[PATCH] add --unpriv option to drop privileges when running a command with --chroot
Mike Bonnet
mikeb at redhat.com
Thu Jan 24 21:07:51 UTC 2008
On Thu, 2008-01-24 at 16:04 -0500, Mike Bonnet wrote:
> On Thu, 2008-01-24 at 15:42 -0500, Mike Bonnet wrote:
> > This patch adds a --unpriv option that will cause privileges to be
> > dropped before running a command with --chroot. This can be used to
> > more closely simulate the environment used when running rpmbuilds.
>
> Let me try that again...
Ok, the attachments are getting stripped off for some reason, trying
inline...
>From 85e14d38aec32cf20d7f2bbdc77044d41c32a0a2 Mon Sep 17 00:00:00 2001
From: Mike Bonnet <mikeb at redhat.com>
Date: Thu, 24 Jan 2008 15:37:15 -0500
Subject: [PATCH] optionally drop privileges when running a command with --chroot
---
docs/mock.1 | 3 +++
py/mock.py | 8 +++++++-
2 files changed, 10 insertions(+), 1 deletions(-)
diff --git a/docs/mock.1 b/docs/mock.1
index beaf2fb..38c3233 100644
--- a/docs/mock.1
+++ b/docs/mock.1
@@ -137,6 +137,9 @@ Change directory where config files are found
\fB\-\-rpmbuild_timeout=\fR\fISECONDS\fP
Fail build if rpmbuild takes longer than 'timeout' seconds
.TP
+\fB\-\-unpriv\fR
+Drop privileges before running command when using --chroot
+.TP
\fB\-q\fR, \fB\-\-quiet\fR
Be quiet.
.TP
diff --git a/py/mock.py b/py/mock.py
index 4a589bc..f422a33 100755
--- a/py/mock.py
+++ b/py/mock.py
@@ -150,6 +150,8 @@ def command_parse(config_opts):
dest="rpmbuild_timeout", type="int", default=None,
help="Fail build if rpmbuild takes longer than 'timeout'"
" seconds ")
+ parser.add_option("--unpriv", action="store_true", default=False,
+ help="Drop privileges before running command when using --chroot")
# verbosity
parser.add_option("-v", "--verbose", action="store_const", const=2,
@@ -532,7 +534,11 @@ def main(ret):
chroot._resetLogging()
try:
chroot._mountall()
- chroot.doChroot(args, shell=shell)
+ if options.unpriv:
+ chroot.doChroot(args, shell=shell,
+ uid=chroot.chrootuid, gid=chroot.chrootgid)
+ else:
+ chroot.doChroot(args, shell=shell)
finally:
chroot._umountall()
--
1.5.3.3
More information about the Fedora-buildsys-list
mailing list