj6h1SMeCV+QCgt3NW
> hPHE9hW9DXL9ZkPLbaJrL6Y=
> =XtsC
> -----END PGP SIGNATURE-----
> 
>

More information about the Fedora-buildsys-list mailing list