aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLibravatarUnit 193 <unit193@unit193.net>2020-12-19 20:51:59 -0500
committerLibravatarUnit 193 <unit193@unit193.net>2020-12-19 20:51:59 -0500
commit960367c09cd71097d9b274292438b326f5daf1bd (patch)
treed28e170a59dfb4ea311c6b5f6b19b4f004b76d0f
parent7eafcab6c42f6d557b4e935a3a7610527bb6fa7b (diff)
downloadarch-install-scripts-960367c09cd71097d9b274292438b326f5daf1bd.tar.bz2
arch-install-scripts-960367c09cd71097d9b274292438b326f5daf1bd.tar.xz
arch-install-scripts-960367c09cd71097d9b274292438b326f5daf1bd.tar.zst
d/p/policy.d_no_autostart.patch, d/install, d/policy-rc.d: Re-write how we set up policy-rc.d, using bind mounts.
-rw-r--r--debian/install1
-rw-r--r--debian/patches/policy.d_no_autostart.patch51
-rwxr-xr-xdebian/policy-rc.d3
3 files changed, 17 insertions, 38 deletions
diff --git a/debian/install b/debian/install
new file mode 100644
index 0000000..0e29011
--- /dev/null
+++ b/debian/install
@@ -0,0 +1 @@
+debian/policy-rc.d usr/share/arch-install-scripts/
diff --git a/debian/patches/policy.d_no_autostart.patch b/debian/patches/policy.d_no_autostart.patch
index 3c968ec..e748045 100644
--- a/debian/patches/policy.d_no_autostart.patch
+++ b/debian/patches/policy.d_no_autostart.patch
@@ -1,46 +1,21 @@
-Description: Setup and teardown policy.d, to not autostart applications in the chroot
+Description: Set up policy.d to not autostart services in the chroot
Author: Unit 193 <unit193@debian.org>
-Origin: vendor
Forwarded: not-needed
-Last-Update: 2018-01-28
+Last-Update: 2020-12-19
-Index: arch-install-scripts/common
-===================================================================
---- arch-install-scripts.orig/common
-+++ arch-install-scripts/common
-@@ -77,10 +77,18 @@ chroot_maybe_add_mount() {
- fi
- }
-
-+chroot_policyd() {
-+ cat << EOF > "$1/usr/sbin/policy-rc.d"
-+#!/bin/sh
-+exit 101
-+EOF
-+ chmod +x "$1/usr/sbin/policy-rc.d"
-+}
-+
- chroot_setup() {
- CHROOT_ACTIVE_MOUNTS=()
- [[ $(trap -p EXIT) ]] && die '(BUG): attempting to overwrite existing EXIT trap'
-- trap 'chroot_teardown' EXIT
-+ trap "chroot_teardown $1" EXIT
-
- chroot_add_mount proc "$1/proc" -t proc -o nosuid,noexec,nodev &&
- chroot_add_mount sys "$1/sys" -t sysfs -o nosuid,noexec,nodev,ro &&
-@@ -91,6 +99,7 @@ chroot_setup() {
+---
+ common | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+--- a/common 2020-12-19 20:05:37.304917253 -0500
++++ b/common 2020-12-19 20:05:37.296917325 -0500
+@@ -90,7 +90,8 @@
+ chroot_add_mount devpts "$1/dev/pts" -t devpts -o mode=0620,gid=5,nosuid,noexec &&
chroot_add_mount shm "$1/dev/shm" -t tmpfs -o mode=1777,nosuid,nodev &&
chroot_add_mount /run "$1/run" --bind &&
- chroot_add_mount tmp "$1/tmp" -t tmpfs -o mode=1777,strictatime,nodev,nosuid
-+ chroot_policyd "$1"
+- chroot_add_mount tmp "$1/tmp" -t tmpfs -o mode=1777,strictatime,nodev,nosuid
++ chroot_add_mount tmp "$1/tmp" -t tmpfs -o mode=1777,strictatime,nodev,nosuid &&
++ chroot_add_mount /usr/share/arch-install-scripts/policy-rc.d "$1/usr/sbin/policy-rc.d" --bind
}
chroot_teardown() {
-@@ -98,6 +107,7 @@ chroot_teardown() {
- umount "${CHROOT_ACTIVE_MOUNTS[@]}"
- fi
- unset CHROOT_ACTIVE_MOUNTS
-+ rm -f "$1/usr/sbin/policy-rc.d"
- }
-
- try_cast() (
diff --git a/debian/policy-rc.d b/debian/policy-rc.d
new file mode 100755
index 0000000..105ba3d
--- /dev/null
+++ b/debian/policy-rc.d
@@ -0,0 +1,3 @@
+#!/bin/sh
+# Prevent invoke-rc.d from starting services.
+exit 101