| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Signed-off-by: Lauri Aarnio <Lauri.Aarnio@iki.fi>
|
|
|
|
- Enivironment variables __SB2_ORIG_BINARYNAME and __SB2_REAL_BINARYNAME
were not updated to point to the script interpreter, fixed that.
|
|
- removed one line which "escaped" to a previous commit
- (fortunately, it was completely harmless)
|
|
- AT_SYMLINK_NOFOLLOW is defined only in newer systems, for example
debian etch does not have it.
- As a side effect, this removes c.a 8 wrappers from the preload library
on systems where AT_SYMLINK_NOFOLLOW is not defined, but that should be
harmless: If that symbol isn't defined, then the wrapped functions should
not exist either.
|
|
|
|
|
|
- fcntl() and fcntl64() need to be wrapped so that we can update fdpathdb
when the application uses F_DUPFD or F_DUPFD_CLOEXEC.
- Newer versions of "chmod -R" use these (that version of chmod which ships
with Debiann "lenny")
|
|
- Exec policy for scripts is now correctly selected when the script
interpreter is selected (things were messed up when the exec policy
had requirements for the interpreters..)
|
|
- This one does not create "symlink clutter", but the created links are
fully reusable
|
|
Signed-off-by: Lauri Aarnio <Lauri.Aarnio@iki.fi>
|
|
|
|
- set name of the selected exec policy to an environment
variable before every exec, and also added a lua function
which locates the currently active policy (soon to be used
by the "devel"mode..)
|
|
- this commit adds support for exec policy based mapping of script interpreter:
A script interpreter can be selected based on location of the script.
For example, perl scripts from tools_root may map /usr/bin/perl to
tools_root, while perl scripts from the target_root can map /usr/bin/perl
to target_root.
- This commit does not contain changes to the mapping rules => everything
still works just as before (related changes to the "devel" mode will be
added by another commit)
|
|
- prepare_hashbang(), which is called by prepare_exec(), makes a recursive call
to prepare_exec(). Moved the call to prepare_envp_for_do_exec() from
prepare_exec() to do_exec(); the result is that prepare_envp_for_do_exec()
is called only once for scripts, as it should be.
|
|
|
|
- when "sb2" is initializing a new session, it tries to locate a compatibe
libsb2.so from tools and/or native rootstraps. Previously the global
version id (version of SB2 itself) was used as a component in the path
candidates; this change replaces that version ID with the Lua <-> C
interface version string. This is much more correct solution.
|
|
Signed-off-by: Lauri Aarnio <Lauri.Aarnio@iki.fi>
|
|
- used to update fdpathdb
|
|
- Fixes mapping problems with "*at()" functions
- This is a partial fix: Disables temporarily relative mapping results
(see comment in luaif/paths.c)
|
|
The Mac OS X support added a copy of "glob.h" to SB2. That causes
problems on Linux; So, the fix is that for Linux systems we'll continue
to use the system's glob.h with our private copies of glob.c and glob64.c.
I renamed "glob.h" (the copy which was intended for the Mac OS X's)
to "sb2_mac_glob.h. However, while doing so, I might have broken
things on Mac OS X... see glob.c for details.
|
|
The function which returns first part of the full version string
(before first '-'). Also corrected compilation warnings from
files glob64.c.
Signed-off-by: Lauri Aarnio <Lauri.Aarnio@iki.fi>
|
|
- newline was missing from end of preload/glob.h => compilation failed on
Ubuntu hardy
|
|
A bit more ifdef __APPLE__ testing was needed.
Signed-off-by: Lauri Leukkunen <lle@rahina.org>
|
|
|
|
for it) - tweaks and changes to glob.c and glob64.c - added glob.h, since OS X's glob.h doesn't include a lot of the flags glob.c was depending on.
|
|
__APPLE__ defined
A \ was missing in interface.master causing export.h to be generated incorrectly on the Mac.
|
|
|
|
- Implemented a special mapping function for /proc, to be
able to map the symlink at /proc/self/exe.
- This can be described as a countermeasure to side-effects of
mapping exec parameters: /proc/self/exe (as well as
/proc/<MY_PID>/exe, which is the same thing) need special care
if the binary was started by anything else than direct exec.
Examples:
a) if CPU transparency is used, the real /proc/self/exe points
to e.g. Qemu. Now SB2 can make it look like the link points
to the binary which is running under qemu.
b) if "ld.so-start" was used, the real /proc/self/exe points to
ld.so and not to the binary itself. Again, SB2 maps that
to a symlink which points to the correct binary.
Other related things:
- all mapping modes use this feature now
- Lua <=> C interface version had to be incremented
- Lua mapping code <=> mapping rules version had to be incremented
|
|
- The new "ldd" wrapper uses sb2-show to detect type of the binary, and then
executes either ldd from target_root or simulates the host version
- a new command "binarytype" was added to sb2-show
|
|
- glob() was fixed by changing the order in which system's include files
are used. For a full explanation, see the comment above #include <dirent.h>
in glob.c
|
|
- mapping mode may be changed by setting SBOX_SESSION_MODE to
a value which is a valid mode for the current session
(i.e. mode can be changed only to one of the values that
were listed when the session was created)
|
|
- wrappers log errors and abort() if the real function does not exist,
gates log warnings and continue to the gate function.
|
|
- A stricter policy protects agains accidental writing to target_root
(rootstrap):
- When the "emulate" mode is entered with option "-R" (e.g. "sb2 -eR" or
"sb2 -m emulate -R") target_root will be "mounted" for read/write access.
The "-R" option also activates "fakeroot", so the user experience should be
as close to a "normal" system as possible.
|
|
Multiple -m, -e and/or -M options can now be specified to "sb2" command when
a persistent session is created (opt. -S). One of those modes can then be
selected when the user joins a session (opt. -J). For example,
"sb2 -S sessionfile -m devel -m emulate"
creates a persistent session which can be used in "devel" and "emulate"
modes. The first listed mode becomes the default.
Examples:
"sb2 -J sessionfile" => devel mode,
"sb2 -J sessionfile -e" => emulate mode,
"sb2 -J sessionfile -m emulate" => emulate mode,
but "sb2 -J sessionfile -m simple" fails, because "simple" was not listed
when the session was created.
|
|
- Added a pathname cache/db, which keeps fd=>path mappings. Those
are needed for correct operation of openat() and friends.
- NOTE: This is an initial version; there are still features that
missing! To be extended later..
|
|
- Newest Ubuntu uses gcc 4.3.2 which was not happy when
asprintf()'s return value was ignored almost everywhere
=> added checks, most places just log an error if asprintf()
fails.
+ other small, similar changes because of the same reason
|
|
executable is now 4 bytes. Smaller files are rejected. - sb2-show: better diagnostics, if "sb2-show exec" fails.
|
|
__SB2_REAL_BINARYNAME are now copied to global vars at startup (previously those were fetched by getenv() before every call to Lua functions, which is unsafe and slow) - env.var. SBOX_EMULATE_SB1_BUGS was replaced by conf.var. sbox_emulate_sb1_bugs
|
|
- i.e. getcwd(), realpath(), get_current_dir_name_gate() and getwd() now return the place where SB2 pretends to be, not the real path anymore - reverse mapping rules are created automatically when the session is created. However, there are still some situations where reverse mapping is disabled (see lua_scripts/create_reverse_rules.lua for details) - This also fixes a nasty bug with "mkdir -p" (which created directories to wrong locations in certain situations. "mkdir" witout "-p" was OK) - sb2-show: added new command "realcwd" - "devel" mapping mode: some paths were classified as virtual (virtual_path is a new attribute for rules: It disables reversing of that rule) - "simple" mapping mode: ~/.scratchbox2, .../share/scratchbox2 and /usr/bin/sb2-show were added to mapping rules - luaif.c: sb.decolonize_path() was disabled (It isn't anymore used from our Lua scripts, but I didn't
|
|
With this commit it is possible to instruct sb2 to load localization
files and message catalogs from specific path (for example under
target_root).
(Reviewed by Lauri T. Aarnio)
|
|
now also handled by an exec postprocessor: Replaced that hard-coded logic what we had in sb_exec.c; all that is now handled by argvenvp.lua but the logic is still quite hard-coded and can't be controlled by an exec policy, yet. - "sb.getcwd()" was added to luaif.c, argvenvp.lua needs it - one more environment variable was removed (SBRSH_CONFIG)
|
|
This prevents sb2 from spitting out warnings about
unidentified binaries when running codesourcery
toolchains on amd64 hosts.
Signed-off-by: Lauri Leukkunen <lle@rahina.org>
|
|
|
|
- sb_exec.c was reorganized so that all modifications to parameters and environment were moved to functions that are separate from the actual exec call (sb_next_execve()) - The most important effect of this is that "sb2-show exec" can now display the exact and complete modifications that are performed (previously, sb2-show could only show results of the preprosessing phase, but postprocessing was left out) - "sb2-show exec" displays also modifications to the environment now (the algorithm is quite simple, but at least it exists now!)
|
|
even before the library constructor is called (for example, while other libraries are being initialized) - Moved initialization of some important global variables (those that hold copies of environment variables) to a new function, which will be called from all exported interface functions until the library has been initialized
|
|
GATES - interface.master: create_nomap_nolog_version is used for "getcwd"
|
|
added flags & command to sb2-show so that Lua scripts for testing, debugging and benchmarking can be easily executed in the lua context which is created by the preload library.
|
|
Patch by Linus Walleij <triad@df.lth.se>
Signed-off-by: Lauri Leukkunen <lle@rahina.org>
|
|
Patch by Linus Walleij <triad@df.lth.se>
Signed-off-by: Lauri Leukkunen <lle@rahina.org>
|
