[gnome-continuous] builddisks: Move the guestfs mount into a temporary directory

From: Colin Walters <walters src gnome org>
To: commits-list gnome org
Cc:
Subject: [gnome-continuous] builddisks: Move the guestfs mount into a temporary directory
Date: Thu, 26 Feb 2015 23:54:07 +0000 (UTC)

commit 00c524ada7890bad0b48f7f4b0ca97450458502b
Author: Colin Walters <walters verbum org>
Date:   Thu Feb 26 18:51:38 2015 -0500

    builddisks: Move the guestfs mount into a temporary directory
    
    Right now build.gnome.org is just exposing everything in the build
    directory via public static HTTP.
    
    Because each task generates temporary files in its working dir, we end
    up exposing the FUSE mount for disk images to the world, which is
    ungood - a web crawler could keep the mount busy.
    
    Also, this may fix SELinux issues with httpd_sys_content_t versus
    libguestfs.
    
    Just make the mount in a tmpdir in /tmp.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=744873

 src/js/tasks/task-builddisks.js |    4 +++-
 1 files changed, 3 insertions(+), 1 deletions(-)
---
diff --git a/src/js/tasks/task-builddisks.js b/src/js/tasks/task-builddisks.js
index 26ca923..9fd4971 100644
--- a/src/js/tasks/task-builddisks.js
+++ b/src/js/tasks/task-builddisks.js
@@ -117,7 +117,8 @@ const TaskBuildDisks = new Lang.Class({
                     params.sizeMB = 4 * 1024;
                 LibQA.createDisk(diskPath, params, cancellable);
             }
-            let mntdir = Gio.File.new_for_path('mnt-' + squashedName);
+            let tmpdir_path = Gio.File.new_for_path(GLib.dir_make_tmp("continuous-XXXXXX"));
+            let mntdir = tmpdir_path.get_child('mnt-' + squashedName);
             GSystem.file_ensure_directory(mntdir, true, cancellable);
             let gfmnt = new GuestFish.GuestMount(diskPath, { partitionOpts: LibQA.DEFAULT_GF_PARTITION_OPTS,
                                                              readWrite: true });
@@ -127,6 +128,7 @@ const TaskBuildDisks = new Lang.Class({
                                  cancellable);
             } finally {
                 gfmnt.umount(cancellable);
+                GSystem.shutil_rm_rf(tmpdir_path, cancellable);
             }
             // Assume previous disks have successfully installed a bootloader
             if (!doCloneDisk) {

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]