fixup! WIP: Add support for wrapping binaries (rpm, dracut, grubby)

coreos · May 2, 2019 · f745008 · f745008
1 parent f7b3d6d
commit f745008
Show file tree

Hide file tree

Showing 3 changed files with 21 additions and 7 deletions.
diff --git a/rust/src/cliwrap.rs b/rust/src/cliwrap.rs
@@ -29,7 +29,7 @@ mod grubby;
 mod dracut;
 
 /// Location for the underlying (not wrapped) binaries.
-pub(crate) static WRAP_DESTDIR : &str = "usr/libexec/rpm-ostree/wrapped";
+pub const CLIWRAP_DESTDIR : &'static str = "usr/libexec/rpm-ostree/wrapped";
 
 /// Our list of binaries that will be wrapped.  Must be a relative path.
 static WRAPPED_BINARIES : &[&str] = &["usr/bin/rpm",
@@ -59,7 +59,7 @@ fn cliwrap_main(args: &Vec<String>) -> Fallible<()> {
 /// Move the real binaries to a subdir, and replace them with
 /// a shell script that calls our wrapping code.
 fn write_wrappers(rootfs_dfd: &openat::Dir) -> Fallible<()> {
-    let destdir = std::path::Path::new(WRAP_DESTDIR);
+    let destdir = std::path::Path::new(CLIWRAP_DESTDIR);
     rootfs_dfd.ensure_dir(destdir.parent().unwrap())?;
     rootfs_dfd.ensure_dir(destdir)?;
     WRAPPED_BINARIES.par_iter().try_for_each(|&bin| {
@@ -70,7 +70,7 @@ fn write_wrappers(rootfs_dfd: &openat::Dir) -> Fallible<()> {
         }
 
         let name = binpath.file_name().unwrap().to_str().unwrap();
-        let destpath = format!("{}/{}", WRAP_DESTDIR, name);
+        let destpath = format!("{}/{}", CLIWRAP_DESTDIR, name);
         rootfs_dfd.local_rename(bin, destpath.as_str()).with_context(|e| format!("rename({}): {}", name, e))?;
 
         let f = rootfs_dfd.write_file(binpath, 0o755)?;
@@ -83,10 +83,12 @@ fn write_wrappers(rootfs_dfd: &openat::Dir) -> Fallible<()> {
 
 mod ffi {
     use super::*;
+    use std::ffi::CString;
     use crate::ffiutil::*;
     use glib;
     use libc;
     use failure::ResultExt;
+    use lazy_static::lazy_static;
 
     #[no_mangle]
     pub extern "C" fn ror_cliwrap_write_wrappers(rootfs_dfd: libc::c_int, gerror: *mut *mut glib_sys::GError) -> libc::c_int {
@@ -100,5 +102,13 @@ mod ffi {
         let v: Vec<String> = unsafe { glib::translate::FromGlibPtrContainer::from_glib_none(argv) };
         int_glib_error(cliwrap_main(&v), gerror)
     }
+
+    #[no_mangle]
+    pub extern "C" fn ror_cliwrap_destdir() -> *const libc::c_char {
+        lazy_static! {
+            static ref CLIWRAP_DESTDIR_C: CString = CString::new(CLIWRAP_DESTDIR).unwrap();
+        }
+        CLIWRAP_DESTDIR_C.as_ptr()
+    }
 }
 pub use self::ffi::*;
diff --git a/rust/src/cliwrap/cliutil.rs b/rust/src/cliwrap/cliutil.rs
@@ -32,7 +32,7 @@ fn execvp_strs(argv0: &str, argv: &[&str]) -> Fallible<()> {
 
 /// Return the absolute path to the underlying wrapped binary
 fn get_real_bin(bin_name: &str) -> String {
-    format!("/{}/{}", cliwrap::WRAP_DESTDIR, bin_name)
+    format!("/{}/{}", cliwrap::CLIWRAP_DESTDIR, bin_name)
 }
 
 /// Wrapper for execv which accepts strings
@@ -85,7 +85,7 @@ pub fn run_unprivileged<T: AsRef<str>>(
 {name}: Continuing execution in {delay} seconds.
 "##,
             name = app_name,
-            wrap_destdir = cliwrap::WRAP_DESTDIR,
+            wrap_destdir = cliwrap::CLIWRAP_DESTDIR,
             bin = target_bin,
             delay = delay_s,
         );

diff --git a/src/libpriv/rpmostree-kernel.c b/src/libpriv/rpmostree-kernel.c
@@ -36,6 +36,7 @@
 
 #include "rpmostree-kernel.h"
 #include "rpmostree-bwrap.h"
+#include "rpmostree-rust.h"
 #include "rpmostree-util.h"
 
 static const char usrlib_ostreeboot[] = "usr/lib/ostree-boot";
@@ -453,12 +454,15 @@ rpmostree_run_dracut (int     rootfs_dfd,
    */
   static const char rpmostree_dracut_wrapper_path[] = "usr/bin/rpmostree-dracut-wrapper";
   /* This also hardcodes a few arguments */
-  static const char rpmostree_dracut_wrapper[] =
+  g_autofree char * rpmostree_dracut_wrapper =
+    g_strdup_printf (
     "#!/usr/bin/bash\n"
     "set -euo pipefail\n"
+    "export PATH=%s:${PATH}\n"
     "extra_argv=; if (dracut --help; true) | grep -q -e --reproducible; then extra_argv=\"--reproducible --gzip\"; fi\n"
     "mkdir -p /tmp/dracut && dracut $extra_argv -v --add ostree --tmpdir=/tmp/dracut -f /tmp/initramfs.img \"$@\"\n"
-    "cat /tmp/initramfs.img >/proc/self/fd/3\n";
+    "cat /tmp/initramfs.img >/proc/self/fd/3\n",
+    ror_cliwrap_destdir ());
   g_autoptr(RpmOstreeBwrap) bwrap = NULL;
   g_autoptr(GPtrArray) rebuild_argv = NULL;
   g_auto(GLnxTmpfile) tmpf = { 0, };