From bda2e6396970a91ece13e0223ac06dfc08582388 Mon Sep 17 00:00:00 2001 From: Lucas Caudill Date: Wed, 4 Oct 2023 22:07:44 +0000 Subject: [PATCH 01/13] initial commit --- bin/ch-run.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/bin/ch-run.c b/bin/ch-run.c index c7e3df006..298937e11 100644 --- a/bin/ch-run.c +++ b/bin/ch-run.c @@ -255,8 +255,12 @@ void fix_environment(struct args *args) char *old_value, *new_value; // $HOME: If --home, set to “/home/$USER”. - if (args->c.host_home) + if (args->c.host_home) { Z_ (setenv("HOME", cat("/home/", username), 1)); + } else if (path_exists(cat(args->c.newroot, "/root"), NULL, true)) { + Z_ (setenv("HOME", "/root", 1)); + } else + Z_ (setenv("HOME", "/", 1)); // $PATH: Append /bin if not already present. old_value = getenv("PATH"); From 4743af5a32f5a66f4d14850aa7f59b050f183864 Mon Sep 17 00:00:00 2001 From: Lucas Caudill Date: Wed, 4 Oct 2023 22:36:31 +0000 Subject: [PATCH 02/13] fix test? --- test/run/ch-run_misc.bats | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/run/ch-run_misc.bats b/test/run/ch-run_misc.bats index cd7637adf..94c16348b 100644 --- a/test/run/ch-run_misc.bats +++ b/test/run/ch-run_misc.bats @@ -70,7 +70,7 @@ EOF run ch-run "$ch_timg" -- /bin/sh -c 'echo $HOME' echo "$output" [[ $status -eq 0 ]] - [[ $output = "$HOME" ]] + [[ $output = "/" ]] # set $HOME if --home # shellcheck disable=SC2016 From 3dfb492e501e7be17d2a676ca89196bd0c241278 Mon Sep 17 00:00:00 2001 From: Lucas Caudill Date: Thu, 5 Oct 2023 18:16:57 +0000 Subject: [PATCH 03/13] document it --- doc/ch-run.rst | 2 ++ 1 file changed, 2 insertions(+) diff --git a/doc/ch-run.rst b/doc/ch-run.rst index 2e4b24f2e..4353d72f3 100644 --- a/doc/ch-run.rst +++ b/doc/ch-run.rst @@ -317,6 +317,8 @@ Environment variables :code:`ch-run` leaves environment variables unchanged, i.e. the host environment is passed through unaltered, except: +* by default (:code:`--home` not specified), :code:`HOME` is set to + :code:`/root`, if it exists, and :code:`/` otherwise. * limited tweaks to avoid significant guest breakage; * user-set variables via :code:`--set-env`; * user-unset variables via :code:`--unset-env`; and From 8b0aca2f13a4785430253e9e39225c522ffff3b9 Mon Sep 17 00:00:00 2001 From: Lucas Caudill Date: Mon, 16 Oct 2023 17:39:08 +0000 Subject: [PATCH 04/13] try to set for squashfuse (hangs) --- bin/ch_fuse.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/bin/ch_fuse.c b/bin/ch_fuse.c index 657ee759b..8bea94057 100644 --- a/bin/ch_fuse.c +++ b/bin/ch_fuse.c @@ -133,6 +133,14 @@ void sq_fork(struct container *c) Zf (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0), "can't set no_new_privs"); sq_mount(c->img_ref, c->newroot); + // (try to) Set “HOME” (hangs on “newfstatat” syscall). + if (args->c.host_home) { + Z_ (setenv("HOME", cat("/home/", username), 1)); + } else if (path_exists(cat(c->newroot, "/root"), NULL, true)) { + Z_ (setenv("HOME", "/root", 1)); + } else + Z_ (setenv("HOME", "/", 1)); + // Now that the filesystem is mounted, we can fork without race condition. // The child returns to caller and runs the user command. When that exits, // the parent gets SIGCHLD. From ca17c3dbf7021bc301ed6035b7b2792da1eeefe9 Mon Sep 17 00:00:00 2001 From: Lucas Caudill Date: Mon, 16 Oct 2023 17:40:16 +0000 Subject: [PATCH 05/13] fix reference (still hangs) --- bin/ch_fuse.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/ch_fuse.c b/bin/ch_fuse.c index 8bea94057..0bd840a17 100644 --- a/bin/ch_fuse.c +++ b/bin/ch_fuse.c @@ -134,7 +134,7 @@ void sq_fork(struct container *c) sq_mount(c->img_ref, c->newroot); // (try to) Set “HOME” (hangs on “newfstatat” syscall). - if (args->c.host_home) { + if (c->host_home) { Z_ (setenv("HOME", cat("/home/", username), 1)); } else if (path_exists(cat(c->newroot, "/root"), NULL, true)) { Z_ (setenv("HOME", "/root", 1)); From 05eb0d88b4c9023cd5e9505980a629471f55368c Mon Sep 17 00:00:00 2001 From: Lucas Caudill Date: Mon, 16 Oct 2023 21:08:34 +0000 Subject: [PATCH 06/13] make it work --- bin/ch-run.c | 2 +- bin/ch_fuse.c | 8 -------- test/run/ch-run_misc.bats | 6 +++++- 3 files changed, 6 insertions(+), 10 deletions(-) diff --git a/bin/ch-run.c b/bin/ch-run.c index 298937e11..a81643122 100644 --- a/bin/ch-run.c +++ b/bin/ch-run.c @@ -257,7 +257,7 @@ void fix_environment(struct args *args) // $HOME: If --home, set to “/home/$USER”. if (args->c.host_home) { Z_ (setenv("HOME", cat("/home/", username), 1)); - } else if (path_exists(cat(args->c.newroot, "/root"), NULL, true)) { + } else if (path_exists("/root", NULL, true)) { Z_ (setenv("HOME", "/root", 1)); } else Z_ (setenv("HOME", "/", 1)); diff --git a/bin/ch_fuse.c b/bin/ch_fuse.c index 0bd840a17..657ee759b 100644 --- a/bin/ch_fuse.c +++ b/bin/ch_fuse.c @@ -133,14 +133,6 @@ void sq_fork(struct container *c) Zf (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0), "can't set no_new_privs"); sq_mount(c->img_ref, c->newroot); - // (try to) Set “HOME” (hangs on “newfstatat” syscall). - if (c->host_home) { - Z_ (setenv("HOME", cat("/home/", username), 1)); - } else if (path_exists(cat(c->newroot, "/root"), NULL, true)) { - Z_ (setenv("HOME", "/root", 1)); - } else - Z_ (setenv("HOME", "/", 1)); - // Now that the filesystem is mounted, we can fork without race condition. // The child returns to caller and runs the user command. When that exits, // the parent gets SIGCHLD. diff --git a/test/run/ch-run_misc.bats b/test/run/ch-run_misc.bats index 94c16348b..3e08be0fb 100644 --- a/test/run/ch-run_misc.bats +++ b/test/run/ch-run_misc.bats @@ -70,7 +70,11 @@ EOF run ch-run "$ch_timg" -- /bin/sh -c 'echo $HOME' echo "$output" [[ $status -eq 0 ]] - [[ $output = "/" ]] + [[ $output = "/root" ]] + + run echo "$ch_timg" + echo "$output" + [[ $status -eq 1 ]] # set $HOME if --home # shellcheck disable=SC2016 From 915c53aa4f2e6d097f9b242b35ef8abff76a8868 Mon Sep 17 00:00:00 2001 From: Lucas Caudill Date: Mon, 16 Oct 2023 21:51:41 +0000 Subject: [PATCH 07/13] noroot test --- test/run/ch-run_misc.bats | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/test/run/ch-run_misc.bats b/test/run/ch-run_misc.bats index 3e08be0fb..cbab23857 100644 --- a/test/run/ch-run_misc.bats +++ b/test/run/ch-run_misc.bats @@ -72,9 +72,16 @@ EOF [[ $status -eq 0 ]] [[ $output = "/root" ]] - run echo "$ch_timg" + # default: no “/root” + ch-image build -t noroot -f - . << 'EOF' + FROM alpine:latest + RUN rm -rf /root +EOF + # shellcheck disable=SC2016 + run ch-run noroot -- /bin/sh -c 'echo $HOME' echo "$output" - [[ $status -eq 1 ]] + [[ $status -eq 0 ]] + [[ $output = "/" ]] # set $HOME if --home # shellcheck disable=SC2016 From b9149cefc4d03a44d8193788f8fc22c8ad43e205 Mon Sep 17 00:00:00 2001 From: Lucas Caudill Date: Tue, 17 Oct 2023 16:55:53 +0000 Subject: [PATCH 08/13] make test that works? --- examples/chtest/Build | 2 ++ test/run/ch-run_misc.bats | 10 ++++------ 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/examples/chtest/Build b/examples/chtest/Build index b575c6f27..b55121b82 100755 --- a/examples/chtest/Build +++ b/examples/chtest/Build @@ -125,6 +125,8 @@ chmod 0777 img/maxperms_file mkdir img/maxperms_dir chmod 1777 img/maxperms_dir +# Get rid of “/root” directory, used for “HOME” test in “ch-run_misc.bats”. +rmdir "$img"/root ## Tar it up. diff --git a/test/run/ch-run_misc.bats b/test/run/ch-run_misc.bats index cbab23857..eee8f1cc9 100644 --- a/test/run/ch-run_misc.bats +++ b/test/run/ch-run_misc.bats @@ -60,6 +60,8 @@ EOF } @test "\$HOME" { + LC_ALL=C + scope quick echo "host: $HOME" [[ $HOME ]] @@ -67,18 +69,14 @@ EOF # default: no change # shellcheck disable=SC2016 - run ch-run "$ch_timg" -- /bin/sh -c 'echo $HOME' + run ch-run hello -- /bin/sh -c 'echo $HOME' echo "$output" [[ $status -eq 0 ]] [[ $output = "/root" ]] # default: no “/root” - ch-image build -t noroot -f - . << 'EOF' - FROM alpine:latest - RUN rm -rf /root -EOF # shellcheck disable=SC2016 - run ch-run noroot -- /bin/sh -c 'echo $HOME' + run ch-run "$ch_timg" -- /bin/sh -c 'echo $HOME' echo "$output" [[ $status -eq 0 ]] [[ $output = "/" ]] From 8c7aa7808e87767cffc20352a5cb858561976768 Mon Sep 17 00:00:00 2001 From: Lucas Caudill Date: Tue, 17 Oct 2023 17:42:09 +0000 Subject: [PATCH 09/13] uhh --- test/run/ch-run_misc.bats | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/run/ch-run_misc.bats b/test/run/ch-run_misc.bats index eee8f1cc9..12286dcf3 100644 --- a/test/run/ch-run_misc.bats +++ b/test/run/ch-run_misc.bats @@ -69,7 +69,7 @@ EOF # default: no change # shellcheck disable=SC2016 - run ch-run hello -- /bin/sh -c 'echo $HOME' + run ch-run ${ch_imgdir}/quick -- /bin/sh -c 'echo $HOME' echo "$output" [[ $status -eq 0 ]] [[ $output = "/root" ]] From 3e4e932a94eff5b3abb1d9904c94c312b69d8444 Mon Sep 17 00:00:00 2001 From: Lucas Caudill Date: Tue, 17 Oct 2023 17:59:17 +0000 Subject: [PATCH 10/13] appease shellcheck --- test/run/ch-run_misc.bats | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/run/ch-run_misc.bats b/test/run/ch-run_misc.bats index 12286dcf3..374d07160 100644 --- a/test/run/ch-run_misc.bats +++ b/test/run/ch-run_misc.bats @@ -69,7 +69,7 @@ EOF # default: no change # shellcheck disable=SC2016 - run ch-run ${ch_imgdir}/quick -- /bin/sh -c 'echo $HOME' + run ch-run "${ch_imgdir}"/quick -- /bin/sh -c 'echo $HOME' echo "$output" [[ $status -eq 0 ]] [[ $output = "/root" ]] From 202566e84b4a18d7c8f79f6f6a1c404763a0c771 Mon Sep 17 00:00:00 2001 From: Lucas Caudill Date: Wed, 18 Oct 2023 19:19:20 +0000 Subject: [PATCH 11/13] let's try this --- test/run/ch-run_misc.bats | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/run/ch-run_misc.bats b/test/run/ch-run_misc.bats index 374d07160..6ab6dc672 100644 --- a/test/run/ch-run_misc.bats +++ b/test/run/ch-run_misc.bats @@ -69,7 +69,7 @@ EOF # default: no change # shellcheck disable=SC2016 - run ch-run "${ch_imgdir}"/quick -- /bin/sh -c 'echo $HOME' + run ch-run quick -- /bin/sh -c 'echo $HOME' echo "$output" [[ $status -eq 0 ]] [[ $output = "/root" ]] From fd51900d3a84c1c8e21ecdb7877fa1d5cc774df4 Mon Sep 17 00:00:00 2001 From: Lucas Caudill Date: Wed, 18 Oct 2023 21:39:57 +0000 Subject: [PATCH 12/13] skip if builder is none --- test/run/ch-run_misc.bats | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/test/run/ch-run_misc.bats b/test/run/ch-run_misc.bats index 6ab6dc672..09029a47c 100644 --- a/test/run/ch-run_misc.bats +++ b/test/run/ch-run_misc.bats @@ -60,6 +60,7 @@ EOF } @test "\$HOME" { + [[ $CH_TEST_BUILDER != 'none' ]] || skip 'image builder required' LC_ALL=C scope quick @@ -69,7 +70,7 @@ EOF # default: no change # shellcheck disable=SC2016 - run ch-run quick -- /bin/sh -c 'echo $HOME' + run ch-run ${ch_imgdir}/quick -- /bin/sh -c 'echo $HOME' echo "$output" [[ $status -eq 0 ]] [[ $output = "/root" ]] From e2ce1397005774e9286f33684814a1fd32cedf54 Mon Sep 17 00:00:00 2001 From: Lucas Caudill Date: Wed, 18 Oct 2023 22:07:01 +0000 Subject: [PATCH 13/13] appease shellcheck again --- test/run/ch-run_misc.bats | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/run/ch-run_misc.bats b/test/run/ch-run_misc.bats index 09029a47c..e7aa0d42d 100644 --- a/test/run/ch-run_misc.bats +++ b/test/run/ch-run_misc.bats @@ -70,7 +70,7 @@ EOF # default: no change # shellcheck disable=SC2016 - run ch-run ${ch_imgdir}/quick -- /bin/sh -c 'echo $HOME' + run ch-run "${ch_imgdir}"/quick -- /bin/sh -c 'echo $HOME' echo "$output" [[ $status -eq 0 ]] [[ $output = "/root" ]]