Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

libpriv/scripts: inject pkgname in scriptlets environment #3891

Merged
merged 1 commit into from
Aug 1, 2022
Merged

libpriv/scripts: inject pkgname in scriptlets environment #3891

merged 1 commit into from
Aug 1, 2022

Conversation

lucab
Copy link
Contributor

@lucab lucab commented Jul 29, 2022

This introduces a new RPMOSTREE_SCRIPT_PKG_NAME environment
variable which gets propagated through bwrap into the context
of scripts. It allows sandboxed logic to introspect the package name.

@lucab
Copy link
Contributor Author

lucab commented Jul 29, 2022
edited
Loading

Followup from the late comments on #3778.

Together with the upcoming useradd interception logic (WIP), the final names of the fragments will look like this (e.g. tss from tpm2-tss package):

systemd.post: Reading config file "/usr/lib/sysusers.d/30-pkg-tpm2-tss-group-tss.conf"…
systemd.post: Reading config file "/usr/lib/sysusers.d/40-pkg-tpm2-tss-user-tss.conf"…

/cc @jlebon

@lucab lucab requested a review from jlebon July 29, 2022 14:07
cgwalters
cgwalters previously approved these changes Jul 29, 2022
View reviewed changes
rust/src/builtins/scriptlet_intercept/groupadd.rs Outdated Show resolved Hide resolved
@lucab
Copy link
Contributor Author

lucab commented Jul 29, 2022

/retest

@lucab
libpriv/scripts: inject pkgname in scriptlets environment
fcc7809 
This introduces a new `RPMOSTREE_SCRIPT_PKG_NAME` environment
variable which gets propagated through `bwrap` into the context
of scripts. It allows sandboxed logic to introspect the package name.
@lucab lucab force-pushed the ups/scriptlet-pkgname branch from 8daa5a0 to fcc7809 Compare August 1, 2022 07:43
@lucab lucab enabled auto-merge August 1, 2022 12:22
@lucab lucab mentioned this pull request Aug 1, 2022
Merged
cgwalters
cgwalters approved these changes Aug 1, 2022
View reviewed changes
Copy link
Member

@cgwalters cgwalters left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it'd be cleaner if the change of the sysusers filename was a separate commit.

But, fine as is from my PoV.

@lucab lucab merged commit db68b6c into coreos:main Aug 1, 2022
@lucab lucab deleted the ups/scriptlet-pkgname branch August 1, 2022 15:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cgwalters cgwalters cgwalters approved these changes

@jlebon jlebon Awaiting requested review from jlebon

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@lucab @cgwalters