From aa18cb7c9f5e57b1a37d49bc146a144f653b8c51 Mon Sep 17 00:00:00 2001 From: Luke Shumaker Date: Wed, 29 Aug 2018 12:53:26 -0400 Subject: librechroot make: Try harder to avoid inheriting the host's pacman config - `-A`: Comment out the `Include = /etc/pacman.d/*.conf` line that is present in the /usr/share/pacman/defaults/ files since pacman 5.1.1-1.parabola4 - Pass --hookdir="$copydir/etc/pacman.d/hooks" to mkarchroot's pacman to avoid inheriting the host's hooks. https://bugs.archlinux.org/task/49347 I should maybe add tests for both of those things, but they both rely on the actual contents of /etc/pacman.d/... --- src/chroot-tools/librechroot | 30 +++++++++++++++++++++++------- 1 file changed, 23 insertions(+), 7 deletions(-) (limited to 'src') diff --git a/src/chroot-tools/librechroot b/src/chroot-tools/librechroot index 1896711..b3cf041 100755 --- a/src/chroot-tools/librechroot +++ b/src/chroot-tools/librechroot @@ -122,10 +122,21 @@ mkarchroot() { local arch_nspawn_flags=("${arch_nspawn_flags[@]}") hack_arch_nspawn_flags "$copydir" - unshare -m "$_mkarchroot" \ - "${arch_nspawn_flags[@]}" \ - "$copydir" \ - "${pkgs[@]}" + local cmd=( + unshare -m "$_mkarchroot" + # mkarchroot flags: (flags are very similar to arch-nspawn) + "${arch_nspawn_flags[@]}" + # chroot directory: + -- "$copydir" + # pacman flags: + # * hack around https://bugs.archlinux.org/task/49347 + --hookdir="$copydir/etc/pacman.d/hooks" + # packages: (and maybe more flags... pacstrap injects + # flags at the end, so we can't turn of flag parsing + # with '--') + "${pkgs[@]}" + ) + "${cmd[@]}" } ################################################################################ @@ -244,8 +255,9 @@ usage() { '-C "/usr/share/pacman/defaults/pacman.conf.$CARCH" \' \ '-M "/usr/share/pacman/defaults/makepkg.conf.$CARCH"' prose 'However, before doing that, it actually makes a temporary copy of - `pacman.conf`, and sets the `Architecture` line to match the - `CARCH` line in `makepkg.conf`.' + `pacman.conf`, and modifies it to:' + bullet 'set `Architecture` to match the `CARCH` line in `makepkg.conf`' + bullet 'comment out any `Include = /etc/pacman.d/*.conf` lines' echo prose 'Creating a copy, deleting a copy, or syncing a copy can be fairly slow; but are very fast if $CHROOTDIR is on a btrfs partition.' @@ -312,7 +324,11 @@ main() { fi trap 'rm -f -- "$tmppacmanconf"' EXIT tmppacmanconf="$(mktemp --tmpdir librechroot-pacman.conf.XXXXXXXXXX)" - < "/usr/share/pacman/defaults/pacman.conf.$OPTARG" sed -r "s|^#?\\s*Architecture.+|Architecture = ${OPTARG}|g" > "$tmppacmanconf" + sed -r \ + -e "s|^#?\\s*Architecture.+|Architecture = ${OPTARG}|g" \ + -e "s|^.*Include\s*=\s*/etc/pacman.d/.*\.conf|#&|" \ + < "/usr/share/pacman/defaults/pacman.conf.$OPTARG" \ + > "$tmppacmanconf" arch_nspawn_flags+=( -C "$tmppacmanconf" -M "/usr/share/pacman/defaults/makepkg.conf.$OPTARG" -- cgit v1.2.2