commit: 9a026d957ffc18ab4f4f7d069f4373ddf190eca9 Author: Mike Frysinger <vapier <AT> gentoo <DOT> org> AuthorDate: Fri Oct 29 03:50:00 2021 +0000 Commit: Mike Frysinger <vapier <AT> gentoo <DOT> org> CommitDate: Fri Oct 29 03:50:00 2021 +0000 URL: https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=9a026d95
sandbox: change interface to make it easier to pass thru The sandbox command line is passed to a shell for execution. This can be a bit awkward to quote right if you weren't expecting it, and even if you were. Change the default behavior to be more like `env` where the arguments, as they are, get passed through and run. If people want the old shell behavior, they can use the -c option akin to `bash -c`. Bug: https://bugs.gentoo.org/265907 Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org> src/options.c | 8 +++++++- src/sandbox.c | 46 +++++++++++++++++++++++++++------------------- src/sandbox.h | 1 + tests/git-bisector.sh | 15 +++++++++++++-- tests/local.at | 2 +- 5 files changed, 49 insertions(+), 23 deletions(-) diff --git a/src/options.c b/src/options.c index 03cffda..64cd750 100644 --- a/src/options.c +++ b/src/options.c @@ -20,6 +20,7 @@ int opt_use_ns_sysv = -1; int opt_use_ns_time = -1; int opt_use_ns_user = -1; int opt_use_ns_uts = -1; +bool opt_use_bash = false; static const struct { const char *name; @@ -76,7 +77,7 @@ static void show_version(void) exit(0); } -#define PARSE_FLAGS "+hV" +#define PARSE_FLAGS "+chV" #define a_argument required_argument static struct option const long_opts[] = { {"ns-on", no_argument, &opt_use_namespaces, true}, @@ -99,6 +100,7 @@ static struct option const long_opts[] = { {"ns-user-off", no_argument, &opt_use_ns_user, false}, {"ns-uts-on", no_argument, &opt_use_ns_uts, true}, {"ns-uts-off", no_argument, &opt_use_ns_uts, false}, + {"bash", no_argument, NULL, 'c'}, {"help", no_argument, NULL, 'h'}, {"version", no_argument, NULL, 'V'}, {"run-configure", no_argument, NULL, 0x800}, @@ -125,6 +127,7 @@ static const char * const opts_help[] = { "Disable the use of user namespaces", "Enable the use of UTS (hostname/uname) namespaces", "Disable the use of UTS (hostname/uname) namespaces", + "Run command through bash shell", "Print this help and exit", "Print version and exit", "Run local sandbox configure in same way and exit (developer only)", @@ -201,6 +204,9 @@ void parseargs(int argc, char *argv[]) while ((i = getopt_long(argc, argv, PARSE_FLAGS, long_opts, NULL)) != -1) { switch (i) { + case 'c': + opt_use_bash = true; + break; case 'V': show_version(); case 'h': diff --git a/src/sandbox.c b/src/sandbox.c index 7e8a769..7d6b03f 100644 --- a/src/sandbox.c +++ b/src/sandbox.c @@ -175,7 +175,9 @@ static int spawn_shell(char *argv_bash[], char **env, int debug) /* Child's process */ if (0 == child_pid) { - int ret = execve(argv_bash[0], argv_bash, env); + /* Would be nice if execvpe were in POSIX. */ + environ = env; + int ret = execvp(argv_bash[0], argv_bash); sb_pwarn("failed to exec child"); _exit(ret); } else if (child_pid < 0) { @@ -258,25 +260,31 @@ int main(int argc, char **argv) goto oom_error; /* Setup bash argv */ - str_list_add_item_copy(argv_bash, "/bin/bash", oom_error); - str_list_add_item_copy(argv_bash, "-rcfile", oom_error); - str_list_add_item_copy(argv_bash, sandbox_info.sandbox_rc, oom_error); - if (argc >= 2) { - int i; - size_t cmdlen; - char *cmd = NULL; - - str_list_add_item_copy(argv_bash, run_str, oom_error); - str_list_add_item_copy(argv_bash, argv[1], oom_error); - cmdlen = strlen(argv_bash[4]); - for (i = 2; i < argc; i++) { - size_t arglen = strlen(argv[i]); - argv_bash[4] = xrealloc(argv_bash[4], cmdlen + arglen + 2); - argv_bash[4][cmdlen] = ' '; - memcpy(argv_bash[4] + cmdlen + 1, argv[i], arglen); - cmdlen += arglen + 1; - argv_bash[4][cmdlen] = '\0'; + if (opt_use_bash || argc == 1) { + str_list_add_item_copy(argv_bash, "/bin/bash", oom_error); + str_list_add_item_copy(argv_bash, "-rcfile", oom_error); + str_list_add_item_copy(argv_bash, sandbox_info.sandbox_rc, oom_error); + if (argc >= 2) { + int i; + size_t cmdlen; + char *cmd = NULL; + + str_list_add_item_copy(argv_bash, run_str, oom_error); + str_list_add_item_copy(argv_bash, argv[1], oom_error); + cmdlen = strlen(argv_bash[4]); + for (i = 2; i < argc; i++) { + size_t arglen = strlen(argv[i]); + argv_bash[4] = xrealloc(argv_bash[4], cmdlen + arglen + 2); + argv_bash[4][cmdlen] = ' '; + memcpy(argv_bash[4] + cmdlen + 1, argv[i], arglen); + cmdlen += arglen + 1; + argv_bash[4][cmdlen] = '\0'; + } } + } else { + int i; + for (i = 1; i < argc; ++i) + str_list_add_item_copy(argv_bash, argv[i], oom_error); } #ifdef HAVE_PRCTL diff --git a/src/sandbox.h b/src/sandbox.h index 7e5b575..cdc1b9e 100644 --- a/src/sandbox.h +++ b/src/sandbox.h @@ -52,5 +52,6 @@ extern int opt_use_ns_sysv; extern int opt_use_ns_time; extern int opt_use_ns_user; extern int opt_use_ns_uts; +extern bool opt_use_bash; #endif diff --git a/tests/git-bisector.sh b/tests/git-bisector.sh index c45db6e..b64dff6 100755 --- a/tests/git-bisector.sh +++ b/tests/git-bisector.sh @@ -21,10 +21,21 @@ make="make -s -j" cat << EOF > git-run.sh #!/bin/sh ./autogen.sh -./configure -q -C $(sandbox -V | tail -n1) +# Newer versions of sandbox can run configure for us. +# Should drop old support around Jan 2023. +if sandbox --help | grep -q -e--run-configure ; then + sandbox --run-configure -q -C +else + ./configure -q -C $(sandbox -V | tail -n1) +fi ${make} clean ${make} -./src/sandbox.sh . ./data/sandbox.bashrc \; . ./git-run-sandbox.sh +opt= +# Older versions of sandbox implied -c all the time. +if ./src/sandbox.sh --help | grep -q -e--bash ; then + opt="-c" +fi +./src/sandbox.sh ${opt} . ./data/sandbox.bashrc \; . ./git-run-sandbox.sh EOF chmod a+rx git-run.sh diff --git a/tests/local.at b/tests/local.at index 95db774..028961d 100644 --- a/tests/local.at +++ b/tests/local.at @@ -6,7 +6,7 @@ dnl due to the default PM test env having that predict. m4_defun([SB_RUN],[\ env \ SANDBOX_LOG="$PWD/sandbox.log" \ - sandbox.sh \ + sandbox.sh -c \ addpredict / \; \ addwrite "${PWD%/*}" \; \ set -x \; \
