Package: schroot Version: 1.4.21-1+b1 Severity: wishlist Linux supports read-only bind-mounts, but they can only be made read-only after bind-mounting, not during. i.e. mount --bind /foo /bar mount -o remount,ro /bar
I hacked support for this into my schroot installation by running the following after schroot-mount in 10mount: sed -nre 's/([^ \t]*).*ro,bind.*/\1/ p' "$FSTAB" \ | while read ro_mountpoint; do info "Remounting $ro_mountpoint read-only" mount -o remount,ro "$CHROOT_MOUNT_LOCATION/$ro_mountpoint" done But it would be really nice if schroot-mount supported it. SR -- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.38-2-amd64 (SMP w/8 CPU cores) Locale: LANG=en_ZA.UTF-8, LC_CTYPE=en_ZA.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages schroot depends on: ii libboost-filesystem1.46.1 1.46.1-3 filesystem operations (portable pa ii libboost-program-options1.46. 1.46.1-3 program options library for C++ ii libboost-regex1.46.1 1.46.1-3 regular expression library for C++ ii libboost-system1.46.1 1.46.1-3 Operating system (e.g. diagnostics ii libc6 2.11.2-11 Embedded GNU C Library: Shared lib ii libgcc1 1:4.6.0-2 GCC support library ii liblockdev1 1.0.3-1.4 Run-time shared library for lockin ii libpam0g 1.1.2-2 Pluggable Authentication Modules l ii libstdc++6 4.6.0-2 The GNU Standard C++ Library v3 ii libuuid1 2.17.2-9.1 Universally Unique ID library ii schroot-common 1.4.21-1 common files for schroot schroot recommends no packages. Versions of packages schroot suggests: pn aufs-modules | unionfs-m <none> (no description available) ii btrfs-tools 0.19+20101101-1 Checksumming Copy on Write Filesys ii debootstrap 1.0.29 Bootstrap a basic Debian system pn lvm2 <none> (no description available) ii unzip 6.0-4 De-archiver for .zip files -- Configuration Files: /etc/schroot/default/fstab changed: /proc /proc none rw,rbind 0 0 /sys /sys none rw,rbind 0 0 /dev /dev none rw,rbind 0 0 /home /home none ro,bind 0 0 /home/stefanor/deb /home/stefanor/deb none rw,bind 0 0 /tmp /tmp none rw,bind 0 0 /etc/schroot/setup.d/10mount changed: set -e . "$SETUP_DATA_DIR/common-data" . "$SETUP_DATA_DIR/common-functions" if [ -f "$CHROOT_SCRIPT_CONFIG" ]; then . "$CHROOT_SCRIPT_CONFIG" elif [ "$STATUS" = "ok" ]; then fatal "script-config file '$CHROOT_SCRIPT_CONFIG' does not exist" fi do_mount() { info "Mounting $2 on $3" if [ ! -d "$3" ]; then mkdir -p "$3" fi if [ ! -d "$3" ]; then fatal "$3 does not exist, and could not be created" fi info "$MOUNT_VERBOSE $1 $2 $3" mount $MOUNT_VERBOSE $1 "$2" "$3" } do_umount_all() { if [ -d "$1" ]; then # Note that flock is used here to prevent races reading # /proc/mounts, which on current (Linux 2.6.32) kernels is # racy. If other processes are mounting or unmounting # filesystems as we read it, we can miss mount entries due to # the file changing as we read it. This needs fixing in the # kernel, but an exclusive lock surrounding the # schroot-listmounts invocation is a partial fix. This # prevents racing when multiple schroot processes are running. # Note that this does not prevent the problem when programs # other than schroot mount and unmount filesystems (since they # don't create the lock). ( flock 9 mounts="$("$LIBEXEC_DIR/schroot-listmounts" -m "$1")" if [ "x$mounts" != 'x' ]; then echo "$mounts" | while read mountloc; do info "Unmounting $mountloc" umount "$mountloc" || exit 1 done || exit 1 fi ) 9>"/var/lock/schroot-umount" else warn "Mount location $1 no longer exists; skipping unmount" fi } do_mount_fs_union() { # Prepare mount options (branch config) for union type if [ -z "$CHROOT_UNION_MOUNT_OPTIONS" ]; then case $CHROOT_UNION_TYPE in unionfs) CHROOT_UNION_MOUNT_OPTIONS="dirs=${CHROOT_UNION_OVERLAY_DIRECTORY}=rw,${CHROOT_UNION_UNDERLAY_DIRECTORY}=ro" ;; aufs) CHROOT_UNION_MOUNT_OPTIONS="br:${CHROOT_UNION_OVERLAY_DIRECTORY}:${CHROOT_UNION_UNDERLAY_DIRECTORY}=ro" ;; esac fi info "Using '$CHROOT_UNION_TYPE' for filesystem union" # Try mounting fs mount -t "$CHROOT_UNION_TYPE" -o "$CHROOT_UNION_MOUNT_OPTIONS" "$CHROOT_NAME" "$1" } if [ "$VERBOSE" = "verbose" ]; then MOUNT_VERBOSE="-v" fi if [ "$CHROOT_TYPE" = "directory" ] \ || [ "$CHROOT_TYPE" = "file" ] \ || [ "$CHROOT_TYPE" = "loopback" ] \ || [ "$CHROOT_TYPE" = "block-device" ] \ || [ "$CHROOT_TYPE" = "lvm-snapshot" ] \ || [ "$CHROOT_TYPE" = "btrfs-snapshot" ]; then if [ "${CHROOT_UNION_TYPE:-none}" != "none" ]; then CREATE_UNION="yes" else CREATE_UNION="no" fi if [ $STAGE = "setup-start" ] || [ $STAGE = "setup-recover" ]; then case "$HOST_OS" in freebsd* | k*bsd*-gnu) : BINDOPT="-t nullfs" ;; *): BINDOPT="--bind" ;; esac if [ "$CHROOT_TYPE" = "directory" ]; then CHROOT_MOUNT_OPTIONS="$BINDOPT $CHROOT_MOUNT_OPTIONS" CHROOT_MOUNT_DEVICE="$CHROOT_DIRECTORY" if [ ! -d "$CHROOT_DIRECTORY" ]; then fatal "Directory '$CHROOT_DIRECTORY' does not exist" fi elif [ "$CHROOT_TYPE" = "file" ]; then CHROOT_MOUNT_OPTIONS="$BINDOPT $CHROOT_MOUNT_OPTIONS" CHROOT_MOUNT_DEVICE="${CHROOT_FILE_UNPACK_DIR}/${SESSION_ID}" elif [ "$CHROOT_TYPE" = "block-device" ]; then if [ ! "$DEVTYPE" "$CHROOT_DEVICE" ]; then fatal "Device '$CHROOT_DEVICE' does not exist" fi elif [ "$CHROOT_TYPE" = "btrfs-snapshot" ]; then CHROOT_MOUNT_OPTIONS="$BINDOPT $CHROOT_MOUNT_OPTIONS" CHROOT_MOUNT_DEVICE="$CHROOT_BTRFS_SNAPSHOT_NAME" elif [ "$CHROOT_TYPE" = "loopback" ]; then if [ ! -f "$CHROOT_FILE" ]; then fatal "File '$CHROOT_FILE' does not exist" fi case "$HOST_OS" in freebsd* | k*bsd*-gnu): LOOP_DEVICE="/dev/$(/sbin/mdconfig -a -t vnode -f "$CHROOT_FILE")" CHROOT_MOUNT_DEVICE="$LOOP_DEVICE" ;; *): LOOP_DEVICE="$(/sbin/losetup -j "$CHROOT_FILE" | sed -e 's/:.*$//')" if [ -z "$LOOP_DEVICE" ]; then CHROOT_MOUNT_DEVICE="$CHROOT_FILE" CHROOT_MOUNT_OPTIONS="-o loop $CHROOT_MOUNT_OPTIONS" else CHROOT_MOUNT_DEVICE="$LOOP_DEVICE" fi ;; esac fi if [ ! -d "$CHROOT_MOUNT_LOCATION" ]; then mkdir -p "$CHROOT_MOUNT_LOCATION" fi if [ ! -d "$CHROOT_MOUNT_LOCATION" ]; then fatal "$CHROOT_MOUNT_LOCATION does not exist, and could not be created" fi # If recovering, we want to remount all filesystems to ensure # a sane state. if [ $STAGE = "setup-recover" ]; then if [ "$CREATE_UNION" = "yes" ]; then do_umount_all "$CHROOT_UNION_UNDERLAY_DIRECTORY" fi do_umount_all "$CHROOT_MOUNT_LOCATION" fi if [ "$CREATE_UNION" = "yes" ]; then do_mount "$CHROOT_MOUNT_OPTIONS" "$CHROOT_MOUNT_DEVICE" "$CHROOT_UNION_UNDERLAY_DIRECTORY" do_mount_fs_union "$CHROOT_MOUNT_LOCATION" else do_mount "$CHROOT_MOUNT_OPTIONS" "$CHROOT_MOUNT_DEVICE" "$CHROOT_MOUNT_LOCATION" fi if [ -n "$FSTAB" ]; then if [ -f "$FSTAB" ]; then "$LIBEXEC_DIR/schroot-mount" $MOUNT_VERBOSE \ -f "$FSTAB" -m "$CHROOT_PATH" sed -nre 's/([^ \t]*).*ro,bind.*/\1/ p' "$FSTAB" \ | while read ro_mountpoint; do info "Remounting $ro_mountpoint read-only" mount -o remount,ro "$CHROOT_MOUNT_LOCATION/$ro_mountpoint" done else fatal "fstab file '$FSTAB' does not exist" fi fi elif [ $STAGE = "setup-stop" ]; then do_umount_all "$CHROOT_MOUNT_LOCATION" if [ "$CREATE_UNION" = "yes" ]; then do_umount_all "$CHROOT_UNION_UNDERLAY_DIRECTORY" fi # Purge mount location. # The contents of file chroots are purged separately, because # we might want to repack the contents. if echo "$CHROOT_MOUNT_LOCATION" | grep -q "^$MOUNT_DIR/"; then if [ -d "$CHROOT_MOUNT_LOCATION" ]; then rmdir "$CHROOT_MOUNT_LOCATION" fi fi fi fi -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org