From e2bcf01ac131725572091a042eb1ab8ce83b64f0 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Wed, 28 Apr 2021 13:27:36 -0400 Subject: [PATCH] Fix bwrap usage for mutate-os-release Followup to https://pagure.io/fedora-infrastructure/issue/9909 In the refactor we were passing `unified_core: true` unconditionally which was wrong, as that implies using fuse. Anyways what we really want here is an immutable bwrap and not `rofiles-fuse` annyways. So refactor things to use that. From https://kojipkgs.fedoraproject.org//work/tasks/7579/66867579/runroot.log ``` fuse: device not found, try 'modprobe fuse' first fuse: device not found, try 'modprobe fuse' first bwrap: execvp realpath: No such file or directory fusermount: failed to unmount /tmp/rpmostree-rofiles-fuseAAphRY: Invalid argument fusermount: failed to unmount /tmp/rpmostree-rofiles-fuseSCLs24: Invalid argument error: Updating os-release with commit version: Running realpath: bwrap(realpath): Child process killed by signal 1 ``` --- rust/src/bwrap.rs | 5 ++++- rust/src/composepost.rs | 19 +++++++++++++------ rust/src/lib.rs | 2 +- 3 files changed, 18 insertions(+), 8 deletions(-) diff --git a/rust/src/bwrap.rs b/rust/src/bwrap.rs index 282b4f1b..35b54f36 100644 --- a/rust/src/bwrap.rs +++ b/rust/src/bwrap.rs @@ -383,7 +383,10 @@ impl Bubblewrap { } /// Execute the container, capturing stdout. - fn run_captured(&mut self, cancellable: Option<&gio::Cancellable>) -> Result { + pub(crate) fn run_captured( + &mut self, + cancellable: Option<&gio::Cancellable>, + ) -> Result { self.launcher.set_flags(gio::SubprocessFlags::STDOUT_PIPE); let (child, argv0) = self.spawn()?; let (stdout, stderr) = child.communicate(None, cancellable)?; diff --git a/rust/src/composepost.rs b/rust/src/composepost.rs index 437fd4f2..50c7dc08 100644 --- a/rust/src/composepost.rs +++ b/rust/src/composepost.rs @@ -411,11 +411,11 @@ pub fn compose_postprocess( compose_postprocess_default_target(&rootfs_dfd, t)?; } - compose_postprocess_mutate_os_release(rootfs_dfd, treefile, next_version)?; treefile.write_compose_json(rootfs_dfd)?; let etc_guard = crate::core::prepare_tempetc_guard(rootfs_dfd.as_raw_fd())?; // These ones depend on the /etc path + compose_postprocess_mutate_os_release(rootfs_dfd, treefile, next_version)?; compose_postprocess_remove_files(rootfs_dfd, treefile)?; compose_postprocess_add_files(rootfs_dfd, treefile)?; etc_guard.undo()?; @@ -444,11 +444,18 @@ fn compose_postprocess_mutate_os_release( // find the real path to os-release using bwrap; this is an overkill but safer way // of resolving a symlink relative to a rootfs (see discussions in // https://github.com/projectatomic/rpm-ostree/pull/410/) - let argv = &vec!["realpath".to_string(), "/etc/os-release".to_string()]; - let path = crate::bwrap::bubblewrap_run_sync(rootfs_dfd.as_raw_fd(), argv, true, true) - .context("Running realpath")?; - let path = String::from_utf8(path).context("Parsing realpath")?; - let path = path.trim_start_matches("/").trim_end(); + let mut bwrap = crate::bwrap::Bubblewrap::new_with_mutability( + rootfs_dfd, + crate::ffi::BubblewrapMutability::Immutable, + )?; + bwrap.append_child_argv(&["realpath", "/etc/os-release"]); + let cancellable = &gio::Cancellable::new(); + let cancellable = Some(cancellable); + let path = bwrap.run_captured(cancellable)?; + let path = std::str::from_utf8(&path) + .context("Parsing realpath")? + .trim_start_matches("/") + .trim_end(); let path = if path.is_empty() { // fallback on just overwriting etc/os-release "etc/os-release" diff --git a/rust/src/lib.rs b/rust/src/lib.rs index 4c562d06..614bb948 100644 --- a/rust/src/lib.rs +++ b/rust/src/lib.rs @@ -64,7 +64,7 @@ pub mod ffi { } #[derive(Debug)] - enum BubblewrapMutability { + pub(crate) enum BubblewrapMutability { Immutable, RoFiles, MutateFreely, -- 2.30.2