[PATCH] add --unpriv option to drop privileges when running a command with --chroot
Michael E Brown
Michael_E_Brown at dell.com
Fri Jan 25 00:45:08 UTC 2008
On Thu, Jan 24, 2008 at 04:07:51PM -0500, Mike Bonnet wrote:
> On Thu, 2008-01-24 at 16:04 -0500, Mike Bonnet wrote:
> > On Thu, 2008-01-24 at 15:42 -0500, Mike Bonnet wrote:
> > > This patch adds a --unpriv option that will cause privileges to be
> > > dropped before running a command with --chroot. This can be used to
> > > more closely simulate the environment used when running rpmbuilds.
> >
> > Let me try that again...
>
> Ok, the attachments are getting stripped off for some reason, trying
> inline...
This patch looks fine to me. Applying.
--
Michael
>
>
> >From 85e14d38aec32cf20d7f2bbdc77044d41c32a0a2 Mon Sep 17 00:00:00 2001
> From: Mike Bonnet <mikeb at redhat.com>
> Date: Thu, 24 Jan 2008 15:37:15 -0500
> Subject: [PATCH] optionally drop privileges when running a command with --chroot
>
> ---
> docs/mock.1 | 3 +++
> py/mock.py | 8 +++++++-
> 2 files changed, 10 insertions(+), 1 deletions(-)
>
> diff --git a/docs/mock.1 b/docs/mock.1
> index beaf2fb..38c3233 100644
> --- a/docs/mock.1
> +++ b/docs/mock.1
> @@ -137,6 +137,9 @@ Change directory where config files are found
> \fB\-\-rpmbuild_timeout=\fR\fISECONDS\fP
> Fail build if rpmbuild takes longer than 'timeout' seconds
> .TP
> +\fB\-\-unpriv\fR
> +Drop privileges before running command when using --chroot
> +.TP
> \fB\-q\fR, \fB\-\-quiet\fR
> Be quiet.
> .TP
> diff --git a/py/mock.py b/py/mock.py
> index 4a589bc..f422a33 100755
> --- a/py/mock.py
> +++ b/py/mock.py
> @@ -150,6 +150,8 @@ def command_parse(config_opts):
> dest="rpmbuild_timeout", type="int", default=None,
> help="Fail build if rpmbuild takes longer than 'timeout'"
> " seconds ")
> + parser.add_option("--unpriv", action="store_true", default=False,
> + help="Drop privileges before running command when using --chroot")
>
> # verbosity
> parser.add_option("-v", "--verbose", action="store_const", const=2,
> @@ -532,7 +534,11 @@ def main(ret):
> chroot._resetLogging()
> try:
> chroot._mountall()
> - chroot.doChroot(args, shell=shell)
> + if options.unpriv:
> + chroot.doChroot(args, shell=shell,
> + uid=chroot.chrootuid, gid=chroot.chrootgid)
> + else:
> + chroot.doChroot(args, shell=shell)
> finally:
> chroot._umountall()
>
> --
> 1.5.3.3
>
>
>
> --
> Fedora-buildsys-list mailing list
> Fedora-buildsys-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-buildsys-list
More information about the Fedora-buildsys-list
mailing list