commit add9976e45a998ebb049ab479c4c6ddc09f39ccc
author Mike Frysinger <vapier@chromium.org> Thu Mar 27 13:17:58 2014 -0400
committer chrome-internal-fetch <chrome-internal-fetch@google.com> Fri Mar 28 00:00:07 2014 +0000
tree ce8aa091ad44068f983f3032ddffa49ce2d2b96c
parent 81dd31ec6c34e2fdedb76c4e4780deb7793435a6

enter_chroot: bind mount ~/.ssh/known_hosts

We want to keep known_hosts in sync inside/outside of the chroot so
people are not surprised when things change randomly.

BUG=chromium:355430
TEST=`cros_sdk` mounts known_hosts inside the chroot

Change-Id: Ia920cc2f3e1da070a349007f37b5f04fa5f847ac
Reviewed-on: https://chromium-review.googlesource.com/191880
Reviewed-by: Grant Grundler <grundler@chromium.org>
Reviewed-by: David James <davidjames@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
Reviewed-by: Yu-Ju Hong <yjhong@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>

sdk_lib/enter_chroot.sh

diff --git a/sdk_lib/enter_chroot.sh b/sdk_lib/enter_chroot.sh
index 3cab7e4..a099b34 100755
--- a/sdk_lib/enter_chroot.sh
+++ b/sdk_lib/enter_chroot.sh
@@ -115,7 +115,11 @@
     # Already mounted!
     ;;
   *)
-    mkdir -p "${mounted_path}"
+    # If it doesn't exist, assume they want a dir.  But don't blindly run
+    # it all the time in case they're trying to bind mount a file.
+    if [[ ! -e ${mounted_path} ]]; then
+      mkdir -p "${mounted_path}"
+    fi
     # The args are left unquoted on purpose.
     if [[ -n ${source} ]]; then
       mount ${mount_args} "${source}" "${mounted_path}"
@@ -331,13 +335,20 @@
       rmdir "${FLAGS_chroot}"/tmp/ssh-* 2>/dev/null
 
       if [ -n "${SSH_AUTH_SOCK}" -a -d "${SUDO_HOME}/.ssh" ]; then
-        TARGET_DIR="${FLAGS_chroot}/home/${SUDO_USER}/.ssh"
+        local target_ssh="/home/${SUDO_USER}/.ssh"
+        TARGET_DIR="${FLAGS_chroot}${target_ssh}"
         user_mkdir "${TARGET_DIR}"
+
+        local known_hosts="${SUDO_HOME}/.ssh/known_hosts"
+        if [[ -e ${known_hosts} ]]; then
+          truncate -s 0 "${TARGET_DIR}/known_hosts"
+          setup_mount "${known_hosts}" --bind "${target_ssh}/known_hosts"
+        fi
         (
-          # Only copy ~/.ssh/{known_hosts,*.pub} if they exist. Since we set
+          # Only copy ~/.ssh/*.pub if they exist. Since we set
           # nullglob, this needs to happen within a subshell.
           shopt -s nullglob
-          files=("${SUDO_HOME}"/.ssh/{known_hosts,*.pub})
+          files=("${SUDO_HOME}"/.ssh/*.pub)
           if [[ ${#files[@]} -gt 0 ]]; then
             user_cp "${files[@]}" "${TARGET_DIR}/"
           fi