diff options
author | Unit 193 <unit193@unit193.net> | 2020-12-19 20:51:59 -0500 |
---|---|---|
committer | Unit 193 <unit193@unit193.net> | 2020-12-19 20:51:59 -0500 |
commit | 960367c09cd71097d9b274292438b326f5daf1bd (patch) | |
tree | d28e170a59dfb4ea311c6b5f6b19b4f004b76d0f | |
parent | 7eafcab6c42f6d557b4e935a3a7610527bb6fa7b (diff) | |
download | arch-install-scripts-960367c09cd71097d9b274292438b326f5daf1bd.tar.bz2 arch-install-scripts-960367c09cd71097d9b274292438b326f5daf1bd.tar.xz arch-install-scripts-960367c09cd71097d9b274292438b326f5daf1bd.tar.zst |
d/p/policy.d_no_autostart.patch, d/install, d/policy-rc.d: Re-write how we set up policy-rc.d, using bind mounts.
-rw-r--r-- | debian/install | 1 | ||||
-rw-r--r-- | debian/patches/policy.d_no_autostart.patch | 51 | ||||
-rwxr-xr-x | debian/policy-rc.d | 3 |
3 files changed, 17 insertions, 38 deletions
diff --git a/debian/install b/debian/install new file mode 100644 index 0000000..0e29011 --- /dev/null +++ b/debian/install @@ -0,0 +1 @@ +debian/policy-rc.d usr/share/arch-install-scripts/ diff --git a/debian/patches/policy.d_no_autostart.patch b/debian/patches/policy.d_no_autostart.patch index 3c968ec..e748045 100644 --- a/debian/patches/policy.d_no_autostart.patch +++ b/debian/patches/policy.d_no_autostart.patch @@ -1,46 +1,21 @@ -Description: Setup and teardown policy.d, to not autostart applications in the chroot +Description: Set up policy.d to not autostart services in the chroot Author: Unit 193 <unit193@debian.org> -Origin: vendor Forwarded: not-needed -Last-Update: 2018-01-28 +Last-Update: 2020-12-19 -Index: arch-install-scripts/common -=================================================================== ---- arch-install-scripts.orig/common -+++ arch-install-scripts/common -@@ -77,10 +77,18 @@ chroot_maybe_add_mount() { - fi - } - -+chroot_policyd() { -+ cat << EOF > "$1/usr/sbin/policy-rc.d" -+#!/bin/sh -+exit 101 -+EOF -+ chmod +x "$1/usr/sbin/policy-rc.d" -+} -+ - chroot_setup() { - CHROOT_ACTIVE_MOUNTS=() - [[ $(trap -p EXIT) ]] && die '(BUG): attempting to overwrite existing EXIT trap' -- trap 'chroot_teardown' EXIT -+ trap "chroot_teardown $1" EXIT - - chroot_add_mount proc "$1/proc" -t proc -o nosuid,noexec,nodev && - chroot_add_mount sys "$1/sys" -t sysfs -o nosuid,noexec,nodev,ro && -@@ -91,6 +99,7 @@ chroot_setup() { +--- + common | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +--- a/common 2020-12-19 20:05:37.304917253 -0500 ++++ b/common 2020-12-19 20:05:37.296917325 -0500 +@@ -90,7 +90,8 @@ + chroot_add_mount devpts "$1/dev/pts" -t devpts -o mode=0620,gid=5,nosuid,noexec && chroot_add_mount shm "$1/dev/shm" -t tmpfs -o mode=1777,nosuid,nodev && chroot_add_mount /run "$1/run" --bind && - chroot_add_mount tmp "$1/tmp" -t tmpfs -o mode=1777,strictatime,nodev,nosuid -+ chroot_policyd "$1" +- chroot_add_mount tmp "$1/tmp" -t tmpfs -o mode=1777,strictatime,nodev,nosuid ++ chroot_add_mount tmp "$1/tmp" -t tmpfs -o mode=1777,strictatime,nodev,nosuid && ++ chroot_add_mount /usr/share/arch-install-scripts/policy-rc.d "$1/usr/sbin/policy-rc.d" --bind } chroot_teardown() { -@@ -98,6 +107,7 @@ chroot_teardown() { - umount "${CHROOT_ACTIVE_MOUNTS[@]}" - fi - unset CHROOT_ACTIVE_MOUNTS -+ rm -f "$1/usr/sbin/policy-rc.d" - } - - try_cast() ( diff --git a/debian/policy-rc.d b/debian/policy-rc.d new file mode 100755 index 0000000..105ba3d --- /dev/null +++ b/debian/policy-rc.d @@ -0,0 +1,3 @@ +#!/bin/sh +# Prevent invoke-rc.d from starting services. +exit 101 |