overby.me / darling-nix
this repo has no description
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

vchroot by default

Lubos Dolezel 9277d7cc 01ac8e22

+10 -43
+10 -43
src/startup/darling.c
··· 57 57 char *prefix; 58 58 uid_t g_originalUid, g_originalGid; 59 59 bool g_fixPermissions = false; 60 - bool g_useVchroot = false; 61 60 char **g_argv, **g_envp; 62 61 char g_workingDirectory[4096]; 63 62 ··· 89 88 90 89 if (!isModuleLoaded()) 91 90 loadKernelModule(); 92 - 93 - { 94 - const char* vchroot; 95 - if (vchroot = getenv("VCHROOT")) 96 - g_useVchroot = atoi(vchroot) != 0; 97 - } 98 91 99 92 prefix = getenv("DPREFIX"); 100 93 if (!prefix) ··· 541 534 #if USE_LINUX_4_11_HACK 542 535 addr.sun_path[0] = '\0'; 543 536 544 - if (g_useVchroot) 545 - strcpy(addr.sun_path, prefix); 546 - 537 + strcpy(addr.sun_path, prefix); 547 538 strcat(addr.sun_path, SHELLSPAWN_SOCKPATH); 548 539 #else 549 540 snprintf(addr.sun_path, sizeof(addr.sun_path), "%s" SHELLSPAWN_SOCKPATH, prefix); ··· 758 749 759 750 // This is executed once at prefix creation 760 751 if (g_fixPermissions) 761 - fixDirectoryPermissions(prefix); 762 - 763 - if (!g_useVchroot) 764 - { 765 - snprintf(putOld, sizeof(putOld), "%s" SYSTEM_ROOT, prefix); 752 + fixDirectoryPermissions(prefix); 766 753 767 - if (syscall(SYS_pivot_root, prefix, putOld) != 0) 768 - { 769 - fprintf(stderr, "Cannot pivot_root: %s\n", strerror(errno)); 770 - exit(1); 771 - } 754 + snprintf(putOld, sizeof(putOld), "%s/proc", prefix); 772 755 773 - // mount procfs for our new PID namespace 774 - if (mount("proc", "/proc", "proc", 0, "") != 0) 775 - { 776 - fprintf(stderr, "Cannot mount procfs: %s\n", strerror(errno)); 777 - exit(1); 778 - } 779 - } 780 - else 756 + // mount procfs for our new PID namespace 757 + if (mount("proc", putOld, "proc", 0, "") != 0) 781 758 { 782 - snprintf(putOld, sizeof(putOld), "%s/proc", prefix); 783 - 784 - // mount procfs for our new PID namespace 785 - if (mount("proc", putOld, "proc", 0, "") != 0) 786 - { 787 - fprintf(stderr, "Cannot mount procfs: %s\n", strerror(errno)); 788 - exit(1); 789 - } 759 + fprintf(stderr, "Cannot mount procfs: %s\n", strerror(errno)); 760 + exit(1); 790 761 } 791 762 792 763 // Drop the privileges. It's important to drop GID first, because ··· 894 865 puts("Bootstrapping the container with launchd..."); 895 866 896 867 // putenv("KQUEUE_DEBUG=1"); 897 - if (!g_useVchroot) 898 - execl("/sbin/launchd", "launchd", NULL); 899 - else 900 - { 901 - setenv("DYLD_ROOT_PATH", LIBEXEC_PATH, 1); 902 - execl(LIBEXEC_PATH "/usr/libexec/darling/vchroot", "vchroot", prefix, "/sbin/launchd", NULL); 903 - } 868 + 869 + setenv("DYLD_ROOT_PATH", LIBEXEC_PATH, 1); 870 + execl(LIBEXEC_PATH "/usr/libexec/darling/vchroot", "vchroot", prefix, "/sbin/launchd", NULL); 904 871 905 872 fprintf(stderr, "Failed to exec launchd: %s\n", strerror(errno)); 906 873 abort();