sysroot: Support specifying bwrap arguments

Prep for use with zipl.

diff --git a/src/libostree/ostree-sysroot-deploy.c b/src/libostree/ostree-sysroot-deploy.c
index 077b4863dfdd05809dd42b72ea1f919091e952f1..7648f29943f09b3807b4523f8103800684b60e85 100644 (file)
--- a/src/libostree/ostree-sysroot-deploy.c
+++ b/src/libostree/ostree-sysroot-deploy.c
@@ -3165,8 +3165,9 @@ child_setup_fchdir (gpointer data)
  * Derived from rpm-ostree's rust/src/bwrap.rs
  */
 gboolean
-_ostree_sysroot_run_in_deployment (int deployment_dfd, const gchar *const *child_argv,
-                                   gint *exit_status, gchar **stdout, GError **error)
+_ostree_sysroot_run_in_deployment (int deployment_dfd, const char *const *bwrap_argv,
+                                   const gchar *const *child_argv, gint *exit_status,
+                                   gchar **stdout, GError **error)
 {
   static const gchar *const COMMON_ARGV[] = { "/usr/bin/bwrap",
                                               "--dev",
@@ -3229,6 +3230,11 @@ _ostree_sysroot_run_in_deployment (int deployment_dfd, const gchar *const *child
 
   for (char **it = (char **)COMMON_ARGV; it && *it; it++)
     g_ptr_array_add (args, *it);
+  for (char **it = (char **)bwrap_argv; it && *it; it++)
+    g_ptr_array_add (args, *it);
+
+  // Separate bwrap args from child args
+  g_ptr_array_add (args, "--");
 
   for (char **it = (char **)child_argv; it && *it; it++)
     g_ptr_array_add (args, *it);
@@ -3264,8 +3270,8 @@ sysroot_finalize_selinux_policy (int deployment_dfd, GError **error)
    * flag is not supported by semodule.
    */
   static const gchar *const SEMODULE_HELP_ARGV[] = { "semodule", "--help", NULL };
-  if (!_ostree_sysroot_run_in_deployment (deployment_dfd, SEMODULE_HELP_ARGV, &exit_status, &stdout,
-                                          error))
+  if (!_ostree_sysroot_run_in_deployment (deployment_dfd, NULL, SEMODULE_HELP_ARGV, &exit_status,
+                                          &stdout, error))
     return FALSE;
   if (!g_spawn_check_exit_status (exit_status, error))
     return glnx_prefix_error (error, "failed to run semodule");
@@ -3279,8 +3285,8 @@ sysroot_finalize_selinux_policy (int deployment_dfd, GError **error)
 
   ot_journal_print (LOG_INFO, "Refreshing SELinux policy");
   guint64 start_msec = g_get_monotonic_time () / 1000;
-  if (!_ostree_sysroot_run_in_deployment (deployment_dfd, SEMODULE_REBUILD_ARGV, &exit_status, NULL,
-                                          error))
+  if (!_ostree_sysroot_run_in_deployment (deployment_dfd, NULL, SEMODULE_REBUILD_ARGV, &exit_status,
+                                          NULL, error))
     return FALSE;
   guint64 end_msec = g_get_monotonic_time () / 1000;
   ot_journal_print (LOG_INFO, "Refreshed SELinux policy in %" G_GUINT64_FORMAT " ms",

diff --git a/src/libostree/ostree-sysroot-private.h b/src/libostree/ostree-sysroot-private.h
index d18e4082c435df4acdf03c6e0228ab4287f57deb..851bc1f8e65e96c0078dfd87c4927699c4f46a37 100644 (file)
--- a/src/libostree/ostree-sysroot-private.h
+++ b/src/libostree/ostree-sysroot-private.h
@@ -150,8 +150,9 @@ gboolean _ostree_sysroot_rmrf_deployment (OstreeSysroot *sysroot, OstreeDeployme
 
 char *_ostree_sysroot_get_runstate_path (OstreeDeployment *deployment, const char *key);
 
-gboolean _ostree_sysroot_run_in_deployment (int deployment_dfd, const gchar *const *child_argv,
-                                            gint *exit_status, gchar **stdout, GError **error);
+gboolean _ostree_sysroot_run_in_deployment (int deployment_dfd, const char *const *bwrap_argv,
+                                            const gchar *const *child_argv, gint *exit_status,
+                                            gchar **stdout, GError **error);
 
 char *_ostree_sysroot_join_lines (GPtrArray *lines);