Adding lh_chroot_selinuxfs helper to support building live images on a selinux enabled host (Closes: #501652).

2008-10-12 11:07:42 +02:00 · 2008-10-12 11:07:42 +02:00 · 1476f3a1c3
parent 63dc9da964
commit 1476f3a1c3
3 changed files with 103 additions and 0 deletions
--- a/helpers/lh_binary
+++ b/helpers/lh_binary
@ -36,6 +36,7 @@ then
 	# Configuring chroot
 	lh_chroot_devpts install ${*}
 	lh_chroot_proc install ${*}
+	lh_chroot_selinuxfs install ${*}
 	lh_chroot_sysfs install ${*}
 	lh_chroot_hosts install ${*}
 	lh_chroot_resolv install ${*}
@ -68,6 +69,7 @@ if [ "${LH_CHROOT_BUILD}" != "enabled" ]
 then
 	lh_chroot_devpts install ${*}
 	lh_chroot_proc install ${*}
+	lh_chroot_selinuxfs install ${*}
 	lh_chroot_sysfs install ${*}
 fi

@ -87,5 +89,6 @@ then
 fi

 lh_chroot_sysfs remove ${*}
+lh_chroot_selinuxfs remove ${*}
 lh_chroot_proc remove ${*}
 lh_chroot_devpts remove ${*}
--- a/helpers/lh_chroot
+++ b/helpers/lh_chroot
@ -32,6 +32,7 @@ Set_defaults
 lh_chroot_cache restore ${*}
 lh_chroot_devpts install ${*}
 lh_chroot_proc install ${*}
+lh_chroot_selinuxfs install ${*}
 lh_chroot_sysfs install ${*}
 lh_chroot_debianchroot install ${*}
 lh_chroot_dpkg install ${*}
@ -72,6 +73,7 @@ lh_chroot_sysv-rc remove ${*}
 lh_chroot_dpkg remove ${*}
 lh_chroot_debianchroot remove ${*}
 lh_chroot_sysfs remove ${*}
+lh_chroot_selinuxfs remove ${*}
 lh_chroot_proc remove ${*}
 lh_chroot_devpts remove ${*}
 lh_chroot_cache save ${*}
--- a/helpers/lh_chroot_selinuxfs
+++ b/helpers/lh_chroot_selinuxfs
@ -0,0 +1,98 @@
+#!/bin/sh
+
+# lh_chroot_sysfs(1) - mount /selinux
+# Copyright (C) 2006-2008 Daniel Baumann <daniel@debian.org>
+#
+# live-helper comes with ABSOLUTELY NO WARRANTY; for details see COPYING.
+# This is free software, and you are welcome to redistribute it
+# under certain conditions; see COPYING for details.
+
+set -e
+
+# Including common functions
+LH_BASE="${LH_BASE:-/usr/share/live-helper}"
+
+for FUNCTION in "${LH_BASE}"/functions/*.sh
+do
+	. "${FUNCTION}"
+done
+
+# Setting static variables
+DESCRIPTION="mount /selinux"
+HELP=""
+USAGE="${PROGRAM} {install|remove} [--force]"
+
+Arguments "${@}"
+
+# Ensure that a system is built as root
+lh_testroot
+
+# Reading configuration files
+Read_conffile config/all config/common config/bootstrap config/chroot config/binary config/source
+Set_defaults
+
+# Requiring stage file
+Require_stagefile .stage/bootstrap
+
+case "${1}" in
+	install)
+		if [ -e /selinux/enforce ] && [ "$(cat /selinux/enforce)" = "1" ]
+		then
+			Echo_message "Begin mounting /selinux..."
+
+			# Checking stage file
+			Check_stagefile .stage/chroot_selinuxfs
+
+			# Checking lock file
+			Check_lockfile .lock
+
+			# Creating lock file
+			Create_lockfile .lock
+
+			if [ "${LH_USE_FAKEROOT}" != "enabled" ]
+			then
+				# Create mountpoint
+				mkdir -p chroot/selinux
+
+				# Mounting /selinux
+				${LH_ROOT_COMMAND} mount selinuxfs-live -t selinuxfs chroot/selinux
+			else
+				rm -rf chroot/selinux
+				ln -s /selinux chroot/
+			fi
+
+			# Creating stage file
+			Create_stagefile .stage/chroot_selinuxfs
+		fi
+		;;
+
+	remove)
+		Echo_message "Begin unmounting /selinux..."
+
+		# Checking lock file
+		Check_lockfile .lock
+
+		# Creating lock file
+		Create_lockfile .lock
+
+		if [ "${LH_USE_FAKEROOT}" != "enabled" ]
+		then
+			# Unmounting /selinux
+			#fuser -km chroot/selinux
+			if [ -e chroot/selinux/enforce ]
+			then
+				${LH_ROOT_COMMAND} umount chroot/selinux
+			fi
+		else
+			rm -rf chroot/selinux
+			mkdir -p chroot/selinux
+		fi
+
+		# Removing stage file
+		rm -f .stage/chroot_selinux
+		;;
+
+	*)
+		Usage
+		;;
+esac