diff options
| author | Helmut Grohne <helmut@subdivi.de> | 2024-02-21 15:45:23 +0100 |
|---|---|---|
| committer | Helmut Grohne <helmut@subdivi.de> | 2024-02-21 15:45:23 +0100 |
| commit | 00841e88b74864fd1c287ff27c1dd9387902dcf9 (patch) | |
| tree | df63edc21790f92c16fd9ec0e932f5d4fc557cc0 /examples/chrootfuse2fs.py | |
| parent | 5a99eedd5909fc5afaf27899770a249d82d26489 (diff) | |
| download | python-linuxnamespaces-00841e88b74864fd1c287ff27c1dd9387902dcf9.tar.gz | |
examples/chrootfuse2fs.py: generalize to allow squashfs
Diffstat (limited to 'examples/chrootfuse2fs.py')
| -rwxr-xr-x | examples/chrootfuse2fs.py | 67 |
1 files changed, 0 insertions, 67 deletions
diff --git a/examples/chrootfuse2fs.py b/examples/chrootfuse2fs.py deleted file mode 100755 index eaffe25..0000000 --- a/examples/chrootfuse2fs.py +++ /dev/null @@ -1,67 +0,0 @@ -#!/usr/bin/python3 -# Copyright 2024 Helmut Grohne <helmut@subdivi.de> -# SPDX-License-Identifier: GPL-3 - -"""Mount a given ext4 filesystem image inside a user and mount namespace using -unprivileged fuse2fs and chroot into the mouned filesystem. - -This requires a fuse package with support for /dev/fd/N. Either with fuse2 via -https://bugs.debian.org/1055222 or when e2fsprogs has been ported to fuse3. -""" - -import os -import pathlib -import socket -import sys - -if __file__.split("/")[-2:-1] == ["examples"]: - sys.path.insert(0, "/".join(__file__.split("/")[:-2])) - -import linuxnamespaces - - -def main() -> None: - fsimage = pathlib.Path(sys.argv[1]) - assert fsimage.exists() - uidmap = linuxnamespaces.IDAllocation.loadsubid("uid").allocatemap(65536) - gidmap = linuxnamespaces.IDAllocation.loadsubid("gid").allocatemap(65536) - mainpid = os.getpid() - mainsock, childsock = socket.socketpair() - @linuxnamespaces.run_in_fork - def setup() -> None: - mainsock.close() - linuxnamespaces.newidmaps(mainpid, [uidmap], [gidmap]) - childsock.send(b"\0") - _, fds, _, _ = socket.recv_fds(childsock, 1, 1, 0) - childsock.close() - os.set_inheritable(fds[0], True) - os.execlp("fuse2fs", "fuse2fs", str(fsimage), "/dev/fd/%d" % fds[0]) - linuxnamespaces.unshare( - linuxnamespaces.CloneFlags.NEWUSER | linuxnamespaces.CloneFlags.NEWNS - ) - setup.start() - mainsock.recv(1) - os.setreuid(0, 0) - os.setregid(0, 0) - fusefd = os.open("/dev/fuse", os.O_RDWR) - socket.send_fds(mainsock, [b"\0"], [fusefd]) - mainsock.close() - linuxnamespaces.mount( - str(fsimage), - "/mnt", - "fuse.ext4", - linuxnamespaces.MountFlags.NONE, - "fd=%d,rootmode=040755,user_id=0,group_id=0,allow_other" % fusefd, - ) - os.chdir("/mnt") - linuxnamespaces.bind_mount("/proc", "proc", recursive=True) - linuxnamespaces.bind_mount("/sys", "sys", recursive=True) - linuxnamespaces.populate_dev("/", ".", pidns=False, tun=False) - linuxnamespaces.pivot_root(".", ".") - linuxnamespaces.umount(".", linuxnamespaces.UmountFlags.DETACH) - os.close(fusefd) - os.execlp(os.environ["SHELL"], os.environ["SHELL"]) - - -if __name__ == "__main__": - main() |