future-install-scripts/future-chroot.in

#!/bin/bash
# SPDX-License-Identifier: GPL-2.0-only

shopt -s extglob

unshare=0
keepresolvconf=0

m4_include(common)

usage() {
  cat <<EOF
usage: ${0##*/} chroot-dir [command] [arguments...]

    -h                  Print this help message
    -N                  Run in unshare mode as a regular user
    -u <user>[:group]   Specify non-root user and optional group to use
    -r                  Do not change the resolv.conf within the chroot

If 'command' is unspecified, ${0##*/} will launch /bin/bash.

Note that when using future-chroot, the target chroot directory *should* be a
mountpoint. This ensures that tools such as pacman(8) or findmnt(8) have an
accurate hierarchy of the mounted filesystems within the chroot.

If your chroot target is not a mountpoint, you can bind mount the directory on
itself to make it a mountpoint, i.e. 'mount --bind /your/chroot /your/chroot'.

EOF
}

resolve_link() {
  local target=$1
  local root=$2

  # If a root was given, make sure it ends in a slash.
  [[ -n $root && $root != */ ]] && root=$root/

  while [[ -L $target ]]; do
    target=$(readlink -m "$target")
    # If a root was given, make sure the target is under it.
    # Make sure to strip any leading slash from target first.
    [[ -n $root && $target != $root* ]] && target=$root${target#/}
  done

  printf %s "$target"
}

chroot_add_resolv_conf() {
  local chrootdir=$1
  local src
  local dest="$chrootdir/etc/resolv.conf"

  src=$(resolve_link /etc/resolv.conf)

  # If we don't have a source resolv.conf file, there's nothing useful we can do.
  [[ -e $src ]] || return 0

  if [[ ! -e "$dest" && ! -h "$dest" ]]; then
    # There may be no resolv.conf in the chroot. In this case, we'll just exit.
    # The chroot environment must not be concerned with DNS resolution.
    return 0
  fi

  chroot_add_mount "$src" "$dest" -c --bind
}

future-chroot() {
  (( EUID == 0 )) || die 'This script must be run with root privileges'

  [[ -d $chrootdir ]] || die "Can't create chroot on non-directory %s" "$chrootdir"

  $setup "$chrootdir" || die "failed to setup chroot %s" "$chrootdir"
  if (( ! keepresolvconf )); then
    chroot_add_resolv_conf "$chrootdir" || die "failed to setup resolv.conf"
  fi

  if ! mountpoint -q "$chrootdir"; then
    warning "$chrootdir is not a mountpoint. This may have undesirable side effects."
  fi

  chroot_args=()
  [[ $userspec ]] && chroot_args+=(--userspec "$userspec")

  SHELL=/bin/bash $pid_unshare chroot "${chroot_args[@]}" -- "$chrootdir" "${args[@]}"
}

while getopts ':hNu:r' flag; do
  case $flag in
    h)
      usage
      exit 0
      ;;
    N)
      unshare=1
      ;;
    u)
      userspec=$OPTARG
      ;;
    r)
      keepresolvconf=1
      ;;
    :)
      die '%s: option requires an argument -- '\''%s'\' "${0##*/}" "$OPTARG"
      ;;
    ?)
      die '%s: invalid option -- '\''%s'\' "${0##*/}" "$OPTARG"
      ;;
  esac
done
shift $(( OPTIND - 1 ))

(( $# )) || die 'No chroot directory specified'
chrootdir=$1
shift

args=("$@")
if (( unshare )); then
  setup=unshare_setup
  $mount_unshare bash -c "$(declare_all); future-chroot"
else
  setup=chroot_setup
  future-chroot
fi
add chroot helper tool 2012-06-18 04:44:55 +08:00			`#!/bin/bash`
tree-wide: add SPDX headers and shebang 2024-04-07 00:09:04 +08:00			`# SPDX-License-Identifier: GPL-2.0-only`
add chroot helper tool 2012-06-18 04:44:55 +08:00
			`shopt -s extglob`

Use separate pid namespace for worker processes As described in 2be79c6 ("run the chroot in a new PID namespace"), child processes can hang around and keep various files open. This may prevent filesystems from being unmounted (as they are still in-use). When adding unshare mode, I did not quite understand this distinction (and I wasn't testing with e.g. gnupg) so I didn't catch this. Fix this by always using unshare to create a second pid namespace for "worker" processes. This ensures that all children are dead when we start unmounting things. As the top-level unshare is no longer always necessary, convert the unshare variable to a binary value. Fixes: ee9db7d ("Add unshare mode to pacstrap") Closes: #21 2022-07-28 22:02:31 +08:00			`unshare=0`
arch-chroot: add option to preserve the chroot resolv.conf There is a comprehensive inline comment about why we're touching the chroot resolv.conf. Although it does not consider the cases where: - the link may be broken for specific reasons, and/or - working resolver within the chroot is not wanted v2: - flip the condition check Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com> 2023-03-25 05:12:02 +08:00			`keepresolvconf=0`
Add unshare mode to arch-chroot This is effectively the same transformation as in the previous patch. We move the mountpoint warning later to avoid warning when we are about to bind-mount the chroot dir ourselves. 2021-11-18 03:08:10 +08:00
arch-chroot: move include_m4 after the globals After the m4 substitution, the globals end up mixed misc functions. Just keep them at the top for legibility. Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com> 2023-03-27 00:57:04 +08:00			`m4_include(common)`

add proper help/usage for tools 2012-06-18 05:52:39 +08:00			`usage() {`
			`cat <<EOF`
Added info to docs and improved readability 2022-02-25 04:42:05 +08:00			`usage: ${0##*/} chroot-dir [command] [arguments...]`
arch-chroot: explain default behavior in usage 2012-09-09 03:29:18 +08:00
support coreutils chroot's --userspec 2016-04-18 19:05:15 +08:00			`-h Print this help message`
Add unshare mode to arch-chroot This is effectively the same transformation as in the previous patch. We move the mountpoint warning later to avoid warning when we are about to bind-mount the chroot dir ourselves. 2021-11-18 03:08:10 +08:00			`-N Run in unshare mode as a regular user`
support coreutils chroot's --userspec 2016-04-18 19:05:15 +08:00			`-u <user>[:group] Specify non-root user and optional group to use`
arch-chroot: add option to preserve the chroot resolv.conf There is a comprehensive inline comment about why we're touching the chroot resolv.conf. Although it does not consider the cases where: - the link may be broken for specific reasons, and/or - working resolver within the chroot is not wanted v2: - flip the condition check Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com> 2023-03-25 05:12:02 +08:00			`-r Do not change the resolv.conf within the chroot`
add the -h option to the usage 2012-11-13 10:00:09 +08:00
Fix the help text Fixed the help text where it says what it will exec 2016-06-12 12:57:16 +08:00			`If 'command' is unspecified, ${0##*/} will launch /bin/bash.`
add proper help/usage for tools 2012-06-18 05:52:39 +08:00
Modify Arch Install Scripts to work with Future Linux Install Scripts 2024-10-29 12:28:58 +08:00			`Note that when using future-chroot, the target chroot directory should be a`
arch-chroot: warn when chrooting into a non-mountpoint Amend the --help to explain why this is bad. 2018-10-16 00:57:48 +08:00			`mountpoint. This ensures that tools such as pacman(8) or findmnt(8) have an`
			`accurate hierarchy of the mounted filesystems within the chroot.`

			`If your chroot target is not a mountpoint, you can bind mount the directory on`
			`itself to make it a mountpoint, i.e. 'mount --bind /your/chroot /your/chroot'.`

add proper help/usage for tools 2012-06-18 05:52:39 +08:00			`EOF`
			`}`

add_resolve_conf: recursive host + target symlinks 2018-06-06 05:57:02 +08:00			`resolve_link() {`
			`local target=$1`
			`local root=$2`

			`# If a root was given, make sure it ends in a slash.`
			`[[ -n $root && $root != */ ]] && root=$root/`

			`while [[ -L $target ]]; do`
			`target=$(readlink -m "$target")`
			`# If a root was given, make sure the target is under it.`
			`# Make sure to strip any leading slash from target first.`
			`[[ -n $root && $target != $root* ]] && target=$root${target#/}`
			`done`

			`printf %s "$target"`
			`}`

arch-chroot: handle /etc/resolv.conf as a symlink This is probably going to lead to somewhere in /run, but we may as well support a symlink to anywhere, as long as it isn't a nested symlink. ref: https://bugs.archlinux.org/task/43540 2015-01-27 07:12:33 +08:00			`chroot_add_resolv_conf() {`
add_resolve_conf: recursive host + target symlinks 2018-06-06 05:57:02 +08:00			`local chrootdir=$1`
arch-chroot: split variable declaration and assignment As suggested by shellcheck: In arch-chroot line 164: local src=$(resolve_link /etc/resolv.conf) ^-^ SC2155 (warning): Declare and assign separately to avoid masking return values. In arch-chroot line 165: local dest=$(resolve_link "$chrootdir/etc/resolv.conf" "$chrootdir") ^--^ SC2155 (warning): Declare and assign separately to avoid masking return values. Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com> 2023-03-25 04:09:20 +08:00			`local src`
arch-chroot: bind mount over a /etc/resolv.conf symlink Use mount's a -c/--no-canonicalize option to ensure the bind mount to /etc/resolv.conf in the chroot directory is mounted correctly. This avoids issues when the chroot's /etc/resolv.conf is a symlink. Bump required util-linux version to 2.39 which supports the new mount API. Fixes https://github.com/archlinux/arch-install-scripts/issues/55 Related to https://github.com/util-linux/util-linux/issues/2370 2023-08-02 22:05:58 +08:00			`local dest="$chrootdir/etc/resolv.conf"`
arch-chroot: split variable declaration and assignment As suggested by shellcheck: In arch-chroot line 164: local src=$(resolve_link /etc/resolv.conf) ^-^ SC2155 (warning): Declare and assign separately to avoid masking return values. In arch-chroot line 165: local dest=$(resolve_link "$chrootdir/etc/resolv.conf" "$chrootdir") ^--^ SC2155 (warning): Declare and assign separately to avoid masking return values. Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com> 2023-03-25 04:09:20 +08:00
			`src=$(resolve_link /etc/resolv.conf)`
add_resolve_conf: recursive host + target symlinks 2018-06-06 05:57:02 +08:00
			`# If we don't have a source resolv.conf file, there's nothing useful we can do.`
			`[[ -e $src ]] \|\| return 0`

arch-chroot: bind mount over a /etc/resolv.conf symlink Use mount's a -c/--no-canonicalize option to ensure the bind mount to /etc/resolv.conf in the chroot directory is mounted correctly. This avoids issues when the chroot's /etc/resolv.conf is a symlink. Bump required util-linux version to 2.39 which supports the new mount API. Fixes https://github.com/archlinux/arch-install-scripts/issues/55 Related to https://github.com/util-linux/util-linux/issues/2370 2023-08-02 22:05:58 +08:00			`if [[ ! -e "$dest" && ! -h "$dest" ]]; then`
			`# There may be no resolv.conf in the chroot. In this case, we'll just exit.`
			`# The chroot environment must not be concerned with DNS resolution.`
			`return 0`
arch-chroot: handle /etc/resolv.conf as a symlink This is probably going to lead to somewhere in /run, but we may as well support a symlink to anywhere, as long as it isn't a nested symlink. ref: https://bugs.archlinux.org/task/43540 2015-01-27 07:12:33 +08:00			`fi`

arch-chroot: bind mount over a /etc/resolv.conf symlink Use mount's a -c/--no-canonicalize option to ensure the bind mount to /etc/resolv.conf in the chroot directory is mounted correctly. This avoids issues when the chroot's /etc/resolv.conf is a symlink. Bump required util-linux version to 2.39 which supports the new mount API. Fixes https://github.com/archlinux/arch-install-scripts/issues/55 Related to https://github.com/util-linux/util-linux/issues/2370 2023-08-02 22:05:58 +08:00			`chroot_add_mount "$src" "$dest" -c --bind`
arch-chroot: handle /etc/resolv.conf as a symlink This is probably going to lead to somewhere in /run, but we may as well support a symlink to anywhere, as long as it isn't a nested symlink. ref: https://bugs.archlinux.org/task/43540 2015-01-27 07:12:33 +08:00			`}`

Modify Arch Install Scripts to work with Future Linux Install Scripts 2024-10-29 12:28:58 +08:00			`future-chroot() {`
arch-chroot: stop interleaving functions and sequential code Makes it easier to reason about the code. Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com> 2023-03-25 04:18:14 +08:00			`(( EUID == 0 )) \|\| die 'This script must be run with root privileges'`

			`[[ -d $chrootdir ]] \|\| die "Can't create chroot on non-directory %s" "$chrootdir"`

			`$setup "$chrootdir" \|\| die "failed to setup chroot %s" "$chrootdir"`
arch-chroot: add option to preserve the chroot resolv.conf There is a comprehensive inline comment about why we're touching the chroot resolv.conf. Although it does not consider the cases where: - the link may be broken for specific reasons, and/or - working resolver within the chroot is not wanted v2: - flip the condition check Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com> 2023-03-25 05:12:02 +08:00			`if (( ! keepresolvconf )); then`
			`chroot_add_resolv_conf "$chrootdir" \|\| die "failed to setup resolv.conf"`
			`fi`
arch-chroot: stop interleaving functions and sequential code Makes it easier to reason about the code. Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com> 2023-03-25 04:18:14 +08:00
			`if ! mountpoint -q "$chrootdir"; then`
			`warning "$chrootdir is not a mountpoint. This may have undesirable side effects."`
			`fi`

			`chroot_args=()`
			`[[ $userspec ]] && chroot_args+=(--userspec "$userspec")`

			`SHELL=/bin/bash $pid_unshare chroot "${chroot_args[@]}" -- "$chrootdir" "${args[@]}"`
			`}`

arch-chroot: add option to preserve the chroot resolv.conf There is a comprehensive inline comment about why we're touching the chroot resolv.conf. Although it does not consider the cases where: - the link may be broken for specific reasons, and/or - working resolver within the chroot is not wanted v2: - flip the condition check Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com> 2023-03-25 05:12:02 +08:00			`while getopts ':hNu:r' flag; do`
support coreutils chroot's --userspec 2016-04-18 19:05:15 +08:00			`case $flag in`
			`h)`
			`usage`
			`exit 0`
			`;;`
Add unshare mode to arch-chroot This is effectively the same transformation as in the previous patch. We move the mountpoint warning later to avoid warning when we are about to bind-mount the chroot dir ourselves. 2021-11-18 03:08:10 +08:00			`N)`
Use separate pid namespace for worker processes As described in 2be79c6 ("run the chroot in a new PID namespace"), child processes can hang around and keep various files open. This may prevent filesystems from being unmounted (as they are still in-use). When adding unshare mode, I did not quite understand this distinction (and I wasn't testing with e.g. gnupg) so I didn't catch this. Fix this by always using unshare to create a second pid namespace for "worker" processes. This ensures that all children are dead when we start unmounting things. As the top-level unshare is no longer always necessary, convert the unshare variable to a binary value. Fixes: ee9db7d ("Add unshare mode to pacstrap") Closes: #21 2022-07-28 22:02:31 +08:00			`unshare=1`
Add unshare mode to arch-chroot This is effectively the same transformation as in the previous patch. We move the mountpoint warning later to avoid warning when we are about to bind-mount the chroot dir ourselves. 2021-11-18 03:08:10 +08:00			`;;`
support coreutils chroot's --userspec 2016-04-18 19:05:15 +08:00			`u)`
			`userspec=$OPTARG`
			`;;`
arch-chroot: add option to preserve the chroot resolv.conf There is a comprehensive inline comment about why we're touching the chroot resolv.conf. Although it does not consider the cases where: - the link may be broken for specific reasons, and/or - working resolver within the chroot is not wanted v2: - flip the condition check Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com> 2023-03-25 05:12:02 +08:00			`r)`
			`keepresolvconf=1`
			`;;`
support coreutils chroot's --userspec 2016-04-18 19:05:15 +08:00			`:)`
			`die '%s: option requires an argument -- '\''%s'\' "${0##*/}" "$OPTARG"`
			`;;`
			`?)`
			`die '%s: invalid option -- '\''%s'\' "${0##*/}" "$OPTARG"`
			`;;`
			`esac`
			`done`
			`shift $(( OPTIND - 1 ))`
add chroot helper tool 2012-06-18 04:44:55 +08:00
arch-chroot: fix braino, check for args before shifting 2016-06-12 22:51:04 +08:00			`(( $# )) \|\| die 'No chroot directory specified'`
use intermediate var for chrootdir the trap won't necessarily have the same positional parameters. 2012-06-20 22:25:18 +08:00			`chrootdir=$1`
arch-chroot: shift off first arg as chrootdir 2012-08-13 23:12:41 +08:00			`shift`
add proper help/usage for tools 2012-06-18 05:52:39 +08:00
Add unshare mode to arch-chroot This is effectively the same transformation as in the previous patch. We move the mountpoint warning later to avoid warning when we are about to bind-mount the chroot dir ourselves. 2021-11-18 03:08:10 +08:00			`args=("$@")`
Use separate pid namespace for worker processes As described in 2be79c6 ("run the chroot in a new PID namespace"), child processes can hang around and keep various files open. This may prevent filesystems from being unmounted (as they are still in-use). When adding unshare mode, I did not quite understand this distinction (and I wasn't testing with e.g. gnupg) so I didn't catch this. Fix this by always using unshare to create a second pid namespace for "worker" processes. This ensures that all children are dead when we start unmounting things. As the top-level unshare is no longer always necessary, convert the unshare variable to a binary value. Fixes: ee9db7d ("Add unshare mode to pacstrap") Closes: #21 2022-07-28 22:02:31 +08:00			`if (( unshare )); then`
arch-chroot: delay selecting chroot/unshare setup Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com> 2023-03-25 04:56:06 +08:00			`setup=unshare_setup`
Modify Arch Install Scripts to work with Future Linux Install Scripts 2024-10-29 12:28:58 +08:00			`$mount_unshare bash -c "$(declare_all); future-chroot"`
Use separate pid namespace for worker processes As described in 2be79c6 ("run the chroot in a new PID namespace"), child processes can hang around and keep various files open. This may prevent filesystems from being unmounted (as they are still in-use). When adding unshare mode, I did not quite understand this distinction (and I wasn't testing with e.g. gnupg) so I didn't catch this. Fix this by always using unshare to create a second pid namespace for "worker" processes. This ensures that all children are dead when we start unmounting things. As the top-level unshare is no longer always necessary, convert the unshare variable to a binary value. Fixes: ee9db7d ("Add unshare mode to pacstrap") Closes: #21 2022-07-28 22:02:31 +08:00			`else`
arch-chroot: delay selecting chroot/unshare setup Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com> 2023-03-25 04:56:06 +08:00			`setup=chroot_setup`
Modify Arch Install Scripts to work with Future Linux Install Scripts 2024-10-29 12:28:58 +08:00			`future-chroot`
Use separate pid namespace for worker processes As described in 2be79c6 ("run the chroot in a new PID namespace"), child processes can hang around and keep various files open. This may prevent filesystems from being unmounted (as they are still in-use). When adding unshare mode, I did not quite understand this distinction (and I wasn't testing with e.g. gnupg) so I didn't catch this. Fix this by always using unshare to create a second pid namespace for "worker" processes. This ensures that all children are dead when we start unmounting things. As the top-level unshare is no longer always necessary, convert the unshare variable to a binary value. Fixes: ee9db7d ("Add unshare mode to pacstrap") Closes: #21 2022-07-28 22:02:31 +08:00			`fi`