Check-in [b801cb0d5d]

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:bulk: Jail pkg-repo again. This reverts [c9ef811ac5] We should keep this jailed to avoid pkg(8) and libarchive exploits in case some package has dangerous data in its manifest, etc.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: b801cb0d5daa3047bab85b9542aa3379c071e09e
User & Date: bdrewery 2013-06-01 23:59:48
Original Comment: bulk: Jail pkg-repo again. This reverts [c9ef811ac5]
Context
2013-06-02
00:02
Fix comment path for PORT_DBDIR check-in: 1285799278 user: bdrewery tags: trunk
2013-06-01
23:59
bulk: Jail pkg-repo again. This reverts [c9ef811ac5] We should keep this jailed to avoid pkg(8) and libarchive exploits in case some package has dangerous data in its manifest, etc. check-in: b801cb0d5d user: bdrewery tags: trunk
01:10
testport: Make errors more clear Reported by: tj@ check-in: c61b908704 user: bdrewery tags: trunk
Changes

Changes to src/share/poudriere/bulk.sh.

72
73
74
75
76
77
78



79
80



81
82


83
84
85
86



87
88
89
90
91
92
93
	if [ $PKGNG -eq 1 ]; then
		msg "Creating pkgng repository"
		bset status "pkgrepo:"
		tar xf ${MASTERMNT}/packages/Latest/pkg.txz -C ${MASTERMNT} \
			-s ",/.*/,poudriere/,g" "*/pkg-static"
		rm -f ${POUDRIERE_DATA}/packages/${MASTERNAME}/repo.txz \
			${POUDRIERE_DATA}/packages/${MASTERNAME}/repo.sqlite



		if [ -n "${PKG_REPO_SIGNING_KEY}" -a \
			-f "${PKG_REPO_SIGNING_KEY}" ]; then



			${MASTERMNT}/poudriere/pkg-static repo \
				${POUDRIERE_DATA}/packages/${MASTERNAME}/ ${PKG_REPO_SIGNING_KEY}


		else
			${MASTERMNT}/poudriere/pkg-static repo \
				${POUDRIERE_DATA}/packages/${MASTERNAME}/
		fi



	else
		msg "Preparing INDEX"
		bset status "index:"
		OSMAJ=`injail uname -r | awk -F. '{ print $1 }'`
		INDEXF=${POUDRIERE_DATA}/packages/${MASTERNAME}/INDEX-${OSMAJ}
		INDEXF_JAIL=$(mktemp -u /tmp/index.XXXXXX)
		rm -f ${INDEXF}.1 2>/dev/null || :







>
>
>
|
|
>
>
>
|
<
>
>

|
<

>
>
>







72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87

88
89
90
91

92
93
94
95
96
97
98
99
100
101
102
	if [ $PKGNG -eq 1 ]; then
		msg "Creating pkgng repository"
		bset status "pkgrepo:"
		tar xf ${MASTERMNT}/packages/Latest/pkg.txz -C ${MASTERMNT} \
			-s ",/.*/,poudriere/,g" "*/pkg-static"
		rm -f ${POUDRIERE_DATA}/packages/${MASTERNAME}/repo.txz \
			${POUDRIERE_DATA}/packages/${MASTERNAME}/repo.sqlite
		# remount rw
		umount ${MASTERMNT}/packages
		mount_packages
		if [ -f "${PKG_REPO_SIGNING_KEY:-/nonexistent}" ]; then
			install -m 0400 ${PKG_REPO_SIGNING_KEY} \
				${MASTERMNT}/tmp/repo.key
			### XXX: Update pkg-repo to support -o
			### so that /packages can remain RO
			injail /poudriere/pkg-static repo /packages \

				/tmp/repo.key
			rm -f ${MASTERMNT}/tmp/repo.key
		else
			injail /poudriere/pkg-static repo /packages

		fi
		# Remount ro
		umount ${MASTERMNT}/packages
		mount_packages -o ro
	else
		msg "Preparing INDEX"
		bset status "index:"
		OSMAJ=`injail uname -r | awk -F. '{ print $1 }'`
		INDEXF=${POUDRIERE_DATA}/packages/${MASTERNAME}/INDEX-${OSMAJ}
		INDEXF_JAIL=$(mktemp -u /tmp/index.XXXXXX)
		rm -f ${INDEXF}.1 2>/dev/null || :