summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
3 daysadd chhostname.py exampleHEADmainHelmut Grohne
2024-10-26add a method IDMapping.identity for convenienceHelmut Grohne
2024-10-26fix license in pyproject classifiersHelmut Grohne
Confirm that the SPDX annotation in several files is correct rather than the pyproject classification. The SPDX headers were there right from the start. Fixes: 9f7a434600f4 ("add some metadata to a first pyproject.toml")
2024-06-22unschroot: allow device accessHelmut Grohne
2024-06-22populate_sys: allow device accessHelmut Grohne
The systemd test suite does not like having no access to /sys/dev and other trees related to devices. Optionally provide them. Properly virtualizing them likely requires lxcfs or similar.
2024-06-22populate_sys: refactorHelmut Grohne
We now compute the actual bind mounts first and deduce the directories in need of creation from that. This makes populate_sys easier to extend.
2024-06-22unschroot: only provide /dev/net/tun when the network namespace is unsharedHelmut Grohne
2024-06-22populate_dev: fix /dev/net/tunHelmut Grohne
Fixes: 8b98dc846e7b ("populate_dev: remove assumption that newdev does not shadow origdev")
2024-06-22unschroot: create an /etc/hosts unless it existsHelmut Grohne
Software has a reasonable assumption that localhost as well as the current hostname resolves to an IP address. Without an /etc/hosts file, this is not the case and makes some builds such as src:ovn fail.
2024-06-22unschroot: add argument --isolate-networkHelmut Grohne
This is where unschroot becomes incompatible with schroot as schroot does not have this option. The idea is that unschroot becomes feature-compatible with sbuild --chroot-mode=unshare and that requires supporting network isolation. To make use of this, sbuild needs to be extended to pass this flag when it sees a "Type unshare" chroot that is not normally exposed from regular schroot.
2024-06-22add function enable_loopback_ifHelmut Grohne
It can be used in a new network namespace to enable the loopback network interface and thus provide easy network isolation.
2024-06-21unschroot: enable opening /dev/stdoutHelmut Grohne
When stdout is an (unnamed) pipe, it usually has permission 0o644. Since we change uids, /dev/stdout cannot be opened unless we chmod it first. This causes some packages such as supervisor to fail to build.
2024-06-16populate_dev: also provide /dev/shmHelmut Grohne
This is needed e.g. for Python's multiprocessing.SemLock.
2024-06-16examples/userchroot.py: correctly bind mount proc and sysHelmut Grohne
Fixes: be42cb03f861 ("add userchroot.py example")
2024-06-16populate_dev: install /dev/fdHelmut Grohne
This symlink turns out to be important for execveat. Its NOTES section details that /dev/fd needs to work in order for execveat to work. We better provide this symlink.
2024-06-11fix formatting and spelling errorsHelmut Grohne
No functional changes.
2024-06-11improve typingHelmut Grohne
linuxnamespaces/__init__.py: * linuxnamespaces.filedescriptor only exports FileDescriptor. By importing *, we re-export it implicitly. linuxnamespaces/atlocation.py: * PathLike should be parameterized and we no longer allow bytes there. linuxnamespaces/tarutils.py: * Resolve dict vs Mapping. tests/test_simple.py: * Establish expected type to mypy. examples/unschroot.py: * pidfd is first an int and later a FileDescriptor, but we always use it as int. * Also tell mypy that we cannot get NULL from waitid.
2024-06-11unschroot: add a pid 1 that reaps zombiesHelmut Grohne
While sbuild --chroot-mode=unshare opted for installing dumb-init, we'll keep the environment minimal and have a dumb-init written in perl-base, which happens to be essential still. Unfortunately, we cannot wait for our target process from our main process as the target process is a child of our perl init. Therefore our perl init must forward the exit code.
2024-06-11unschroot: synchronize reparentingHelmut Grohne
Before this change, it could happen that we'd call prctl_set_child_subreaper before our parent actually died. Thus we'd quickly get the death signal. The additional synchronization point ensures that our previous parent process has been waited for (and thus we are reparented) before installing the death signal.
2024-06-11unschroot: report "Type unshare" for our sessionsHelmut Grohne
Any existing type would be an invalid promise. While sbuild parses the type, it also currently throws its value away and does not base any decisions on it. With the new value, it could recognize unschroot and opt into new features.
2024-06-11unschroot: tweak --info outputHelmut Grohne
* Tag sessions as "Session Purged". This causes sbuild to skip uninstalling build-depends and other cleanup. * Always emit "Aliases" even when empty as we get a warning from sbuild otherwise.
2024-06-11unschroot: fix internal option conflictHelmut Grohne
Fixes: a1cc59818088 ("add example "unschroot.py"")
2024-06-08add example "unschroot.py"Helmut Grohne
While this mostly provides the schroot API and adds its own semantics around ~/.cache/unschroot, please do not consider examples a stable interface but a room for experimentation and incompatible changes.
2024-05-28tests/test_simple.py: support coverage generationHelmut Grohne
Two tests were failing pytest --cov, because they would sandbox themselves in a way that writing the coverage db would be impossible. Change them such that they retain access to the coverage database.
2024-05-28support sendfile in async_copyfdHelmut Grohne
2024-05-27add IDAllocation.reserve methodHelmut Grohne
Allow reserving a particular range instead of allocating a suitable large range of an IDAllocation. This is useful when a directory hierarchy defines the allocation and we merely want to verify it to be assigned.
2024-05-25examples/chrootfuse.py: fix file descriptor leakHelmut Grohne
Fixes: f01c7690de8e ("add example chrootfuse2fs.py")
2024-05-25add a FileDescriptor typeHelmut Grohne
It serves two main purposes. For one thing, it allows telling bare integers and file descriptors apart on a typing level similar to a NewType. For another it adds common methods to a file descriptor and enables closing it via a context manager.
2024-05-20add an asyncio waitid(P_PIDFD, ...) helperHelmut Grohne
2024-05-20test splice path of async_copyfdHelmut Grohne
2024-05-20add function async_copyfdHelmut Grohne
It is a bit like an async version of shutil.copyfileobj but for bare file descriptors and has an optimized version for pipes.
2024-05-20Revert "add a splice syscall wrapper"Helmut Grohne
os.splice from Python >= 3.10 is good enough. This reverts commit 056c1f964f55adedc17f8d7bddef1f48c73852c7.
2024-05-20syscalls: use >= 3.10 support for eventfds in os moduleHelmut Grohne
2024-05-18examples/netnsslirp.py: simplify termination of slirp4netnsHelmut Grohne
2024-05-17add a splice syscall wrapperHelmut Grohne
2024-05-17add prctl_set_child_subreaperHelmut Grohne
2024-05-17populate_dev: also create std{in,out,err} symlinksHelmut Grohne
When booting systemd, it'll create these symlinks, but when doing an application container, nothing does this and we risk creating regular files there.
2024-05-10Revert "examples/chroottar.py: harden against tars with high uids"Helmut Grohne
This reverts commit a169f51420795a212c3226f455e783ab8ac5cf47. We really deal with two user namespaces. The initial/parent process maps the target id range plus the current user id. The child process that executes the workload only maps the target id range without the current user id. The child opens the tar file while it still is in the initial namespace, then unshares and once it only has the subid range mapped, it performs the extraction. No clamping is necessary at this point. The parent process maps additionally maps the current id in order to write the tar file.
2024-05-09add linuxnamespaces.tarinfo.XAttrTarFileHelmut Grohne
This is a mixin subclass for TarFile that enables it to restore and apply linux extended attributes as PAX headers in the SCHILY.xattr.* format. As a consequence, this enables us to process tar archives containing file system capabilities.
2024-05-09add linuxnamespaces.tarutilsHelmut Grohne
Move the generic tar utilities from the chroottar.py example into a linuxnamespaces module as dealing with tar archives is a fairly common thing when dealing with namespaces.
2024-05-07mount: allow data argument to be a listHelmut Grohne
2024-05-06chroottar.py: don't raise NotImplementedError for misuseHelmut Grohne
The mode actually can only have these three distinct literals. While more complex modes can get passed to TarFile.open, they're decomposed there and only of these three is passed to the compressor openers.
2024-05-06syscalls: allow logging of syscallsHelmut Grohne
2024-05-06chroottar.py: implement Tarfile.zstopen for fileobjHelmut Grohne
zstandard.open actually consumes file objects. Hence there is little benefit in not implementing the passing of a fileobj even though we don't use it here.
2024-05-06examples/cgroup.py: use the assigned cgroupHelmut Grohne
Fixes: b0874c6086f1 ("lift the dbus functionality from the cgroup example")
2024-04-23lift the dbus functionality from the cgroup exampleHelmut Grohne
2024-04-19examples/cgroup.py: support jeepney as an alternative to ravelHelmut Grohne
2024-04-19examples/cgroup.py: use asyncio.runHelmut Grohne
2024-04-19examples/cgroup.py: do not fail when ravel is unavailableHelmut Grohne
2024-04-18examples/cgroup.py: we should pass Delegate=trueHelmut Grohne