From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: <gentoo-catalyst+bounces-3741-garchives=archives.gentoo.org@lists.gentoo.org> Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 7BA42138359 for <garchives@archives.gentoo.org>; Thu, 29 Oct 2020 16:16:51 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id C9429E09B4; Thu, 29 Oct 2020 16:16:50 +0000 (UTC) Received: from mail-qk1-f179.google.com (mail-qk1-f179.google.com [209.85.222.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id C36F1E09B4 for <gentoo-catalyst@lists.gentoo.org>; Thu, 29 Oct 2020 16:16:50 +0000 (UTC) Received: by mail-qk1-f179.google.com with SMTP id p3so2391902qkk.7 for <gentoo-catalyst@lists.gentoo.org>; Thu, 29 Oct 2020 09:16:50 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=1nqePS5Q+7ov5XO446S7B/kFKuVs0Wsn4HeKHBbiQZw=; b=HQ1di9RN19Qp5sEgpuGqZJB/+BZlt/OGlqlJwh1FWRSgwqXTkHozT1tdQZ3wNe4h5B 8YlJsFF0N6aIeJprhF1q9zUasmilysQaaDI6jjujMzw2IrwlkaoJT2dhPloCttFphZtn m2tFX8jpaMrbau5YC/UQ2G3GINb7yHWxpxiEJEz5yOMafYw89l6sOcgzXQl2MJynQLLh Fsmsatn6SPi5O2+DTy8Mv1z1XgkoN9Sqf3vWy5mlEumrRy3VGr+RnI/MIh4uAWVwAmg5 0Ds81jGeOpo6VR+SoRAp+IIo317XO1oJYY4NwgKd25z/FpEnIkBfVz98nXaDRqSmyu4/ 4dpg== X-Gm-Message-State: AOAM5338pmrWdQLqcf0Rn7e44m3IMYXIHmz9ECRCNBM1aSZa1oNOOME0 jX8SnwgJhX560W8bVkSRBBqeUeIpnQI= X-Google-Smtp-Source: ABdhPJwPqdlixcRSPIwY2CxWOITzqhHANgIexNxplHem0/xxmmn7A17iKXkmZAsEJtS8NQCl0MoUqA== X-Received: by 2002:a05:620a:13ab:: with SMTP id m11mr4268910qki.56.1603988209735; Thu, 29 Oct 2020 09:16:49 -0700 (PDT) Received: from localhost (2606-a000-131c-10bb-0000-0000-0000-1fc3.inf6.spectrum.com. [2606:a000:131c:10bb::1fc3]) by smtp.gmail.com with ESMTPSA id b12sm1281603qtj.12.2020.10.29.09.16.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 29 Oct 2020 09:16:49 -0700 (PDT) From: Matt Turner <mattst88@gentoo.org> To: gentoo-catalyst@lists.gentoo.org Cc: Matt Turner <mattst88@gentoo.org> Subject: [gentoo-catalyst] [PATCH 08/12] catalyst: Add and use namespace context manager Date: Thu, 29 Oct 2020 12:16:28 -0400 Message-Id: <20201029161632.146732-8-mattst88@gentoo.org> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20201029161632.146732-1-mattst88@gentoo.org> References: <20201029161632.146732-1-mattst88@gentoo.org> Precedence: bulk List-Post: <mailto:gentoo-catalyst@lists.gentoo.org> List-Help: <mailto:gentoo-catalyst+help@lists.gentoo.org> List-Unsubscribe: <mailto:gentoo-catalyst+unsubscribe@lists.gentoo.org> List-Subscribe: <mailto:gentoo-catalyst+subscribe@lists.gentoo.org> List-Id: Gentoo Linux mail <gentoo-catalyst.gentoo.org> X-BeenThere: gentoo-catalyst@lists.gentoo.org Reply-to: gentoo-catalyst@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Archives-Salt: 44d929d6-ad18-4679-b9db-307d06b4a1d8 X-Archives-Hash: a3b2893ff9b35ab85e6c4c43f9314547 Wraps snakeoil's simple_unshare; returns to the previous namespaces on context exit. Will be used by the next commit. Signed-off-by: Matt Turner <mattst88@gentoo.org> --- catalyst/context.py | 32 ++++++++++++++++++++++++++++++++ catalyst/main.py | 17 +++++++---------- 2 files changed, 39 insertions(+), 10 deletions(-) create mode 100644 catalyst/context.py diff --git a/catalyst/context.py b/catalyst/context.py new file mode 100644 index 00000000..936b5c6b --- /dev/null +++ b/catalyst/context.py @@ -0,0 +1,32 @@ + +import contextlib +import os + +from snakeoil.process.namespaces import setns, simple_unshare + +@contextlib.contextmanager +def namespace(mount=False, uts=False, ipc=False, net=False, pid=False, + user=False, hostname=None): + namespaces = { + (mount, "mnt"): None, + (uts, "uts"): None, + (ipc, "ipc"): None, + (net, "net"): None, + (pid, "pid"): None, + (user, "user"): None, + } + + # Save fds of current namespaces + for ns in [ns for ns in namespaces if ns[0]]: + fp = open(f"/proc/self/ns/{ns[1]}") + namespaces[ns] = fp + + simple_unshare(mount=mount, uts=uts, ipc=ipc, net=net, pid=pid, user=user, + hostname=hostname) + try: + yield None + finally: + for ns in [ns for ns in namespaces if ns[0]]: + fp = namespaces[ns] + setns(fp.fileno(), 0) + fp.close() diff --git a/catalyst/main.py b/catalyst/main.py index 543895c6..93a4a0d3 100644 --- a/catalyst/main.py +++ b/catalyst/main.py @@ -7,14 +7,13 @@ import textwrap import toml -from snakeoil.process import namespaces - from DeComp.definitions import (COMPRESS_DEFINITIONS, DECOMPRESS_DEFINITIONS, CONTENTS_DEFINITIONS) from DeComp.contents import ContentsMap from catalyst import log import catalyst.config +from catalyst.context import namespace from catalyst.defaults import (confdefaults, option_messages, DEFAULT_CONFIG_FILE, valid_config_file_values) from catalyst.support import CatalystError @@ -356,15 +355,13 @@ def _main(parser, opts): # use pid & user namespaces, but snakeoil's namespace module has signal # transfer issues (CTRL+C doesn't propagate), and user namespaces need # more work due to Gentoo build process (uses sudo/root/portage). - namespaces.simple_unshare( - mount=True, uts=True, ipc=True, pid=False, net=False, user=False, - hostname='catalyst') + with namespace(mount=True, uts=True, ipc=True, hostname='catalyst'): + # everything is setup, so the build is a go + try: + success = build_target(addlargs) + except KeyboardInterrupt: + log.critical('Catalyst build aborted due to user interrupt (Ctrl-C)') - # everything is setup, so the build is a go - try: - success = build_target(addlargs) - except KeyboardInterrupt: - log.critical('Catalyst build aborted due to user interrupt (Ctrl-C)') if not success: sys.exit(2) sys.exit(0) -- 2.26.2