[gnome-continuous/gnome-3-14: 8/19] builddisks: Move the guestfs mount into a temporary directory

From: Vadim Rutkovsky <vrutkovsky src gnome org>
To: commits-list gnome org
Cc:
Subject: [gnome-continuous/gnome-3-14: 8/19] builddisks: Move the guestfs mount into a temporary directory
Date: Thu, 5 Mar 2015 21:26:44 +0000 (UTC)

commit a9e12cf0bff29fd947c2ca09c9f480c9c22da20f
Author: Colin Walters <walters verbum org>
Date:   Thu Feb 26 18:51:38 2015 -0500

    builddisks: Move the guestfs mount into a temporary directory
    
    Right now build.gnome.org is just exposing everything in the build
    directory via public static HTTP.
    
    Because each task generates temporary files in its working dir, we end
    up exposing the FUSE mount for disk images to the world, which is
    ungood - a web crawler could keep the mount busy.
    
    Also, this may fix SELinux issues with httpd_sys_content_t versus
    libguestfs.
    
    Just make the mount in a tmpdir in /tmp.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=744873

 src/js/tasks/task-builddisks.js |    4 +++-
 1 files changed, 3 insertions(+), 1 deletions(-)
---
diff --git a/src/js/tasks/task-builddisks.js b/src/js/tasks/task-builddisks.js
index 26ca923..9fd4971 100644
--- a/src/js/tasks/task-builddisks.js
+++ b/src/js/tasks/task-builddisks.js
@@ -117,7 +117,8 @@ const TaskBuildDisks = new Lang.Class({
                     params.sizeMB = 4 * 1024;
                 LibQA.createDisk(diskPath, params, cancellable);
             }
-            let mntdir = Gio.File.new_for_path('mnt-' + squashedName);
+            let tmpdir_path = Gio.File.new_for_path(GLib.dir_make_tmp("continuous-XXXXXX"));
+            let mntdir = tmpdir_path.get_child('mnt-' + squashedName);
             GSystem.file_ensure_directory(mntdir, true, cancellable);
             let gfmnt = new GuestFish.GuestMount(diskPath, { partitionOpts: LibQA.DEFAULT_GF_PARTITION_OPTS,
                                                              readWrite: true });
@@ -127,6 +128,7 @@ const TaskBuildDisks = new Lang.Class({
                                  cancellable);
             } finally {
                 gfmnt.umount(cancellable);
+                GSystem.shutil_rm_rf(tmpdir_path, cancellable);
             }
             // Assume previous disks have successfully installed a bootloader
             if (!doCloneDisk) {

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]