From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id AA37F138359 for ; Thu, 29 Oct 2020 16:16:56 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 00024E09C0; Thu, 29 Oct 2020 16:16:55 +0000 (UTC) Received: from mail-qk1-f195.google.com (mail-qk1-f195.google.com [209.85.222.195]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id EA21DE09C0 for ; Thu, 29 Oct 2020 16:16:55 +0000 (UTC) Received: by mail-qk1-f195.google.com with SMTP id s14so2374181qkg.11 for ; Thu, 29 Oct 2020 09:16:55 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=mDAyxEDkwJ5/uXN0KUgbjgR1ySyCe1RD5cn2x8NNMH0=; b=lN5R9KqWrlgoqsqWkN5uhkMg2smRzAuW2BDEhJELyNAhvZEMH2VDacAHSUWKShIi3W jwGN+V9PtIfcekJ2SlAixoipBkAtUHK7y8c7EZiz+F1cKYybTjjG4zxYWUOC7m4Hr9yn KoFSdFLX8KalHTI+VOtV3pf7XZDSQSjsGIgmhEMbIPXDWwtqG7LZfVJ9FWCuFCPlvhmA HwDNJgetCpYXdDTbFtAnCu6yNKVbegWzrbyi1eCoYt6AB3TsCgFg0C7MOaR7x2BSytFp k+hs7FivW49ZT+hJTl+tgphkn5F/BlfhZ+6beqJ/5NYVMhHd51AM9nIu1SnzUiwTCqwy qRPQ== X-Gm-Message-State: AOAM531WrULEZ5FPwVkUkK1WkItZJABJ4ElQCvTF2zSTRW81QycObwTM goAAbozX9foIPbYhGk5fo0grOHMgfQQ= X-Google-Smtp-Source: ABdhPJzrZvty12g90h2HkkFy9cjauOOnKuBa6T0IPOMlfIEH7lmKBPQrguyPWzJtBw5bbVGt2R2Plg== X-Received: by 2002:a05:620a:2148:: with SMTP id m8mr4384618qkm.19.1603988214868; Thu, 29 Oct 2020 09:16:54 -0700 (PDT) Received: from localhost (2606-a000-131c-10bb-0000-0000-0000-1fc3.inf6.spectrum.com. [2606:a000:131c:10bb::1fc3]) by smtp.gmail.com with ESMTPSA id q3sm1297886qkf.24.2020.10.29.09.16.53 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 29 Oct 2020 09:16:54 -0700 (PDT) From: Matt Turner To: gentoo-catalyst@lists.gentoo.org Cc: Matt Turner Subject: [gentoo-catalyst] [PATCH 11/12] catalyst: Remove mount_safety_check() Date: Thu, 29 Oct 2020 12:16:31 -0400 Message-Id: <20201029161632.146732-11-mattst88@gentoo.org> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20201029161632.146732-1-mattst88@gentoo.org> References: <20201029161632.146732-1-mattst88@gentoo.org> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-catalyst@lists.gentoo.org Reply-to: gentoo-catalyst@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Archives-Salt: bd0035d6-dffc-4d44-a8c7-f6ad5d945bc5 X-Archives-Hash: 22863476004e3495bac59e403f7e34dc mount_safety_check() exists to prevent bad things from happening if a previous catalyst invocation left bind mounts active in the chroot. E.g., a previous catalyst invocation is interrupted without unmounting the bind mounts. A new catalyst invocation runs and cleans the old chroot, which inadvertently deletes files outside of the chroot via the bind mounts. With all the mounts now inside a namespace, it is no longer possible to have mounts accessible outside the build sequence. In fact, I think this code has been unnecessary since commit e5a53e42 ("catalyst: create namespaces for building"). Signed-off-by: Matt Turner --- catalyst/base/stagebase.py | 37 ------------------------------------- 1 file changed, 37 deletions(-) diff --git a/catalyst/base/stagebase.py b/catalyst/base/stagebase.py index 5fc11eae..d5454b77 100644 --- a/catalyst/base/stagebase.py +++ b/catalyst/base/stagebase.py @@ -638,39 +638,7 @@ class StageBase(TargetBase, ClearBase, GenBase): assert self.settings[verify] == "blake2" self.settings.setdefault("gk_mainargs", []).append("--b2sum") - def mount_safety_check(self): - """ - Check and verify that none of our paths in mypath are mounted. We don't - want to clean up with things still mounted, and this allows us to check. - Returns 1 on ok, 0 on "something is still mounted" case. - """ - - if not os.path.exists(self.settings["chroot_path"]): - return - - log.debug('self.mount = %s', self.mount) - for x in [x for x in self.mount if self.mount[x]['enable']]: - target = normpath(self.settings['chroot_path'] + - self.mount[x]['target']) - log.debug('mount_safety_check() x = %s %s', x, target) - if not os.path.exists(target): - continue - - if ismount(target): - # Something is still mounted - try: - log.warning( - '%s is still mounted; performing auto-bind-umount...', target) - # Try to umount stuff ourselves - self.unbind() - if ismount(target): - raise CatalystError("Auto-unbind failed for " + target) - log.notice('Auto-unbind successful...') - except CatalystError: - raise CatalystError("Unable to auto-unbind " + target) - def unpack(self): - clst_unpack_hash = self.resume.get("unpack") # Set up all unpack info settings @@ -755,8 +723,6 @@ class StageBase(TargetBase, ClearBase, GenBase): % self.settings["source_path"]) if _unpack: - self.mount_safety_check() - if invalid_chroot: if "autoresume" in self.settings["options"]: log.notice( @@ -1363,9 +1329,6 @@ class StageBase(TargetBase, ClearBase, GenBase): def run(self): self.chroot_lock.write_lock() - # Check for mounts right away and abort if we cannot unmount them - self.mount_safety_check() - if "clear-autoresume" in self.settings["options"]: self.clear_autoresume() -- 2.26.2