Issue #74: Create the initial chroot skeleton

bin/jchroot

@@ -0,0 +1,107 @@
+#!/bin/bash
+#
+# Copyright (c) 2012-2015
+#
+# This program is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Library General Public License as published
+# by the Free Software Foundation; either version 2, or (at your option)
+# any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+set -e
+
+################################ IMPORTS ##################################
+source "$(dirname $0)/../lib/util.sh"
+
+################################ MAIN FUNCTIONS ###########################
+
+chroot_add_mount() {
+  mount "$@" && CHROOT_ACTIVE_MOUNTS=("$2" "${CHROOT_ACTIVE_MOUNTS[@]}")
+}
+
+chroot_maybe_add_mount() {
+  local cond=$1; shift
+  if eval "$cond"; then
+    chroot_add_mount "$@"
+  fi
+}
+
+chroot_setup() {
+  CHROOT_ACTIVE_MOUNTS=()
+  [[ $(trap -p EXIT) ]] && die '(BUG): attempting to overwrite existing EXIT trap'
+  trap 'chroot_teardown' EXIT
+
+  #chroot_maybe_add_mount "! mountpoint -q '$1'" "$1" "$1" --bind &&
+  chroot_add_mount proc "$1/proc" -t proc -o nosuid,noexec,nodev &&
+  chroot_add_mount sys "$1/sys" -t sysfs -o nosuid,noexec,nodev,ro &&
+  chroot_add_mount udev "$1/dev" -t devtmpfs -o mode=0755,nosuid &&
+  chroot_add_mount devpts "$1/dev/pts" -t devpts -o mode=0620,gid=5,nosuid,noexec &&
+  chroot_add_mount shm "$1/dev/shm" -t tmpfs -o mode=1777,nosuid,nodev &&
+  chroot_add_mount run "$1/run" -t tmpfs -o nosuid,nodev,mode=0755 &&
+  chroot_add_mount tmp "$1/tmp" -t tmpfs -o mode=1777,strictatime,nodev,nosuid &&
+  mkdir -p "$1/$HOME" &&
+  chroot_add_mount $HOME "$1/$HOME" --bind
+}
+
+chroot_teardown() {
+  umount "${CHROOT_ACTIVE_MOUNTS[@]}"
+  unset CHROOT_ACTIVE_MOUNTS
+}
+
+usage() {
+  cat <<EOF
+usage: ${0##*/} chroot-dir [command]
+
+    -h             Print this help message
+
+If 'command' is unspecified, ${0##*/} will launch /bin/sh.
+
+EOF
+}
+
+chroot_add_resolv_conf() {
+  local chrootdir=$1 resolv_conf=$1/etc/resolv.conf
+
+  # Handle resolv.conf as a symlink to somewhere else.
+  if [[ -L $chrootdir/etc/resolv.conf ]]; then
+    # readlink(1) should always give us *something* since we know at this point
+    # it's a symlink. For simplicity, ignore the case of nested symlinks.
+    resolv_conf=$(readlink "$chrootdir/etc/resolv.conf")
+    if [[ $resolv_conf = /* ]]; then
+      resolv_conf=$chrootdir$resolv_conf
+    else
+      resolv_conf=$chrootdir/etc/$resolv_conf
+    fi
+
+    # ensure file exists to bind mount over
+    if [[ ! -f $resolv_conf ]]; then
+      install -Dm644 /dev/null "$resolv_conf" || return 1
+    fi
+  fi
+
+  chroot_add_mount /etc/resolv.conf "$resolv_conf" --bind
+}
+
+if [[ -z $1 || $1 = @(-h|--help) ]]; then
+  usage
+  exit $(( $# ? 0 : 1 ))
+fi
+
+(( EUID == 0 )) || die 'This script must be run with root privileges'
+chrootdir=$1
+shift
+
+[[ -d $chrootdir ]] || die "Can't create chroot on non-directory $chrootdir"
+
+chroot_setup "$chrootdir" || die "failed to setup chroot $chrootdir"
+chroot_add_resolv_conf "$chrootdir" || die "failed to setup resolv.conf"
+
+SHELL="/bin/sh" chroot "$chrootdir" "$@"