[gnome-desktop/wip/iainl/non-usrmerge] thumbnail: Handle non-usrmerged systems and non-existing directories



commit 335e1880db09fece68bfcf11dcc877e87af89fb8
Author: Iain Lane <iainl gnome org>
Date:   Thu Dec 6 13:30:41 2018 +0000

    thumbnail: Handle non-usrmerged systems and non-existing directories
    
    On systems where /usr-merge hasn't been carried out, /bin (etc) won't
    point to /usr/bin. In that case we should --ro-bind the directory
    instead of --symlinking it.
    
    This implements the suggestion from Simon McVittie on
    https://bugzilla.gnome.org/show_bug.cgi?id=787072.
    
    It also handles source directories not existing, which for example
    /lib64 won't on 32-bit systems.
    
    Closes: #4
    Closes: #89

 libgnome-desktop/gnome-desktop-thumbnail-script.c | 53 +++++++++++++++++++++--
 1 file changed, 49 insertions(+), 4 deletions(-)
---
diff --git a/libgnome-desktop/gnome-desktop-thumbnail-script.c 
b/libgnome-desktop/gnome-desktop-thumbnail-script.c
index 14e2fed3..a1f55aa0 100644
--- a/libgnome-desktop/gnome-desktop-thumbnail-script.c
+++ b/libgnome-desktop/gnome-desktop-thumbnail-script.c
@@ -506,22 +506,67 @@ setup_seccomp (GPtrArray  *argv_array,
 #endif
 
 #ifdef HAVE_BWRAP
+static gboolean
+path_is_usrmerged (const char *dir)
+{
+  /* does /dir point to /usr/dir? */
+  g_autofree char *target = NULL;
+  GStatBuf stat_buf_src, stat_buf_target;
+
+  if (g_stat (dir, &stat_buf_src) < 0)
+    return FALSE;
+
+  target = g_strdup_printf ("/usr/%s", dir);
+
+  if (g_stat (target, &stat_buf_target) < 0)
+    return FALSE;
+
+  return (stat_buf_src.st_dev == stat_buf_target.st_dev) &&
+         (stat_buf_src.st_ino == stat_buf_target.st_ino);
+}
+
 static gboolean
 add_bwrap (GPtrArray   *array,
           ScriptExec  *script)
 {
+  const char * const usrmerged_dirs[] = { "bin", "lib64", "lib", "sbin" };
+  int i;
+
   g_return_val_if_fail (script->outdir != NULL, FALSE);
   g_return_val_if_fail (script->s_infile != NULL, FALSE);
 
   add_args (array,
            "bwrap",
            "--ro-bind", "/usr", "/usr",
-           "--ro-bind", "/lib", "/lib",
-           "--ro-bind", "/lib64", "/lib64",
+           NULL);
+
+  /* These directories might be symlinks into /usr/... */
+  for (i = 0; i < G_N_ELEMENTS (usrmerged_dirs); i++)
+    {
+      g_autofree char *absolute_dir = g_strdup_printf ("/%s", usrmerged_dirs[i]);
+
+      if (!g_file_test (absolute_dir, G_FILE_TEST_EXISTS))
+        continue;
+
+      if (path_is_usrmerged (absolute_dir))
+        {
+          g_autofree char *symlink_target = g_strdup_printf ("usr/%s", absolute_dir);
+
+          add_args (array,
+                    "--symlink", symlink_target, absolute_dir,
+                    NULL);
+        }
+      else
+        {
+          add_args (array,
+                    "--ro-bind", absolute_dir, absolute_dir,
+                    NULL);
+        }
+    }
+
+  add_args (array,
            "--proc", "/proc",
            "--dev", "/dev",
-           "--symlink", "usr/bin", "/bin",
-           "--symlink", "usr/sbin", "/sbin",
            "--chdir", "/",
            "--setenv", "GIO_USE_VFS", "local",
            "--unshare-all",


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]