* Derived from rpm-ostree's rust/src/bwrap.rs
*/
static gboolean
-run_in_deployment (int deployment_dfd, const gchar *const *child_argv, gsize child_argc,
- gint *exit_status, gchar **stdout, GError **error)
-{
- static const gchar *const COMMON_ARGV[] = {
- "/usr/bin/bwrap",
- "--dev",
- "/dev",
- "--proc",
- "/proc",
- "--dir",
- "/run",
- "--dir",
- "/tmp",
- "--chdir",
- "/",
- "--die-with-parent",
- "--unshare-pid",
- "--unshare-uts",
- "--unshare-ipc",
- "--unshare-cgroup-try",
- "--ro-bind",
- "/sys/block",
- "/sys/block",
- "--ro-bind",
- "/sys/bus",
- "/sys/bus",
- "--ro-bind",
- "/sys/class",
- "/sys/class",
- "--ro-bind",
- "/sys/dev",
- "/sys/dev",
- "--ro-bind",
- "/sys/devices",
- "/sys/devices",
- "--bind",
- "usr",
- "/usr",
- "--bind",
- "etc",
- "/etc",
- "--bind",
- "var",
- "/var",
- "--symlink",
- "/usr/lib",
- "/lib",
- "--symlink",
- "/usr/lib32",
- "/lib32",
- "--symlink",
- "/usr/lib64",
- "/lib64",
- "--symlink",
- "/usr/bin",
- "/bin",
- "--symlink",
- "/usr/sbin",
- "/sbin",
- };
- static const gsize COMMON_ARGC = sizeof (COMMON_ARGV) / sizeof (*COMMON_ARGV);
-
- gsize i;
- GPtrArray *args = g_ptr_array_sized_new (COMMON_ARGC + child_argc + 1);
+run_in_deployment (int deployment_dfd, const gchar *const *child_argv, gint *exit_status,
+ gchar **stdout, GError **error)
+{
+ static const gchar *const COMMON_ARGV[] = { "/usr/bin/bwrap",
+ "--dev",
+ "/dev",
+ "--proc",
+ "/proc",
+ "--dir",
+ "/run",
+ "--dir",
+ "/tmp",
+ "--chdir",
+ "/",
+ "--die-with-parent",
+ "--unshare-pid",
+ "--unshare-uts",
+ "--unshare-ipc",
+ "--unshare-cgroup-try",
+ "--ro-bind",
+ "/sys/block",
+ "/sys/block",
+ "--ro-bind",
+ "/sys/bus",
+ "/sys/bus",
+ "--ro-bind",
+ "/sys/class",
+ "/sys/class",
+ "--ro-bind",
+ "/sys/dev",
+ "/sys/dev",
+ "--ro-bind",
+ "/sys/devices",
+ "/sys/devices",
+ "--bind",
+ "usr",
+ "/usr",
+ "--bind",
+ "etc",
+ "/etc",
+ "--bind",
+ "var",
+ "/var",
+ "--symlink",
+ "/usr/lib",
+ "/lib",
+ "--symlink",
+ "/usr/lib32",
+ "/lib32",
+ "--symlink",
+ "/usr/lib64",
+ "/lib64",
+ "--symlink",
+ "/usr/bin",
+ "/bin",
+ "--symlink",
+ "/usr/sbin",
+ "/sbin",
+ NULL };
+
+ GPtrArray *args = g_ptr_array_new ();
g_autofree gchar **args_raw = NULL;
- for (i = 0; i < COMMON_ARGC; i++)
- g_ptr_array_add (args, (gchar *)COMMON_ARGV[i]);
+ for (char **it = (char **)COMMON_ARGV; it && *it; it++)
+ g_ptr_array_add (args, *it);
- for (i = 0; i < child_argc; i++)
- g_ptr_array_add (args, (gchar *)child_argv[i]);
+ for (char **it = (char **)child_argv; it && *it; it++)
+ g_ptr_array_add (args, *it);
g_ptr_array_add (args, NULL);
* Skip the SELinux policy refresh if the --refresh
* flag is not supported by semodule.
*/
- static const gchar *const SEMODULE_HELP_ARGV[] = { "semodule", "--help" };
- static const gsize SEMODULE_HELP_ARGC
- = sizeof (SEMODULE_HELP_ARGV) / sizeof (*SEMODULE_HELP_ARGV);
- if (!run_in_deployment (deployment_dfd, SEMODULE_HELP_ARGV, SEMODULE_HELP_ARGC, &exit_status,
- &stdout, error))
+ static const gchar *const SEMODULE_HELP_ARGV[] = { "semodule", "--help", NULL };
+ if (!run_in_deployment (deployment_dfd, SEMODULE_HELP_ARGV, &exit_status, &stdout, error))
return FALSE;
if (!g_spawn_check_exit_status (exit_status, error))
return glnx_prefix_error (error, "failed to run semodule");
return TRUE;
}
- static const gchar *const SEMODULE_REBUILD_ARGV[] = { "semodule", "-N", "--refresh" };
- static const gsize SEMODULE_REBUILD_ARGC
- = sizeof (SEMODULE_REBUILD_ARGV) / sizeof (*SEMODULE_REBUILD_ARGV);
+ static const gchar *const SEMODULE_REBUILD_ARGV[] = { "semodule", "-N", "--refresh", NULL };
ot_journal_print (LOG_INFO, "Refreshing SELinux policy");
guint64 start_msec = g_get_monotonic_time () / 1000;
- if (!run_in_deployment (deployment_dfd, SEMODULE_REBUILD_ARGV, SEMODULE_REBUILD_ARGC,
- &exit_status, NULL, error))
+ if (!run_in_deployment (deployment_dfd, SEMODULE_REBUILD_ARGV, &exit_status, NULL, error))
return FALSE;
guint64 end_msec = g_get_monotonic_time () / 1000;
ot_journal_print (LOG_INFO, "Refreshed SELinux policy in %" G_GUINT64_FORMAT " ms",
projects / ostree.git / commitdiff