Commit graph

339 commits

Author SHA1 Message Date
Debarshi Ray
2aded000ec Avoid using a Bash-ism (ie. [[...]) for prefix matching 2019-02-11 18:32:33 +00:00
Debarshi Ray
1c18fa6d4f Avoid a Bash-ism (ie. [[...]) and stick to POSIX (ie. [...])
Fallout from 66e982af72
2019-02-11 18:08:29 +00:00
Debarshi Ray
2b6faa26f9 Prepare 0.0.5 2019-02-11 14:17:47 +00:00
Daniel J Walsh
4a2a15f2eb Give access to mounts under $HOME, and make autofs work 2019-01-28 11:45:25 +01:00
Debarshi Ray
4ff281b5ed Show a spinner while creating the toolbox image using buildah 2019-01-28 11:45:25 +01:00
Debarshi Ray
00eeeae6c4 Show a spinner while configuring the working container using buildah 2019-01-28 11:45:25 +01:00
Debarshi Ray
f10d8e7495 Split out the code to configure the working directory
A subsequent commit will leverage this to show a spinner.
2019-01-28 11:45:25 +01:00
Debarshi Ray
f976ba0fc3 Style fixes 2019-01-28 11:45:25 +01:00
Debarshi Ray
e32a8d3d03 Show a spinner while creating the toolbox container using podman 2019-01-28 11:45:25 +01:00
Debarshi Ray
6f22c0bf98 Show a spinner while pulling an image from the registry using buildah 2019-01-28 11:45:25 +01:00
Debarshi Ray
c155acbc15 Add a spinner framework
It's disabled when --verbose is used to avoid racing with buildah and
podman's progress bars.
2019-01-28 11:45:25 +01:00
Colin Walters
c047659c1d README.md: Rework in various ways
- OSTree systems aren't fully immutable, you *can* install things
   we just discourage it
 - fedora-toolbox can (and should!) be used on non-OSTree based
   systems as well

https://github.com/debarshiray/fedora-toolbox/pull/43
2019-01-26 13:09:54 +01:00
Debarshi Ray
093002d8a4 README.md: Remove trailing newline 2019-01-21 17:07:43 +01:00
Debarshi Ray
8c3ce3b386 README.md: Tweak
Simplify the prompt. Most people are going to use the Fedora package.
Hence, the prompt doesn't need to reflect the fedora-toolbox Git tree
as the current directory.
2019-01-21 17:07:02 +01:00
Debarshi Ray
cd30c869c8 Prepare 0.0.4 2019-01-21 15:29:43 +01:00
Debarshi Ray
ed14389150 Avoid a Bash-ism (ie. ==) and stick to POSIX (ie. =)
Fallout from 66e982af72
2019-01-16 20:08:41 +01:00
Owen W. Taylor
66e982af72 Set up $HOME and /home to match the host
Silverblue, and rpm-ostree more generally are moving to
HOME=/var/home/$USER and make the /home symlink just a compatibility
feature. See:

 https://github.com/projectatomic/rpm-ostree/pull/1726

Matching what the host does will reduce weird side-effects. Propagate
$HOME into the container to avoid mismatches in /etc/default/useradd,
and if the host has /home as a symlink to /var/home, do the same for
the toolbox.

https://github.com/debarshiray/fedora-toolbox/pull/34
2019-01-16 19:14:59 +01:00
Debarshi Ray
47614b980c Avoid spooky root-like behaviour for non-root interactive shells
Currently, the non-root interactive shells were being spawned with a
full set of capabilities. This led to unexpected root-like behaviour
for non-root users. All capability sets, except the Permitted (or
CapBnd) set, should be cleared to match the usual state of a host
interactive shell for non-root users.

It doesn't look like podman offers a way to forward CapBnd from the
host without touching the other sets. If '--privileged' is used with
'podman create', then it forwards CapBnd but also initializes the
others to have a full set of capabilities. If it's not used, then it
doesn't touch anything other than CapBnd, but only forwards a subset
of the host's CapBnd, which means that using sudo to attain elevated
privileges inside the toolbox won't give the full set of capabilities
as on the host.

It might be so that having a smaller CapBnd actually doesn't matter.
However, until that's proven true, it's safer to insist on having
'--privileged' forward the full set, and then clear up the other sets
on our own.

https://github.com/debarshiray/fedora-toolbox/issues/16
2019-01-15 13:42:10 +01:00
Debarshi Ray
ca41e387d7 Give access to the FUSE kernel module
https://github.com/debarshiray/fedora-toolbox/issues/15
2019-01-11 16:02:01 +01:00
Debarshi Ray
4873850da2 Separate fedora-toolbox debug output from those originating elsewhere 2019-01-11 15:01:43 +01:00
Debarshi Ray
1f9007cc2c Replace tabs with spaces 2019-01-11 15:00:21 +01:00
Debarshi Ray
b71609580b Improve the readability of the debug output
... by annotating the different stages of activity. This makes it
easier to understand the rest of the spew coming from buildah and
podman.

https://github.com/debarshiray/fedora-toolbox/issues/31
2019-01-11 14:52:24 +01:00
Mildred Ki'Lya
e2315f183e Try to enter the same directory inside the toolbox
The intermediate /bin/sh process will reset the values of PS1 and PWD.
Therefore, it's necessary to pass those as arguments to the script.

https://github.com/debarshiray/fedora-toolbox/issues/20
2019-01-10 17:14:43 +00:00
Debarshi Ray
d7ec66c8ab Prepare 0.0.3 2019-01-04 12:41:43 +00:00
Debarshi Ray
0ed1be57e4 Update copyright notices 2019-01-04 12:37:52 +00:00
Debarshi Ray
62e20f9df3 Clean up the Buildah working containers on error
Working containers are removed with 'buildah rm', while 'buildah rmi'
is for images.
2019-01-03 13:00:43 +00:00
Milos Vyletel
c713908e8b Unbreak creating the toolbox if the toolbox image already exists
Fallout from cc0caef627

https://github.com/debarshiray/fedora-toolbox/issues/19
2019-01-02 17:36:02 +01:00
Debarshi Ray
dd4394c32c README.md: Tweak
There's a build system and various Fedora packages now. Therefore, most
people don't need to run the script from the Git tree.
2018-11-12 15:11:33 +00:00
Debarshi Ray
cfefaf368a Prepare 0.0.2 2018-11-12 14:49:04 +00:00
Debarshi Ray
606c2da224 Don't fallback to /bin/bash when exiting with a failure return code
If the last command that was run interactively inside the toolbox
container had returned with a non-zero return code, then exiting the
toolbox would trigger the fallback to /bin/bash, just like it would
happen if $SHELL was missing from the toolbox. This is because
'podman exec ...' relays the return code of the last command.

Therefore, don't rely on the return code of 'podman exec ...' and check
the availability of $SHELL upfront. This does leave it vulnerable to
races caused by the availability of $SHELL changing between the check
and the actual attempt to use it. However, file I/O is inherently racy,
and this is better than a spurious fallback.

Keep the name of the default interactive shell localized to 'enter' by
using a subshell because 'local' is not mandated by POSIX.
2018-11-12 15:33:04 +01:00
Debarshi Ray
be719eac89 Hide the error output from sed(1) unless --verbose is used
It's unlikely that sed(1) will generate any error output, but still
it's good to handle it for the sake of completeness.
2018-11-09 12:30:15 +00:00
Debarshi Ray
cc0caef627 Give access to the system D-Bus instance
It bind mounts $DBUS_SYSTEM_BUS_ADDRESS, if present, and sets the
DBUS_SYSTEM_BUS_ADDRESS environment variable inside the toolbox.
Otherwise, it defaults to "unix:path=/var/run/dbus/system_bus_socket"
as defined in the D-Bus specification [1].

[1] https://dbus.freedesktop.org/doc/dbus-specification.html
2018-11-09 12:27:40 +00:00
Debarshi Ray
9b9cdf2179 Don't assume the value of XDG_RUNTIME_DIR in the error message 2018-11-09 10:58:18 +00:00
Debarshi Ray
02f9650b5f Split out the code to check for an integer 2018-11-08 13:37:57 +00:00
Debarshi Ray
fdc00a2778 Make shm_open work
Rootless podman shuld mount a tmpfs at /dev/shm by default. Until that
happens, it's worked around by explicitly specifying the mount point.
Also, the --shm-size flag isn't working with rootless podman [1], so
--tmpfs is used instead.

It tries to mimic the in-kernel tmpfs default [2] of using half the
amount of total RAM. If for some reason /proc/meminfo can't be parsed,
it falls back to using podman's default of 65536k for tmpfs. It's not
clear whether podman uses kibibytes or kilobytes for 'k'. The former
was picked here for consistency.

[1] https://github.com/containers/libpod/issues/1770
[2] https://www.kernel.org/doc/Documentation/filesystems/tmpfs.txt

https://github.com/debarshiray/fedora-toolbox/issues/9
2018-11-08 13:37:57 +00:00
Debarshi Ray
cf2347fe56 Allow an 'F' or 'f' prefix when specifying the release
This means that one can now use 'F30' or 'f30' in addition to '30' with
the --release flag.
2018-10-26 14:07:33 +02:00
Debarshi Ray
74bf0e4eb7 Avoid a Bash-ism (ie. ==) and stick to POSIX (ie. =) 2018-10-26 11:41:30 +00:00
Debarshi Ray
912f3000a9 Fallback to /bin/bash if $SHELL doesn't exist in the toolbox container
It's the user's responsibility to install any non-default shell inside
the toolbox container.

NB: /bin/bash is the default shell according to /etc/default/useradd.
2018-10-26 11:24:46 +02:00
Debarshi Ray
48ddba6306 Use the $SHELL from the host when customizing the toolbox image
... instead of relying on the defaults from /etc/default/useradd.
2018-10-26 11:24:46 +02:00
Debarshi Ray
beadcec0da README.md: Tweak
Titles are sweeter when they are shorter.
2018-10-25 17:27:29 +02:00
Debarshi Ray
e5b2800dd3 Prepare 0.0.1 2018-10-19 19:25:13 +02:00
Debarshi Ray
6b5a9710c2 Rename LICENSE as COPYING
No need to do away with this particular tradition. :)
2018-10-19 18:24:23 +02:00
Debarshi Ray
44c44566b9 Add a Meson-based build system for ease of distribution 2018-10-19 17:45:31 +02:00
Debarshi Ray
93bde90c24 README.md: Remove the step about building the base fedora-toolbox image
The base fedora-toolbox images for Fedoras 28, 29 and 30 are now
available from registry.fedoraproject.org. Hence it's no longer
mandatory to build them locally. If they are built locally, then the
local images will be preferred over the ones from the registry.

https://pagure.io/releng/issue/7874
2018-10-19 16:53:02 +02:00
Debarshi Ray
c95a4c1e85 Give access to the GPUs for OpenGL and Vulkan
This makes the "OpenGL Area" example in gtk3-demo that uses GtkGLArea
work.
2018-10-17 17:08:21 +02:00
Debarshi Ray
31de3ff96f Allow having multiple toolbox images from the same base image
This adds an --image flag that overrides the default name of the
customized toolbox image from which the toolbox container is created.
2018-10-16 19:35:34 +02:00
Debarshi Ray
ef05b5c7c1 Reformat the --help output to fit narrower terminals
Hard coding 'fedora-toolbox' instead of $0 was necessary to get a
pleasant layout while keeping the code simple. It's not a big deal
because once there's a build system in place most people will type
'fedora-toolbox', instead of the full path to the script.
2018-10-16 19:21:46 +02:00
Debarshi Ray
5739d4b2a9 Allow having multiple toolbox containers from the same image
This adds a --container flag that overrides the default name of the
toolbox container.
2018-10-16 19:07:41 +02:00
Debarshi Ray
80f25c6924 Allow decoupling the toolbox's OS version from the host's
This adds a --release flag that overrides the VERSION_ID value read
from the host's /etc/os-release when creating and entering toolboxes.
2018-10-15 19:24:12 +02:00
Debarshi Ray
f3eab6afca Refactor common code into a function 2018-10-15 17:05:49 +02:00