strepsirrhini/libreoffice-online
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
libreoffice-online/loolwsd-systemplate-setup
Ashod Nakashian f9402ea965 mount: handle symlinks and improve updating systemplate 
We should have no symlinks in the jail whatsoever, except
those we create to files known to exist in the jail.

Unfortunately, some systems have some of the /etc files
as symlinks. When we create hard-links to these files,
they can't be accessed from the jail, since the path
they point to isn't replicated in systemplate and jails.

First change here is to always link to the source file or,
when copying, to copy the source rather than a symlink.

Next, to detect modifications, we compare not just the
size and timestamp, but also the contents. This way we
can be certain that any modification will be detected.

Finally, when we copy at least one file in the
systemplate/etc directory, we flag it by creating the
'copied' file. This way we have a reliable indicator
and don't need to second guess if the files are
hard-linked or copied.

We also avoid some noisy errors when we fail to update
systemplate when it's read-only by first checking
if systemplate is writable or not and insue a friendly
log instead.

Change-Id: Ie8c3e70ea4ec19ee098309f8666c00639fa7319b
2020-10-19 07:34:26 +02:00

127 lines
4.5 KiB
Bash
Executable file
Raw Blame History

#!/bin/bash
# set -x
test $# -eq 2 || { echo "Usage: $0 <chroot template directory for system libs to create> <LO installation directory>"; exit 1; }
# No provision for spaces or other weird characters in pathnames. So sue me.
CHROOT=$1
INSTDIR=$2
test -d "$INSTDIR" || { echo "No such directory: $INSTDIR"; exit 1; }
mkdir -p $CHROOT || exit 1
# Resolve the real paths, in case they are relative and/or symlinked.
# INSTDIR_LOGICAL will contain the logical path, if there are symlinks,
# while INSTDIR is the physical one. Both will most likely be the same,
# except on systems that have symlinks in the path. We must create
# both paths (if they are different) inside the jail, hence we need both.
CHROOT=`cd $CHROOT && /bin/pwd`
INSTDIR_LOGICAL=`cd $INSTDIR && /bin/pwd -L`
INSTDIR=`cd $INSTDIR && /bin/pwd -P`
cd / || exit 1
(
# Produce a list of file names, one per line, that will be copied
# into the template tree of system files for the chroot jails.
# First essential files and shared objects
find etc/ld.so.* \
lib/ld-* lib64/ld-* \
lib/libnss_* lib64/libnss_* lib/*/libnss_* \
lib/libresolv* lib64/libresolv* lib/*/libresolv* \
var/cache/fontconfig \
etc/fonts \
usr/lib/locale/en_US.utf8 \
usr/lib/locale/C.UTF-8 \
usr/lib/locale/locale_archive \
usr/lib/*/nss/*.so \
usr/lib/*/libsqlite* \
usr/share/zoneinfo/* \
usr/share/liblangtag \
usr/share/hyphen \
-type f 2>/dev/null
find etc/fonts \
lib/ld-* lib64/ld-* \
lib/libnss_* lib64/libnss_* lib/*/libnss_* \
lib/libresolv* lib64/libresolv* lib/*/libresolv* \
usr/lib/*/libsqlite* \
-type l 2>/dev/null
# Go through the LO shared objects and check what system libraries
# they link to.
find $INSTDIR -name 'xpdfimport' |
while read file; do
ldd $file 2>/dev/null
done |
grep -v dynamic | cut -d " " -f 3 | grep -E '^(/lib|/usr)' | sort -u | sed -e 's,^/,,'
) |
# Can't use -l because then symlinks won't be handled well enough.
# This will now copy the file a symlink points to, but whatever.
cpio -p -d -L $CHROOT
# Link the dynamic files, replacing any existing.
rm -f $CHROOT/etc/copied
for file in hosts nsswitch.conf resolv.conf passwd group host.conf timezone localtime
do
# echo "Linking/Copying /etc/$file"
# Prefer hard-linking, fallback to just copying (do *not* use soft-linking because that would be relative to the jail).
# When copying, we must make sure that we copy the source and not a symlink. Otherwise, the source won't be accessible from the jail.
# In addition, we flag that at least one file is copied by creating the 'copied' file, so that we do check for updates.
ln -f `realpath /etc/$file` $CHROOT/etc/$file || (cp --dereference --preserve=all /etc/$file $CHROOT/etc/$file && touch $CHROOT/etc/copied) || echo "Failed to link or copy $file"
done
# Link dev/random and dev/urandom to ../tmp/dev/.
# The jail then creates the random device nodes in its /tmp/dev/.
mkdir -p $CHROOT/dev
mkdir -p $CHROOT/tmp/dev
for file in random urandom
do
# This link is relative anyway, so can be soft.
ln -f ../tmp/dev/$file $CHROOT/dev/ 2> /dev/null || ln -f -s ../tmp/dev/$file $CHROOT/dev/ || echo "Failed to link dev/$file"
done
# Create a relative symbolic link within systemplate that points from
# the path of $INSTDIR (as seen from the jail as an absolute path)
# to the /lo path, where the instdir of LO will really reside.
mkdir -p $CHROOT/lo
# In case the original path is different from
for path in $INSTDIR $INSTDIR_LOGICAL
do
# Create a soft-link, as it's a relative directory path (can't be a hard-link).
INSTDIR_PARENT="$(dirname "$CHROOT/$path")"
mkdir -p $INSTDIR_PARENT
ln -f -s `realpath --relative-to=$INSTDIR_PARENT $CHROOT/lo` $CHROOT/$path
done
# /usr/share/fonts needs to be taken care of separately because the
# directory time stamps must be preserved for fontconfig to trust
# its cache.
cd $CHROOT || exit 1
mkdir -p usr/share || exit 1
cp -r -p -L /usr/share/fonts usr/share
if [ -h usr/share/fonts/ghostscript ]; then
mkdir usr/share/ghostscript || exit 1
cp -r -p -L /usr/share/ghostscript/fonts usr/share/ghostscript
fi
# Remove obsolete & unused bitmap fonts
find usr/share -name '*.pcf' | xargs rm -f
find usr/share -name '*.pcf.gz' | xargs rm -f
# Debugging only hackery to avoid confusion.
if test "z$ENABLE_DEBUG" != "z" -a "z$HOME" != "z"; then
echo "Copying development users's fonts into systemplate"
mkdir -p $CHROOT/$HOME
test -d $HOME/.fonts && cp -r -p -L $HOME/.fonts $CHROOT/$HOME
fi
exit 0
Reference in a new issue View git blame Copy permalink