diff options
| author |   Mike Frysinger <vapier@gentoo.org> | 2018-01-15 20:13:59 -0500 |
|---|---|---|
| committer | Mike Frysinger <vapier@gentoo.org> | 2018-01-15 20:13:59 -0500 |
| commit | 04b56eaab3ad5d9e78ed8e173bbcb680d958041e (patch) | |
| tree | 86f3ee02138254761969dcce23095228fc2859b0 /tools | |
| parent | catalyst-auto: move all code into functions (diff) | |
| download | releng-04b56eaab3ad5d9e78ed8e173bbcb680d958041e.tar.gz releng-04b56eaab3ad5d9e78ed8e173bbcb680d958041e.tar.bz2 releng-04b56eaab3ad5d9e78ed8e173bbcb680d958041e.zip | |
catalyst-auto: move container logic into a func too
This lets us put it after command line parsing.
Diffstat (limited to 'tools')
| -rwxr-xr-x | tools/catalyst-auto | 38 |
1 files changed, 23 insertions, 15 deletions
diff --git a/tools/catalyst-auto b/tools/catalyst-auto index cf5a7c65..c06a42bf 100755 --- a/tools/catalyst-auto +++ b/tools/catalyst-auto @@ -2,21 +2,6 @@ # Copyright 1999-2014 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# First let's get our own namespaces to avoid leaking crap. -if [[ -z ${UNSHARE} ]] ; then - if type -P unshare >&/dev/null ; then - uargs=() - # Probe the namespaces as some can be disabled (or we are not root). - unshare -m -- true >&/dev/null && uargs+=( -m ) - unshare -u -- true >&/dev/null && uargs+=( -u ) - unshare -i -- true >&/dev/null && uargs+=( -i ) - unshare -p -- true >&/dev/null && uargs+=( -p -f --mount-proc ) - # Re-exec ourselves in the new namespace. - UNSHARE=true exec unshare "${uargs[@]}" -- "$0" "$@" - fi -fi -unset UNSHARE - CATALYST_CONFIG=/etc/catalyst/catalyst.conf # Probe the default source dir from this script name. @@ -179,6 +164,26 @@ parse_args() { done } +# Let's get our own namespaces/etc... to avoid leaking crap. +containerize() { + # If we've already relaunched, nothing to do. + if [[ ${UNSHARE} == "true" ]] ; then + return + fi + + # Most systems have unshare available, but just in case. + if type -P unshare >&/dev/null ; then + local uargs=() + # Probe the namespaces as some can be disabled (or we are not root). + unshare -m -- true >&/dev/null && uargs+=( -m ) + unshare -u -- true >&/dev/null && uargs+=( -u ) + unshare -i -- true >&/dev/null && uargs+=( -i ) + unshare -p -- true >&/dev/null && uargs+=( -p -f --mount-proc ) + # Re-exec ourselves in the new namespace. + UNSHARE=true exec unshare "${uargs[@]}" -- "$0" "$@" + fi +} + run_catalyst_commands() { doneconfig=0 for config_file in "${config_files[@]}"; do @@ -388,6 +393,9 @@ main() { # Parse user arguments before we try doing container logic. parse_args "$@" + # Try to isolate ourselves from the rest of the system. + containerize "$@" + ( if [[ -n ${lock_file} ]]; then if ! flock -n 9; then |