diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2013-10-02 07:58:33 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2013-10-02 08:22:49 +0000 |
commit | 754f8509b4e36cf2d08c08473daf979bae5569ba (patch) | |
tree | d2c7cf162a81a1a665d3aaaa8454441fa57d4c57 | |
parent | 40d97175f4cd3ff12b7cc50f6a3acda84b09b964 (diff) | |
download | alpine_aports-754f8509b4e36cf2d08c08473daf979bae5569ba.tar.bz2 alpine_aports-754f8509b4e36cf2d08c08473daf979bae5569ba.tar.xz alpine_aports-754f8509b4e36cf2d08c08473daf979bae5569ba.zip |
main/alpine-conf: fix running syslinux trigger from setup-disk
fixes #2250
(cherry picked from commit 562765e842b43133319b1f084f0479ba4843abbe)
Conflicts:
main/alpine-conf/APKBUILD
-rw-r--r-- | main/alpine-conf/0001-setup-disk-fix-running-update-extlinux-in-chroot.patch | 89 | ||||
-rw-r--r-- | main/alpine-conf/APKBUILD | 12 |
2 files changed, 97 insertions, 4 deletions
diff --git a/main/alpine-conf/0001-setup-disk-fix-running-update-extlinux-in-chroot.patch b/main/alpine-conf/0001-setup-disk-fix-running-update-extlinux-in-chroot.patch new file mode 100644 index 0000000000..d22db9e98d --- /dev/null +++ b/main/alpine-conf/0001-setup-disk-fix-running-update-extlinux-in-chroot.patch | |||
@@ -0,0 +1,89 @@ | |||
1 | From c9533d0ea64f29de872e48be67b6eaa10b7e2ca3 Mon Sep 17 00:00:00 2001 | ||
2 | From: Natanael Copa <ncopa@alpinelinux.org> | ||
3 | Date: Wed, 2 Oct 2013 07:51:33 +0000 | ||
4 | Subject: [PATCH] setup-disk: fix running update-extlinux in chroot | ||
5 | |||
6 | When installling the packages in new root, the update-extlinux trigger | ||
7 | script will be executed. We make sure this does not fail by: | ||
8 | - run extlinux --install before we install packages | ||
9 | - mount /dev and /proc for the chroot | ||
10 | - temprorary disable grsecurity's chroot_caps | ||
11 | --- | ||
12 | setup-disk.in | 39 ++++++++++++++++++++++++++++++++++----- | ||
13 | 1 file changed, 34 insertions(+), 5 deletions(-) | ||
14 | |||
15 | diff --git a/setup-disk.in b/setup-disk.in | ||
16 | index d3a4500..8d3e14d 100644 | ||
17 | --- a/setup-disk.in | ||
18 | +++ b/setup-disk.in | ||
19 | @@ -160,6 +160,31 @@ find_pvs_in_vg() { | ||
20 | pvs --noheadings | awk "\$2 == \"$vg\" {print \$1}" | ||
21 | } | ||
22 | |||
23 | +# echo current grsecurity option and set new | ||
24 | +set_grsec() { | ||
25 | + local key="$1" value="$2" | ||
26 | + if ! [ -e /proc/sys/kernel/grsecurity/$key ]; then | ||
27 | + return 0 | ||
28 | + fi | ||
29 | + cat /proc/sys/kernel/grsecurity/$key | ||
30 | + echo $value > /proc/sys/kernel/grsecurity/$key | ||
31 | +} | ||
32 | + | ||
33 | +init_chroot_mounts() { | ||
34 | + local mnt="$1" i= | ||
35 | + for i in proc dev; do | ||
36 | + mkdir -p "$mnt"/$i | ||
37 | + mount --bind /$i "$mnt"/$i | ||
38 | + done | ||
39 | +} | ||
40 | + | ||
41 | +cleanup_chroot_mounts() { | ||
42 | + local mnt="$1" i= | ||
43 | + for i in proc dev; do | ||
44 | + umount "$mnt"/$i | ||
45 | + done | ||
46 | +} | ||
47 | + | ||
48 | install_mounted_root() { | ||
49 | local mnt="$1" mnt_boot= boot_fs= root_fs= | ||
50 | local initfs_features="ata base ide scsi usb virtio" | ||
51 | @@ -266,15 +291,15 @@ install_mounted_root() { | ||
52 | /dev/fd0 /media/floppy vfat noauto 0 0 | ||
53 | /dev/usbdisk /media/usb vfat noauto 0 0 | ||
54 | EOF | ||
55 | - | ||
56 | # remove the installed db in case its there so we force re-install | ||
57 | rm -f "$mnt"/var/lib/apk/installed "$mnt"/lib/apk/db/installed | ||
58 | echo "Installing system on $rootdev:" | ||
59 | + extlinux $extlinux_raidopt --install "$mnt"/boot | ||
60 | + | ||
61 | # apk reads config from target root so we need to copy the config | ||
62 | mkdir -p "$mnt"/etc/apk/keys/ | ||
63 | cp /etc/apk/keys/* "$mnt"/etc/apk/keys/ | ||
64 | |||
65 | - | ||
66 | local apkflags="--initdb --quiet --progress --update-cache --clean-protected" | ||
67 | local pkgs=$(cat "$mnt"/etc/apk/world "$mnt"/var/lib/apk/world 2>/dev/null) | ||
68 | pkgs="$pkgs acct linux-$KERNEL_FLAVOR alpine-base" | ||
69 | @@ -287,10 +312,14 @@ EOF | ||
70 | repoflags="$repoflags --repository $i" | ||
71 | done | ||
72 | |||
73 | + chroot_caps=$(set_grsec chroot_caps 0) | ||
74 | + init_chroot_mounts "$mnt" | ||
75 | apk add --root "$mnt" $apkflags --overlay-from-stdin \ | ||
76 | - $repoflags $pkgs <$ovlfiles>/dev/null || return 1 | ||
77 | - echo "" | ||
78 | - extlinux $extlinux_raidopt --install "$mnt"/boot | ||
79 | + $repoflags $pkgs <$ovlfiles>/dev/null | ||
80 | + local ret=$? | ||
81 | + cleanup_chroot_mounts "$mnt" | ||
82 | + set_grsec chroot_caps $chroot_caps > /dev/null | ||
83 | + return $ret | ||
84 | } | ||
85 | |||
86 | unmount_partitions() { | ||
87 | -- | ||
88 | 1.8.4 | ||
89 | |||
diff --git a/main/alpine-conf/APKBUILD b/main/alpine-conf/APKBUILD index 5e38644303..a76bbba301 100644 --- a/main/alpine-conf/APKBUILD +++ b/main/alpine-conf/APKBUILD | |||
@@ -5,9 +5,10 @@ pkgrel=2 | |||
5 | pkgdesc="Alpine configuration management scripts" | 5 | pkgdesc="Alpine configuration management scripts" |
6 | url=http://git.alpinelinux.org/cgit/$pkgname | 6 | url=http://git.alpinelinux.org/cgit/$pkgname |
7 | depends="openrc" | 7 | depends="openrc" |
8 | source="http://git.alpinelinux.org/cgit/$pkgname/snapshot/$pkgname-$pkgver.tar.bz2 | 8 | source="http://dev.alpinelinux.org/archive/alpine-conf/alpine-conf-$pkgver.tar.bz2 |
9 | 0001-setup-interfaces-fix-ip-can-t-find-device-eth1.3-mes.patch | 9 | 0001-setup-interfaces-fix-ip-can-t-find-device-eth1.3-mes.patch |
10 | 0001-setup-interfaces-fix-vlan-raw-device.patch | 10 | 0001-setup-interfaces-fix-vlan-raw-device.patch |
11 | 0001-setup-disk-fix-running-update-extlinux-in-chroot.patch | ||
11 | " | 12 | " |
12 | 13 | ||
13 | arch="all" | 14 | arch="all" |
@@ -40,10 +41,13 @@ package() { | |||
40 | } | 41 | } |
41 | md5sums="4038a3be9a785ead649d913e208e2bd8 alpine-conf-2.12.0.tar.bz2 | 42 | md5sums="4038a3be9a785ead649d913e208e2bd8 alpine-conf-2.12.0.tar.bz2 |
42 | 1f2ee5791a9bb40bd5e9862f60299ce2 0001-setup-interfaces-fix-ip-can-t-find-device-eth1.3-mes.patch | 43 | 1f2ee5791a9bb40bd5e9862f60299ce2 0001-setup-interfaces-fix-ip-can-t-find-device-eth1.3-mes.patch |
43 | 8e528859d2ea4d24e2de9436c499a64d 0001-setup-interfaces-fix-vlan-raw-device.patch" | 44 | 8e528859d2ea4d24e2de9436c499a64d 0001-setup-interfaces-fix-vlan-raw-device.patch |
45 | 5f8c8ef78f6ff53e4683a9daacf16355 0001-setup-disk-fix-running-update-extlinux-in-chroot.patch" | ||
44 | sha256sums="d3f2a2e9a14ff2152731ed97aad9435da4be698b192400dc8dc942fc7830f0c4 alpine-conf-2.12.0.tar.bz2 | 46 | sha256sums="d3f2a2e9a14ff2152731ed97aad9435da4be698b192400dc8dc942fc7830f0c4 alpine-conf-2.12.0.tar.bz2 |
45 | 4e24ab7e3c0c851af03ea48016aeaa7e066962ceddc96cdc9cdd5566f25b2bfd 0001-setup-interfaces-fix-ip-can-t-find-device-eth1.3-mes.patch | 47 | 4e24ab7e3c0c851af03ea48016aeaa7e066962ceddc96cdc9cdd5566f25b2bfd 0001-setup-interfaces-fix-ip-can-t-find-device-eth1.3-mes.patch |
46 | 591cb749663bf0c1b0caff12e5e340cb468257409580e56b0dbecf4abba2ed94 0001-setup-interfaces-fix-vlan-raw-device.patch" | 48 | 591cb749663bf0c1b0caff12e5e340cb468257409580e56b0dbecf4abba2ed94 0001-setup-interfaces-fix-vlan-raw-device.patch |
49 | 3320a82abd79daa893a34cb9a235b27f539af12f8d32806b5630a7cef62d7aa6 0001-setup-disk-fix-running-update-extlinux-in-chroot.patch" | ||
47 | sha512sums="93cc71a83d9e773b92a9993003c0b8b5ed98b5ee42db74c69cde635ca9230c59be0ce99588828729ec41c1a4262bbe9fdb60a81adf282c3f063ff916666e1140 alpine-conf-2.12.0.tar.bz2 | 50 | sha512sums="93cc71a83d9e773b92a9993003c0b8b5ed98b5ee42db74c69cde635ca9230c59be0ce99588828729ec41c1a4262bbe9fdb60a81adf282c3f063ff916666e1140 alpine-conf-2.12.0.tar.bz2 |
48 | 400b527ada2dff3662a55f6046a9e2ae762e91456574ee3cb665bc2c469e1c0f29b2d9f9c1ea2e4bdf5d02554f20df0a6ebe78b06e957cce17e21233fd08a097 0001-setup-interfaces-fix-ip-can-t-find-device-eth1.3-mes.patch | 51 | 400b527ada2dff3662a55f6046a9e2ae762e91456574ee3cb665bc2c469e1c0f29b2d9f9c1ea2e4bdf5d02554f20df0a6ebe78b06e957cce17e21233fd08a097 0001-setup-interfaces-fix-ip-can-t-find-device-eth1.3-mes.patch |
49 | 2cb3c59f9edce7d4ebc821571314af41310ec94a543783ed67c738258434133d70be3cacc9d552e75381036ad014c2a38dec611101ce9d3649e326f120378cdf 0001-setup-interfaces-fix-vlan-raw-device.patch" | 52 | 2cb3c59f9edce7d4ebc821571314af41310ec94a543783ed67c738258434133d70be3cacc9d552e75381036ad014c2a38dec611101ce9d3649e326f120378cdf 0001-setup-interfaces-fix-vlan-raw-device.patch |
53 | 1dd5132cd0179083cf06c11e1a8513b6e49d1d75f0d14c0f402997641537c29afe3fb709910eb7b9b6ecb17a89fd77224d16dd1478725296f5bacfdcfff240fd 0001-setup-disk-fix-running-update-extlinux-in-chroot.patch" | ||