[gnome-desktop/wip/iainl/non-usrmerge] thumbnail: Handle non-usrmerged systems and non-existing directories

From: Iain Lane <iainl src gnome org>
To: commits-list gnome org
Cc:
Subject: [gnome-desktop/wip/iainl/non-usrmerge] thumbnail: Handle non-usrmerged systems and non-existing directories
Date: Thu, 6 Dec 2018 14:54:15 +0000 (UTC)

commit 0cf201a484265354f47e07847e1adcd717e2b928
Author: Iain Lane <iainl gnome org>
Date:   Thu Dec 6 13:30:41 2018 +0000

    thumbnail: Handle non-usrmerged systems and non-existing directories
    
    On systems where /usr-merge hasn't been carried out, /bin (etc) won't
    point to /usr/bin. In that case we should --ro-bind the directory
    instead of --symlinking it.
    
    This implements the suggestion from Simon McVittie on
    https://bugzilla.gnome.org/show_bug.cgi?id=787072.
    
    It also handles source directories not existing, which for example
    /lib64 won't on 32-bit systems.
    
    Closes: #4
    Closes: #89

 libgnome-desktop/gnome-desktop-thumbnail-script.c | 48 +++++++++++++++++++++--
 1 file changed, 44 insertions(+), 4 deletions(-)
---
diff --git a/libgnome-desktop/gnome-desktop-thumbnail-script.c 
b/libgnome-desktop/gnome-desktop-thumbnail-script.c
index 14e2fed3..3d28529c 100644
--- a/libgnome-desktop/gnome-desktop-thumbnail-script.c
+++ b/libgnome-desktop/gnome-desktop-thumbnail-script.c
@@ -506,6 +506,25 @@ setup_seccomp (GPtrArray  *argv_array,
 #endif
 
 #ifdef HAVE_BWRAP
+static gboolean
+is_usrmerged (const gchar *dir)
+{
+  /* does dir point to /usr/dir? */
+  g_autofree gchar *target = NULL;
+  GStatBuf stat_buf_src, stat_buf_target;
+
+  if (g_stat (dir, &stat_buf_src) < 0)
+    return FALSE;
+
+  target = g_strdup_printf ("/usr%s", dir);
+
+  if (g_stat (target, &stat_buf_target) < 0)
+    return FALSE;
+
+  return (stat_buf_src.st_dev == stat_buf_target.st_dev) &&
+         (stat_buf_src.st_ino == stat_buf_target.st_ino);
+}
+
 static gboolean
 add_bwrap (GPtrArray   *array,
           ScriptExec  *script)
@@ -513,21 +532,42 @@ add_bwrap (GPtrArray   *array,
   g_return_val_if_fail (script->outdir != NULL, FALSE);
   g_return_val_if_fail (script->s_infile != NULL, FALSE);
 
+  /* on some systems these could be symlinks to /usr/$dir */
+  const gchar * const usrmerged_dirs[] = { "/bin", "/lib64", "/lib", "/sbin" };
+
   add_args (array,
            "bwrap",
            "--ro-bind", "/usr", "/usr",
-           "--ro-bind", "/lib", "/lib",
-           "--ro-bind", "/lib64", "/lib64",
            "--proc", "/proc",
            "--dev", "/dev",
-           "--symlink", "usr/bin", "/bin",
-           "--symlink", "usr/sbin", "/sbin",
            "--chdir", "/",
            "--setenv", "GIO_USE_VFS", "local",
            "--unshare-all",
            "--die-with-parent",
            NULL);
 
+  /* These directories might be symlinks into /usr/... */
+  for (int i = 0; i < G_N_ELEMENTS (usrmerged_dirs); i++)
+    {
+      if (!g_file_test (usrmerged_dirs[i], G_FILE_TEST_EXISTS))
+        continue;
+
+      if (is_usrmerged (usrmerged_dirs[i]))
+        {
+          g_autofree gchar *dir = g_strdup_printf ("usr%s", usrmerged_dirs[i]);
+
+          add_args (array,
+                    "--symlink", dir, usrmerged_dirs[i],
+                    NULL);
+        }
+      else
+        {
+          add_args (array,
+                    "--ro-bind", usrmerged_dirs[i], usrmerged_dirs[i],
+                    NULL);
+        }
+    }
+
   add_env (array, "G_MESSAGES_DEBUG");
   add_env (array, "G_MESSAGES_PREFIXED");

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]