1 |
commit: 54506fd5b861971098915a66827d0614aa8fd411 |
2 |
Author: Douglas Freed <dwfreed <AT> mtu <DOT> edu> |
3 |
AuthorDate: Wed Jan 1 21:18:22 2014 +0000 |
4 |
Commit: Brian Dolbec <brian.dolbec <AT> gmail <DOT> com> |
5 |
CommitDate: Fri Jan 3 05:00:45 2014 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/catalyst.git;a=commit;h=54506fd5 |
7 |
|
8 |
Mount /dev/shm in the chroot with the right options |
9 |
|
10 |
Bind mounting /dev/shm into the chroot isn't a good idea, as there may |
11 |
be collisions and result in weird side effects. Instead, we can just |
12 |
mount a new tmpfs there, with the right options to ensure security. |
13 |
|
14 |
(Forward ported to pending branch from 2.X Brian Dolbec) |
15 |
Conflicts: |
16 |
catalyst/targets/generic_stage_target.py |
17 |
|
18 |
--- |
19 |
catalyst/targets/generic_stage_target.py | 7 +++++-- |
20 |
1 file changed, 5 insertions(+), 2 deletions(-) |
21 |
|
22 |
diff --git a/catalyst/targets/generic_stage_target.py b/catalyst/targets/generic_stage_target.py |
23 |
index 2ca3913..3d93405 100644 |
24 |
--- a/catalyst/targets/generic_stage_target.py |
25 |
+++ b/catalyst/targets/generic_stage_target.py |
26 |
@@ -30,7 +30,7 @@ SOURCE_MOUNTS_DEFAULTS = { |
27 |
"portdir": "/usr/portage", |
28 |
"port_tmpdir": "tmpfs", |
29 |
"proc": "/proc", |
30 |
- "shm": "/dev/shm", |
31 |
+ "shm": "shmfs", |
32 |
} |
33 |
|
34 |
# for convienience |
35 |
@@ -949,7 +949,7 @@ class generic_stage_target(generic_target): |
36 |
os.makedirs(target, 0755) |
37 |
|
38 |
if not os.path.exists(self.mountmap[x]): |
39 |
- if not self.mountmap[x] == "tmpfs": |
40 |
+ if self.mountmap[x] not in ["tmpfs", "shmfs"]: |
41 |
os.makedirs(self.mountmap[x], 0755) |
42 |
|
43 |
src=self.mountmap[x] |
44 |
@@ -970,6 +970,9 @@ class generic_stage_target(generic_target): |
45 |
self.settings["var_tmpfs_portage"] + "G " + \ |
46 |
src + " " + target |
47 |
retval=os.system(cmd) |
48 |
+ elif src == "shmfs": |
49 |
+ cmd = "mount -t tmpfs -o noexec,nosuid,nodev shm " + target |
50 |
+ retval=os.system(cmd) |
51 |
else: |
52 |
cmd = "mount --bind " + src + " " + target |
53 |
#print "bind(); cmd =", cmd |