From 8d77ca6a9a94d4547a0abc8f27753fb7755e69cd Mon Sep 17 00:00:00 2001 From: aszlig Date: Wed, 27 Sep 2017 22:27:31 +0200 Subject: pkgs/sandbox: Use own store path as root directory I've already pointed out in the previous commit that using /tmp for the root directory isn't a very good idea, mainly because we can't access sockets from /tmp (eg. the X server sockets). So what we're now doing is using the store path that contains the sandbox wrappers, because that very path won't be mounted into the sandbox anyway, so we get a free directory just as an entry point. This has the main advantage that we don't need to create any temporary directories which we later need to clean up nor do we need to assume that some paths might exist in the system. For example if we'd use /usr we still have /usr/bin/env on NixOS, but if that's going to go away in the future or we are on a distro that doesn't have it at all, the sandbox setup will fail. Signed-off-by: aszlig --- pkgs/games/build-support/build-sandbox/default.nix | 1 + pkgs/games/build-support/build-sandbox/sandbox.c | 18 ++++++++---------- 2 files changed, 9 insertions(+), 10 deletions(-) (limited to 'pkgs') diff --git a/pkgs/games/build-support/build-sandbox/default.nix b/pkgs/games/build-support/build-sandbox/default.nix index 3b41e1bd..615f5358 100644 --- a/pkgs/games/build-support/build-sandbox/default.nix +++ b/pkgs/games/build-support/build-sandbox/default.nix @@ -53,6 +53,7 @@ stdenv.mkDerivation ({ -DWRAPPED_PATH=\""$bin"\" \ -DWRAPPED_PROGNAME=\""$progname"\" \ -DPARAMS_FILE=\""$(pwd)/params.c"\" \ + -DFS_ROOT_DIR=\""$out"\" \ -o "$out/bin/$progname" ${./sandbox.c} done ''; diff --git a/pkgs/games/build-support/build-sandbox/sandbox.c b/pkgs/games/build-support/build-sandbox/sandbox.c index 69553628..3f54378b 100644 --- a/pkgs/games/build-support/build-sandbox/sandbox.c +++ b/pkgs/games/build-support/build-sandbox/sandbox.c @@ -112,7 +112,7 @@ static bool makedirs(const char *path) static bool bind_mount(const char *path, bool restricted) { int mflags = MS_BIND | MS_REC; - size_t srclen; + size_t srclen, rootdir_len = strlen(FS_ROOT_DIR); char src[PATH_MAX], target[PATH_MAX]; if (restricted) @@ -123,13 +123,13 @@ static bool bind_mount(const char *path, bool restricted) return false; } - if ((srclen = strlen(src)) > PATH_MAX - 4) { - fprintf(stderr, "`/tmp/%s' does not fit in PATH_MAX.\n", src); + if ((srclen = strlen(src)) > PATH_MAX - rootdir_len) { + fprintf(stderr, "`" FS_ROOT_DIR "%s' doesn't fit in PATH_MAX.\n", src); return false; } - memcpy(target, "/tmp", 4); - memcpy(target + 4, src, srclen + 1); + memcpy(target, FS_ROOT_DIR, rootdir_len); + memcpy(target + rootdir_len, src, srclen + 1); if (!makedirs(target)) return false; @@ -405,7 +405,7 @@ static bool setup_chroot(void) mflags = MS_NOEXEC | MS_NOSUID | MS_NODEV | MS_NOATIME; - if (mount("none", "/tmp", "tmpfs", mflags, NULL) == -1) { + if (mount("none", FS_ROOT_DIR, "tmpfs", mflags, NULL) == -1) { perror("mount rootfs"); return false; } @@ -419,15 +419,13 @@ static bool setup_chroot(void) if (!bind_mount("/sys", false)) return false; - if (mkdir("/tmp/tmp", 0700) == -1) { - perror("mkdir private tmp"); + if (!bind_mount("/tmp", true, false)) return false; - } if (!setup_app_paths()) return false; - if (chroot("/tmp") == -1) { + if (chroot(FS_ROOT_DIR) == -1) { perror("chroot"); return false; } -- cgit 1.4.1