From: Colin Walters <walters@verbum.org>
Date: Thu, 30 Nov 2023 16:12:55 +0000 (-0500)
Subject: sysroot: Expose deployment container executor internally
X-Git-Tag: archive/raspbian/2023.8-1+rpi1^2~9^2^2~4^2~3
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=791337fa468e58a5d3e3228e598f81daf832cbdc;p=ostree.git

sysroot: Expose deployment container executor internally

Prep for using this for zipl.
---

diff --git a/src/libostree/ostree-sysroot-deploy.c b/src/libostree/ostree-sysroot-deploy.c
index 74c84d27..077b4863 100644
--- a/src/libostree/ostree-sysroot-deploy.c
+++ b/src/libostree/ostree-sysroot-deploy.c
@@ -3164,9 +3164,9 @@ child_setup_fchdir (gpointer data)
 /*
  * Derived from rpm-ostree's rust/src/bwrap.rs
  */
-static gboolean
-run_in_deployment (int deployment_dfd, const gchar *const *child_argv, gint *exit_status,
-                   gchar **stdout, GError **error)
+gboolean
+_ostree_sysroot_run_in_deployment (int deployment_dfd, const gchar *const *child_argv,
+                                   gint *exit_status, gchar **stdout, GError **error)
 {
   static const gchar *const COMMON_ARGV[] = { "/usr/bin/bwrap",
                                               "--dev",
@@ -3264,7 +3264,8 @@ sysroot_finalize_selinux_policy (int deployment_dfd, GError **error)
    * flag is not supported by semodule.
    */
   static const gchar *const SEMODULE_HELP_ARGV[] = { "semodule", "--help", NULL };
-  if (!run_in_deployment (deployment_dfd, SEMODULE_HELP_ARGV, &exit_status, &stdout, error))
+  if (!_ostree_sysroot_run_in_deployment (deployment_dfd, SEMODULE_HELP_ARGV, &exit_status, &stdout,
+                                          error))
     return FALSE;
   if (!g_spawn_check_exit_status (exit_status, error))
     return glnx_prefix_error (error, "failed to run semodule");
@@ -3278,7 +3279,8 @@ sysroot_finalize_selinux_policy (int deployment_dfd, GError **error)
 
   ot_journal_print (LOG_INFO, "Refreshing SELinux policy");
   guint64 start_msec = g_get_monotonic_time () / 1000;
-  if (!run_in_deployment (deployment_dfd, SEMODULE_REBUILD_ARGV, &exit_status, NULL, error))
+  if (!_ostree_sysroot_run_in_deployment (deployment_dfd, SEMODULE_REBUILD_ARGV, &exit_status, NULL,
+                                          error))
     return FALSE;
   guint64 end_msec = g_get_monotonic_time () / 1000;
   ot_journal_print (LOG_INFO, "Refreshed SELinux policy in %" G_GUINT64_FORMAT " ms",
diff --git a/src/libostree/ostree-sysroot-private.h b/src/libostree/ostree-sysroot-private.h
index 5be07c24..d18e4082 100644
--- a/src/libostree/ostree-sysroot-private.h
+++ b/src/libostree/ostree-sysroot-private.h
@@ -150,6 +150,9 @@ gboolean _ostree_sysroot_rmrf_deployment (OstreeSysroot *sysroot, OstreeDeployme
 
 char *_ostree_sysroot_get_runstate_path (OstreeDeployment *deployment, const char *key);
 
+gboolean _ostree_sysroot_run_in_deployment (int deployment_dfd, const gchar *const *child_argv,
+                                            gint *exit_status, gchar **stdout, GError **error);
+
 char *_ostree_sysroot_join_lines (GPtrArray *lines);
 
 gboolean _ostree_sysroot_ensure_boot_fd (OstreeSysroot *self, GError **error);