Added native utilities to mount/umount/chroot via capabilities(7).
Three new helpers will now be installed into ${libexecdir}:
- xbps-src-capchroot needs to have set CAP_SYS_CHROOT ep.
- xbps-src-chroot-cap{,u}mount: needs to have set CAP_SYS_ADMIN ep.
That means that libcap and setcap(8) are now required to install
xbps-src and use it as normal user.
--HG--
extra : convert_revision : 586d6526079e085f86bf3e393459d429f6f0ef99
This commit is contained in:
Juan RP
parent
6673252679
commit
e3dc3e3066
9 changed files with 293 additions and 34 deletions
|
|
@ -1,30 +1,58 @@
|
|||
include ../vars.mk
|
||||
|
||||
BINS = xbps-src-chroot-helper xbps-src-doinst-helper
|
||||
SH_BINS = xbps-src-chroot-helper xbps-src-doinst-helper
|
||||
MOUNT_BIN = xbps-src-chroot-capmount
|
||||
UMOUNT_BIN = xbps-src-chroot-capumount
|
||||
CHROOT_BIN = xbps-src-capchroot
|
||||
BINS = $(CHROOT_BIN) $(MOUNT_BIN) $(UMOUNT_BIN)
|
||||
WFLAGS = -Wall -Werror
|
||||
LDFLAGS = -lcap
|
||||
|
||||
ifdef IN_CHROOT
|
||||
BINS =
|
||||
endif
|
||||
|
||||
.PHONY: all
|
||||
all:
|
||||
for bin in $(BINS); do \
|
||||
all: $(BINS)
|
||||
for bin in $(SH_BINS); do \
|
||||
sed -e "s|@@XBPS_INSTALL_PREFIX@@|$(PREFIX)|g" \
|
||||
-e "s|@@XBPS_INSTALL_ETCDIR@@|$(ETCDIR)|g" \
|
||||
-e "s|@@XBPS_INSTALL_SHAREDIR@@|$(SHAREDIR)|g" \
|
||||
-e "s|@@XBPS_INSTALL_SBINDIR@@|$(SBINDIR)|g" \
|
||||
-e "s|@@XBPS_INSTALL_LIBEXECDIR@@|$(LIBEXECDIR)|g" \
|
||||
$$bin.sh.in > $$bin; \
|
||||
done
|
||||
|
||||
.PHONY: clean
|
||||
clean:
|
||||
-rm -f $(BINS)
|
||||
-rm -f $(BINS) $(SH_BINS)
|
||||
|
||||
.PHONY: install
|
||||
install: all
|
||||
install -d $(DESTDIR)$(LIBEXECDIR)
|
||||
for bin in $(BINS); do \
|
||||
install -m 755 $$bin $(DESTDIR)$(LIBEXECDIR); \
|
||||
for bin in $(SH_BINS); do \
|
||||
install -m755 $$bin $(DESTDIR)$(LIBEXECDIR); \
|
||||
done
|
||||
ifdef BINS
|
||||
install -m755 $(MOUNT_BIN) $(DESTDIR)$(LIBEXECDIR)
|
||||
setcap cap_sys_admin=ep $(DESTDIR)$(LIBEXECDIR)/$(MOUNT_BIN)
|
||||
install -m755 $(UMOUNT_BIN) $(DESTDIR)$(LIBEXECDIR)
|
||||
setcap cap_sys_admin=ep $(DESTDIR)$(LIBEXECDIR)/$(UMOUNT_BIN)
|
||||
install -m755 $(CHROOT_BIN) $(DESTDIR)$(LIBEXECDIR)
|
||||
setcap cap_sys_chroot=ep $(DESTDIR)$(LIBEXECDIR)/$(CHROOT_BIN)
|
||||
endif
|
||||
|
||||
.PHONY: uninstall
|
||||
uninstall:
|
||||
for bin in $(BINS); do \
|
||||
for bin in $(BINS) $(SH_BINS); do \
|
||||
rm -f $(DESTDIR)$(LIBEXECDIR)/$$bin; \
|
||||
done
|
||||
|
||||
$(MOUNT_BIN):
|
||||
$(CC) $(WFLAGS) $(LDFLAGS) mount.c -o $@
|
||||
|
||||
$(UMOUNT_BIN):
|
||||
$(CC) $(WFLAGS) $(LDFLAGS) umount.c -o $@
|
||||
|
||||
$(CHROOT_BIN):
|
||||
$(CC) $(WFLAGS) $(LDFLAGS) chroot.c -o $@
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue