openSUSE Build Service

Overview Repositories Revisions Requests Users Attributes Meta

File private_tmp.patch of Package rpm

Index: rpm-4.18.0/lib/rpminstall.c
===================================================================
--- rpm-4.18.0.orig/lib/rpminstall.c
+++ rpm-4.18.0/lib/rpminstall.c
@@ -8,6 +8,10 @@
 
 #include <errno.h>
 
+#define _GNU_SOURCE
+#include <sched.h>
+#include <sys/mount.h>
+
 #include <rpm/rpmcli.h>
 #include <rpm/rpmtag.h>
 #include <rpm/rpmlib.h>		/* rpmReadPackageFile, vercmp etc */
@@ -29,6 +33,11 @@ static int rpmcliProgressCurrent = 0;
 static int rpmcliProgressTotal = 0;
 static int rpmcliProgressState = 0;
 
+static char tmp_dir_template[] = "/tmp/rpm.XXXXXXXX";
+static char tmp_dir_template_w[] = "/tmp/rpm.XXXXXXXX/work/work";
+static char tmp_dir_template_u[] = "/tmp/rpm.XXXXXXXX/upper";
+static char *tmp_dir_name = 0;
+
 /**
  * Print a CLI progress bar.
  * @todo Unsnarl isatty(STDOUT_FILENO) from the control flow.
@@ -418,6 +427,76 @@ static int rpmNoGlob(const char *fn, int
     return rc;
 }
 
+static int setupPrivateTempDirectory( void )
+{
+  int tmp_dir_fd;
+  char *mount_flags;
+
+  tmp_dir_name = mkdtemp(tmp_dir_template);
+  if(tmp_dir_name == NULL) {
+    perror("mkdtemp failed: ");
+    return -1;
+  }
+
+  if ((tmp_dir_fd=open(tmp_dir_name, O_CLOEXEC | O_DIRECTORY | O_NOFOLLOW | O_EXCL))==-1) {
+    rpmlog(RPMLOG_ERR, _("can't open tmpdir for overlayfs: %s\n"), strerror(errno));
+    return -1;
+  }
+  if ( mkdirat(tmp_dir_fd, "upper", 0777) == -1 ) {
+    rpmlog(RPMLOG_ERR, _("can't create upper dir overlayfs: %s\n"), strerror(errno));
+    return -1;
+  }
+  if ( mkdirat(tmp_dir_fd, "work", 0777) == -1 ) {
+    rpmlog(RPMLOG_ERR, _("can't create work dir overlayfs: %s\n"), strerror(errno));
+    return -1;
+  }
+
+  if (unshare(CLONE_NEWNS) < 0) {
+    rpmlog(RPMLOG_ERR, _("can't unshare mount namespace: %s\n"), strerror(errno));
+    return -1;
+  }
+  if (mount("/", "/", NULL, MS_REC | MS_PRIVATE, NULL) == -1) {
+    rpmlog(RPMLOG_ERR, _("can't change mount flags for /: %s\n"), strerror(errno));
+    return -1;
+  }
+  if (asprintf(&mount_flags, "lowerdir=/tmp,upperdir=%s/upper,workdir=%s/work", tmp_dir_name, tmp_dir_name ) == -1) {
+    rpmlog(RPMLOG_ERR, _("can't allocate memory for overlayfs flags: %s\n"), strerror(errno));
+    return -1;
+  }
+  if (mount("overlay", "/tmp", "overlay", 0, mount_flags) == -1) {
+    rpmlog(RPMLOG_ERR, _("can't mount overlayfs: %s\n"), strerror(errno));
+    free(mount_flags);
+    return -1;
+  }
+  free(mount_flags);
+
+  return 0;
+}
+
+static int teardownPrivateTempDirectory( void )
+{
+  if (umount("/tmp") == -1) {
+    rpmlog(RPMLOG_ERR, _("can't umount overlayfs on /tmp: %s\n"), strerror(errno));
+    return -1;
+  }
+
+  snprintf(tmp_dir_template_w, sizeof(tmp_dir_template_w), "%s/work/work", tmp_dir_name);
+  if (rmdir(tmp_dir_template_w) == -1) {
+    rpmlog(RPMLOG_ERR, _("rmdir tmp_dir_template_w failed: %s\n"), strerror(errno));
+  }
+  snprintf(tmp_dir_template_w, sizeof(tmp_dir_template_w), "%s/work", tmp_dir_name);
+  if (rmdir(tmp_dir_template_w) == -1) {
+    rpmlog(RPMLOG_ERR, _("rmdir tmp_dir_template_w failed: %s\n"), strerror(errno));
+  }
+  /* try to delete directories. Intentially don't delete them if there are files */
+  /* in there to allow the user to inspect them, so don't handle errors here */
+  snprintf(tmp_dir_template_u, sizeof(tmp_dir_template_u), "%s/upper", tmp_dir_name);
+  rmdir(tmp_dir_template_u);
+  rmdir(tmp_dir_name);
+
+  return 0;
+}
+
 /** @todo Generalize --freshen policies. */
 int rpmInstall(rpmts ts, struct rpmInstallArguments_s * ia, ARGV_t fileArgv)
 {
@@ -429,6 +508,8 @@ int rpmInstall(rpmts ts, struct rpmInsta
     int rc;
     int i;
 
+    /* currently we don't check the return value. If the overlayfs directory can't be created we're not worse of then before */
+    setupPrivateTempDirectory();
     vsflags = setvsFlags(ia);
     ovsflags = rpmtsSetVSFlags(ts, (vsflags | RPMVSF_NEEDPAYLOAD));
     /* for rpm cli, --nosignature/--nodigest applies to both vs and vfyflags */
@@ -684,6 +765,8 @@ exit:
     rpmtsSetVSFlags(ts, ovsflags);
     rpmtsSetVfyFlags(ts, ovfyflags);
 
+    teardownPrivateTempDirectory();
+
     return rc;
 }

Places

File private_tmp.patch of Package rpm

Places