Nice start. A couple discussion points:
void debug(const char *format, ...)
{
#ifdef DEBUG
instead of #ifdef DEBUG, can we have an env var that controls this
on/off? (No recompile)
#define NSFLAG "NAMESPACE=1"
What is the purpose of this?
// elevate our privileges
if (setreuid (geteuid (), geteuid ()))
error("setreuid failed: %s", strerror(errno));
debug("running with uid: %d, gid: %d\n", getuid(), getgid());
Is this necessary? It seems to me like this is something that can be
done in mock.py for the cases where it is necessary, as mock.py might
need to know the user id of the person running mock, and so it can
switch back to that user for writing output files.
--
Michael
-----Original Message-----
From: fedora-buildsys-list-bounces(a)redhat.com
[mailto:fedora-buildsys-list-bounces@redhat.com] On Behalf Of
Clark Williams
Sent: Wednesday, June 14, 2006 10:46 AM
To: Discussion of Fedora build system
Subject: First cut a new mock launcher
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Attached is the C source that is my first attempt at a mock
launcher program. This program is built as the executable
/usr/bin/mock with setuid:root, setgid:mock and will exec
python with the input file /usr/bin/mock.py. The program
successfully launches python, but I haven't worked through
all the issues to complete a build (yet). I know that mock.py
needs to be modified to remove the dont-run-as-root test and
I've made a first cut at removing mock-helper from .cfg
files, but I'm sure there are other things that need to be
done. I have checked nothing into CVS at this point and even
if/when I do, I suspect I'll be working off a branch for a while.
Note that the program makes use of Linux namespaces. This
*should* make our handling of mount points within the chroot
(/proc, /sys,
etc.) a bit easier to clean up, since when the process dies
the mounts should just go away. I haven't verified this
though, so caveat emptor.
Anyway, it's a starting point. Please look it over and
provide feedback.
Clark
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Fedora -
http://enigmail.mozdev.org
iD8DBQFEkC9DHyuj/+TTEp0RAq+4AKCn4hj3bGInJBMWd1Bj6h1SMeCV+QCgt3NW
hPHE9hW9DXL9ZkPLbaJrL6Y=
=XtsC
-----END PGP SIGNATURE-----