2014-10-08 00:11:53 +02:00
|
|
|
#!/bin/bash
|
|
|
|
# This program is free software; you can redistribute it and/or modify
|
|
|
|
# it under the terms of the GNU General Public License as published by
|
|
|
|
# the Free Software Foundation; version 2 of the License.
|
|
|
|
#
|
|
|
|
# This program is distributed in the hope that it will be useful,
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
# GNU General Public License for more details.
|
|
|
|
|
2014-10-08 00:18:23 +02:00
|
|
|
ignore_error() {
|
|
|
|
"$@" 2>/dev/null
|
|
|
|
return 0
|
|
|
|
}
|
|
|
|
|
2015-01-13 04:42:24 +01:00
|
|
|
chroot_mount() {
|
2014-10-08 00:11:53 +02:00
|
|
|
mount "$@" && CHROOT_ACTIVE_MOUNTS=("$2" "${CHROOT_ACTIVE_MOUNTS[@]}")
|
|
|
|
}
|
|
|
|
|
2015-01-13 04:42:24 +01:00
|
|
|
chroot_mount_conditional() {
|
2015-01-11 22:31:47 +01:00
|
|
|
local cond=$1; shift
|
|
|
|
if eval "$cond"; then
|
2015-01-13 04:42:24 +01:00
|
|
|
chroot_mount "$@"
|
2015-01-11 22:31:47 +01:00
|
|
|
fi
|
2014-10-08 00:11:53 +02:00
|
|
|
}
|
|
|
|
|
2015-01-13 04:42:24 +01:00
|
|
|
chroot_api_mount() {
|
|
|
|
CHROOT_ACTIVE_MOUNTS=()
|
|
|
|
[[ $(trap -p EXIT) ]] && die 'Error! Attempting to overwrite existing EXIT trap'
|
|
|
|
trap 'chroot_api_umount' EXIT
|
|
|
|
|
|
|
|
chroot_mount_conditional "! mountpoint -q '$1'" "$1" "$1" --bind &&
|
|
|
|
chroot_mount proc "$1/proc" -t proc -o nosuid,noexec,nodev &&
|
|
|
|
chroot_mount sys "$1/sys" -t sysfs -o nosuid,noexec,nodev,ro &&
|
|
|
|
# ignore_error chroot_mount_conditional "[[ -d '$1/sys/firmware/efi/efivars' ]]" \
|
2015-01-11 22:31:47 +01:00
|
|
|
# efivarfs "$1/sys/firmware/efi/efivars" -t efivarfs -o nosuid,noexec,nodev &&
|
2015-01-13 04:42:24 +01:00
|
|
|
chroot_mount udev "$1/dev" -t devtmpfs -o mode=0755,nosuid &&
|
|
|
|
chroot_mount devpts "$1/dev/pts" -t devpts -o mode=0620,gid=5,nosuid,noexec &&
|
|
|
|
chroot_mount shm "$1/dev/shm" -t tmpfs -o mode=1777,nosuid,nodev &&
|
|
|
|
chroot_mount run "$1/run" -t tmpfs -o nosuid,nodev,mode=0755 &&
|
|
|
|
chroot_mount tmp "$1/tmp" -t tmpfs -o mode=1777,strictatime,nodev,nosuid
|
2014-10-08 00:11:53 +02:00
|
|
|
}
|
|
|
|
|
2015-01-13 04:42:24 +01:00
|
|
|
chroot_api_umount() {
|
2014-10-08 00:11:53 +02:00
|
|
|
umount "${CHROOT_ACTIVE_MOUNTS[@]}"
|
2015-01-13 04:42:24 +01:00
|
|
|
unset CHROOT_ACTIVE_MOUNTS
|
2014-10-08 00:11:53 +02:00
|
|
|
}
|