41 lines
1.2 KiB
Text
41 lines
1.2 KiB
Text
|
#!/usr/bin/env bash
|
||
|
|
|
||
|
|
# Run a command chrooted inside $DESTDIR w/o network, with /dev/null, outline:
|
||
|
|
#
|
||
|
|
# [helpers/chroot, outer script]
|
||
|
|
# unshare
|
||
|
|
# -n # without network
|
||
|
|
# -r # with EUID=EGID=0
|
||
|
|
# -m # separate mount namespace
|
||
|
|
# [helpers/chroot-inner, this script]
|
||
|
|
# / mount --bind /dev/null $DESTDIR/dev/null # unprivileged /dev/null!
|
||
|
|
# | &&
|
||
|
|
# | env -i # with env unset
|
||
|
|
# \ chroot $DESTDIR # unprivileged chroot!
|
||
|
|
|
||
|
|
set -uex
|
||
|
|
|
||
|
|
: ${DESTDIR:=stage}
|
||
|
|
: ${NPROC:=1}
|
||
|
|
: ${SOURCE_DATE_EPOCH:=0}
|
||
|
|
|
||
|
|
CHROOT=$(command -v chroot)
|
||
|
|
if [[ ! -x "$CHROOT" ]]; then
|
||
|
|
if [[ -x /sbin/chroot ]]; then
|
||
|
|
CHROOT=/sbin/chroot
|
||
|
|
elif [[ -x /usr/sbin/chroot ]]; then
|
||
|
|
CHROOT=/usr/sbin/chroot
|
||
|
|
fi
|
||
|
|
fi
|
||
|
|
|
||
|
|
if [[ -e /run/wrappers/bin/mount.real ]]; then
|
||
|
|
MOUNT=$(cat /run/wrappers/bin/mount.real)
|
||
|
|
else
|
||
|
|
MOUNT=mount
|
||
|
|
fi
|
||
|
|
mkdir -p "$DESTDIR/dev"; :> "$DESTDIR/dev/null"
|
||
|
|
$MOUNT --bind /dev/null "$DESTDIR/dev/null"
|
||
|
|
|
||
|
|
exec env -i "NPROC=$NPROC" "SOURCE_DATE_EPOCH=$SOURCE_DATE_EPOCH" \
|
||
|
|
$CHROOT "$DESTDIR" "$@"
|