| #!/bin/bash |
| |
| # Copyright (c) 2011 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| # Script to enter the chroot environment |
| |
| # --- BEGIN COMMON.SH BOILERPLATE --- |
| # Load common CrOS utilities. Inside the chroot this file is installed in |
| # /usr/lib/crosutils. Outside the chroot we find it relative to the script's |
| # location. |
| find_common_sh() { |
| local common_paths=(/usr/lib/crosutils $(dirname "$(readlink -f "$0")")) |
| local path |
| |
| SCRIPT_ROOT= |
| for path in "${common_paths[@]}"; do |
| if [ -r "${path}/common.sh" ]; then |
| SCRIPT_ROOT=${path} |
| break |
| fi |
| done |
| } |
| |
| find_common_sh |
| . "${SCRIPT_ROOT}/common.sh" || (echo "Unable to load common.sh" && exit 1) |
| # --- END COMMON.SH BOILERPLATE --- |
| |
| # Script must be run outside the chroot and as a regular user. |
| assert_outside_chroot |
| assert_not_root_user |
| |
| # Define command line flags |
| # See http://code.google.com/p/shflags/wiki/Documentation10x |
| DEFINE_string chroot "$DEFAULT_CHROOT_DIR" \ |
| "The destination dir for the chroot environment." "d" |
| DEFINE_string trunk "$GCLIENT_ROOT" \ |
| "The source trunk to bind mount within the chroot." "s" |
| DEFINE_string build_number "" \ |
| "The build-bot build number (when called by buildbot only)." "b" |
| DEFINE_string chrome_root "" \ |
| "The root of your chrome browser source. Should contain a 'src' subdir." |
| DEFINE_string chrome_root_mount "/home/$USER/chrome_root" \ |
| "The mount point of the chrome broswer source in the chroot." |
| |
| DEFINE_boolean git_config $FLAGS_TRUE \ |
| "Config git to work with your user/pass in the chroot." |
| DEFINE_boolean official_build $FLAGS_FALSE \ |
| "Set CHROMEOS_OFFICIAL=1 for release builds." |
| DEFINE_boolean mount $FLAGS_FALSE "Only set up mounts." |
| DEFINE_boolean unmount $FLAGS_FALSE "Only tear down mounts." |
| DEFINE_boolean ssh_agent $FLAGS_TRUE "Import ssh agent." |
| DEFINE_boolean verbose $FLAGS_FALSE "Print out actions taken" |
| |
| # More useful help |
| FLAGS_HELP="USAGE: $0 [flags] [VAR=value] [-- command [arg1] [arg2] ...] |
| |
| One or more VAR=value pairs can be specified to export variables into |
| the chroot environment. For example: |
| |
| $0 FOO=bar BAZ=bel |
| |
| If [-- command] is present, runs the command inside the chroot, |
| after changing directory to /$USER/trunk/src/scripts. Note that neither |
| the command nor args should include single quotes. For example: |
| |
| $0 -- ./build_platform_packages.sh |
| |
| Otherwise, provides an interactive shell. |
| " |
| |
| # Version of info from common.sh that only echos if --verbose is set. |
| function debug { |
| if [ $FLAGS_verbose -eq $FLAGS_TRUE ]; then |
| info "$*" |
| fi |
| } |
| |
| # Double up on the first '--' argument. Why? For enter_chroot, we want to |
| # emulate the behavior of sudo for setting environment vars. That is, we want: |
| # ./enter_chroot [flags] [VAR=val] [-- command] |
| # ...but shflags ends up eating the '--' out of the command line and gives |
| # us back "VAR=val" and "command" together in one chunk. By doubling up, we |
| # end up getting what we want back from shflags. |
| # |
| # Examples of how people might be using enter_chroot: |
| # 1. ./enter_chroot [chroot_flags] VAR1=val1 VAR2=val2 -- cmd arg1 arg2 |
| # Set env vars and run cmd w/ args |
| # 2. ./enter_chroot [chroot_flags] VAR1=val1 VAR2=val2 |
| # Set env vars and run shell |
| # 3. ./enter_chroot [chroot_flags] -- cmd arg1 arg2 |
| # Run cmd w/ args |
| # 4. ./enter_chroot [chroot_flags] VAR1=val1 VAR2=val2 cmd arg1 arg2 |
| # Like #1 _if_ args aren't flags (if they are, enter_chroot will claim them) |
| # 5. ./enter_chroot [chroot_flags] cmd arg1 arg2 |
| # Like #3 _if_ args aren't flags (if they are, enter_chroot will claim them) |
| _FLAGS_FIXED='' |
| _SAW_DASHDASH=0 |
| while [ $# -gt 0 ]; do |
| _FLAGS_FIXED="${_FLAGS_FIXED:+${_FLAGS_FIXED} }'$1'" |
| if [ $_SAW_DASHDASH -eq 0 ] && [[ "$1" == "--" ]]; then |
| _FLAGS_FIXED="${_FLAGS_FIXED:+${_FLAGS_FIXED} }'--'" |
| _SAW_DASHDASH=1 |
| fi |
| shift |
| done |
| eval set -- "${_FLAGS_FIXED}" |
| |
| |
| # Parse command line flags |
| FLAGS "$@" || exit 1 |
| eval set -- "${FLAGS_ARGV}" |
| |
| if [ $FLAGS_official_build -eq $FLAGS_TRUE ]; then |
| CHROMEOS_OFFICIAL=1 |
| fi |
| |
| # Only now can we die on error. shflags functions leak non-zero error codes, |
| # so will die prematurely if 'set -e' is specified before now. |
| # TODO: replace shflags with something less error-prone, or contribute a fix. |
| set -e |
| |
| INNER_CHROME_ROOT=$FLAGS_chrome_root_mount # inside chroot |
| CHROME_ROOT_CONFIG="/var/cache/chrome_root" # inside chroot |
| INNER_DEPOT_TOOLS_ROOT="/home/$USER/depot_tools" # inside chroot |
| FUSE_DEVICE="/dev/fuse" |
| AUTOMOUNT_PREF="/apps/nautilus/preferences/media_automount" |
| SAVED_AUTOMOUNT_PREF_FILE="/tmp/.automount_pref" |
| |
| sudo chmod 0777 "$FLAGS_chroot/var/lock" |
| |
| LOCKFILE="$FLAGS_chroot/var/lock/enter_chroot" |
| |
| |
| function ensure_mounted { |
| # If necessary, mount $source in the host FS at $target inside the |
| # chroot directory with $mount_args. |
| local source="$1" |
| local mount_args="$2" |
| local target="$3" |
| |
| local mounted_path="$(readlink -f "${FLAGS_chroot}/$target")" |
| |
| if [ -z "$(mount | grep -F "on ${mounted_path} ")" ]; then |
| # Attempt to make the mountpoint as the user. This depends on the |
| # fact that all mountpoints that should be owned by root are |
| # already present. |
| mkdir -p "${mounted_path}" |
| |
| # NB: mount_args deliberately left unquoted |
| debug mount ${mount_args} "${source}" "${mounted_path}" |
| sudo -- mount ${mount_args} "${source}" "${mounted_path}" || \ |
| die "Could not mount ${source} on ${mounted_path}" |
| fi |
| } |
| |
| function setup_env { |
| # Validate sudo timestamp before entering the critical section so that we |
| # don't stall for a password while we have the lockfile. |
| # Don't use sudo -v since that has issues on machines w/ no password. |
| sudo echo "" > /dev/null |
| |
| ( |
| flock 200 |
| echo $$ >> "$LOCKFILE" |
| |
| debug "Mounting chroot environment." |
| ensure_mounted none "-t proc" /proc |
| ensure_mounted none "-t sysfs" /sys |
| ensure_mounted /dev "--bind" /dev |
| ensure_mounted none "-t devpts" /dev/pts |
| ensure_mounted "${FLAGS_trunk}" "--bind" "${CHROOT_TRUNK_DIR}" |
| |
| if [ $FLAGS_ssh_agent -eq $FLAGS_TRUE ]; then |
| TARGET_DIR="$(readlink -f "${FLAGS_chroot}/home/${USER}/.ssh")" |
| if [ -n "${SSH_AUTH_SOCK}" -a -d "${HOME}/.ssh" ]; then |
| mkdir -p "${TARGET_DIR}" |
| cp -r "${HOME}/.ssh/known_hosts" "${TARGET_DIR}" |
| cp -r "${HOME}/.ssh/config" "${TARGET_DIR}" |
| ASOCK="$(dirname "${SSH_AUTH_SOCK}")" |
| ensure_mounted "${ASOCK}" "--bind" "${ASOCK}" |
| fi |
| fi |
| |
| MOUNTED_PATH="$(readlink -f "${FLAGS_chroot}${INNER_CHROME_ROOT}")" |
| if [ -z "$(mount | grep -F "on $MOUNTED_PATH ")" ]; then |
| ! CHROME_ROOT="$(readlink -f "$FLAGS_chrome_root")" |
| if [ -z "$CHROME_ROOT" ]; then |
| ! CHROME_ROOT="$(cat "${FLAGS_chroot}${CHROME_ROOT_CONFIG}" \ |
| 2>/dev/null)" |
| CHROME_ROOT_AUTO=1 |
| fi |
| if [[ ( -n "$CHROME_ROOT" ) ]]; then |
| if [[ ( ! -d "${CHROME_ROOT}/src" ) ]]; then |
| error "Not mounting chrome source" |
| sudo rm -f "${FLAGS_chroot}${CHROME_ROOT_CONFIG}" |
| if [[ ! "$CHROME_ROOT_AUTO" ]]; then |
| exit 1 |
| fi |
| else |
| debug "Mounting chrome source at: $INNER_CHROME_ROOT" |
| sudo bash -c "echo '$CHROME_ROOT' > \ |
| '${FLAGS_chroot}${CHROME_ROOT_CONFIG}'" |
| mkdir -p "$MOUNTED_PATH" |
| sudo mount --bind "$CHROME_ROOT" "$MOUNTED_PATH" || \ |
| die "Could not mount $MOUNTED_PATH" |
| fi |
| fi |
| fi |
| |
| MOUNTED_PATH="$(readlink -f "${FLAGS_chroot}${INNER_DEPOT_TOOLS_ROOT}")" |
| if [ -z "$(mount | grep -F "on $MOUNTED_PATH ")" ]; then |
| if [ $(which gclient 2>/dev/null) ]; then |
| debug "Mounting depot_tools" |
| DEPOT_TOOLS=$(dirname "$(which gclient)") |
| mkdir -p "$MOUNTED_PATH" |
| if ! sudo mount --bind "$DEPOT_TOOLS" "$MOUNTED_PATH"; then |
| warn "depot_tools failed to mount; perhaps it's on NFS?" |
| warn "This may impact chromium build." |
| fi |
| fi |
| fi |
| |
| # Install fuse module. |
| if [ -c "${FUSE_DEVICE}" ]; then |
| sudo modprobe fuse 2> /dev/null ||\ |
| warn "-- Note: modprobe fuse failed. gmergefs will not work" |
| fi |
| |
| # Turn off automounting of external media when we enter the |
| # chroot; thus we don't have to worry about being able to unmount |
| # from inside. |
| if [ $(which gconftool-2 2>/dev/null) ]; then |
| gconftool-2 -g ${AUTOMOUNT_PREF} > \ |
| "${FLAGS_chroot}${SAVED_AUTOMOUNT_PREF_FILE}" |
| if [ $(gconftool-2 -s --type=boolean ${AUTOMOUNT_PREF} false) ]; then |
| warn "-- Note: USB sticks may be automounted by your host OS." |
| warn "-- Note: If you plan to burn bootable media, you may need to" |
| warn "-- Note: unmount these devices manually, or run image_to_usb.sh" |
| warn "-- Note: outside the chroot." |
| fi |
| fi |
| |
| ) 200>>"$LOCKFILE" || die "setup_env failed" |
| } |
| |
| function teardown_env { |
| # Validate sudo timestamp before entering the critical section so that we |
| # don't stall for a password while we have the lockfile. |
| # Don't use sudo -v since that has issues on machines w/ no password. |
| sudo echo "" > /dev/null |
| |
| # Only teardown if we're the last enter_chroot to die |
| ( |
| flock 200 |
| |
| # check each pid in $LOCKFILE to see if it's died unexpectedly |
| TMP_LOCKFILE="$LOCKFILE.tmp" |
| |
| echo -n > "$TMP_LOCKFILE" # Erase/reset temp file |
| cat "$LOCKFILE" | while read PID; do |
| if [ "$PID" = "$$" ]; then |
| # ourself, leave PROC_NAME empty |
| PROC_NAME="" |
| else |
| PROC_NAME=$(ps --pid $PID -o comm=) |
| fi |
| |
| if [ ! -z "$PROC_NAME" ]; then |
| # All good, keep going |
| echo "$PID" >> "$TMP_LOCKFILE" |
| fi |
| done |
| # Remove any dups from lock file while installing new one |
| sort -n "$TMP_LOCKFILE" | uniq > "$LOCKFILE" |
| |
| if [ $(which gconftool-2 2>/dev/null) ]; then |
| SAVED_PREF=$(cat "${FLAGS_chroot}${SAVED_AUTOMOUNT_PREF_FILE}") |
| gconftool-2 -s --type=boolean ${AUTOMOUNT_PREF} ${SAVED_PREF} || \ |
| warn "could not re-set your automount preference." |
| fi |
| |
| if [ -s "$LOCKFILE" ]; then |
| debug "At least one other pid is running in the chroot, so not" |
| debug "tearing down env." |
| else |
| MOUNTED_PATH=$(readlink -f "$FLAGS_chroot") |
| debug "Unmounting chroot environment." |
| # sort the list of mounts in reverse order, to ensure umount of |
| # cascading mounts in proper order |
| for i in \ |
| $(mount | grep -F "on $MOUNTED_PATH/" | sort -r | awk '{print $3}'); do |
| safe_umount "$i" |
| done |
| fi |
| ) 200>>"$LOCKFILE" || die "teardown_env failed" |
| } |
| |
| # This function does extra "fixups" of the chroot. It's a lot like |
| # chroot_hacks_from_outside() in common.sh, except that it is only called |
| # from enter_chroot.sh (chroot_hacks_from_outside is also called from |
| # make_chroot.sh). This function was created because common.sh is on lockdown |
| # and can't be changed. |
| # |
| # NOTE: the need for this type of "fixup" should be going away. If everything |
| # in the chroot is versioned and nothing is generated, there is no need to |
| # handle partly fixing up generated files. |
| # |
| # Please put date information so it's easy to keep track of when |
| # old hacks can be retired and so that people can detect when a |
| # hack triggered when it shouldn't have. |
| function chroot_hacks_too() { |
| local chroot_home="${FLAGS_chroot}/home/${USER}" |
| |
| # Add chromite stuff if not already done. |
| if ! grep -q "^PATH=.*/trunk/chromite/bin" "${chroot_home}/.bashrc"; then |
| info "Upgrading old chroot (pre 2011-02-09) - adding chromite to path" |
| echo "PATH=\$PATH:/home/${USER}/trunk/chromite/bin" >> \ |
| "${chroot_home}/.bashrc" |
| fi |
| if ! [ -L "${chroot_home}/.local/lib/python2.6/site-packages/chromite" ]; then |
| info "Upgrading old chroot (pre 2011-02-09) - add chromite to site-packages" |
| mkdir -p "${chroot_home}/.local/lib/python2.6/site-packages" |
| ln -s ../../../../trunk/chromite \ |
| "${chroot_home}/.local/lib/python2.6/site-packages/" |
| fi |
| } |
| |
| |
| if [ $FLAGS_mount -eq $FLAGS_TRUE ]; then |
| setup_env |
| info "Make sure you run" |
| info " $0 --unmount" |
| info "before deleting $FLAGS_chroot" |
| info "or you'll end up deleting $FLAGS_trunk too!" |
| exit 0 |
| fi |
| |
| if [ $FLAGS_unmount -eq $FLAGS_TRUE ]; then |
| teardown_env |
| exit 0 |
| fi |
| |
| # Apply any hacks needed to update the chroot. |
| chroot_hacks_from_outside "${FLAGS_chroot}" |
| chroot_hacks_too |
| |
| |
| # Make sure we unmount before exiting |
| trap teardown_env EXIT |
| setup_env |
| |
| CHROOT_PASSTHRU="BUILDBOT_BUILD=$FLAGS_build_number CHROMEOS_OFFICIAL=$CHROMEOS_OFFICIAL" |
| CHROOT_PASSTHRU="${CHROOT_PASSTHRU} \ |
| CHROMEOS_RELEASE_APPID=${CHROMEOS_RELEASE_APPID:-"{DEV-BUILD}"}" |
| |
| if [ -d "$HOME/.subversion" ]; then |
| TARGET="/home/${USER}/.subversion" |
| mkdir -p "${FLAGS_chroot}${TARGET}" |
| ensure_mounted "${HOME}/.subversion" "--bind" "${TARGET}" |
| fi |
| |
| # Configure committer username and email in chroot .gitconfig |
| if [ $FLAGS_git_config -eq $FLAGS_TRUE ]; then |
| git config -f ${FLAGS_chroot}/home/${USER}/.gitconfig --replace-all \ |
| user.name "$(cd /tmp; git var GIT_COMMITTER_IDENT | sed -e 's/ *<.*//')" |
| git config -f ${FLAGS_chroot}/home/${USER}/.gitconfig --replace-all \ |
| user.email "$(cd /tmp; git var GIT_COMMITTER_IDENT | \ |
| sed -e 's/.*<\([^>]*\)>.*/\1/')" |
| fi |
| |
| # Run command or interactive shell. Also include the non-chrooted path to |
| # the source trunk for scripts that may need to print it (e.g. |
| # build_image.sh). |
| sudo -- chroot "$FLAGS_chroot" sudo -i -u $USER $CHROOT_PASSTHRU \ |
| EXTERNAL_TRUNK_PATH="${FLAGS_trunk}" LANG=C SSH_AGENT_PID="${SSH_AGENT_PID}" \ |
| SSH_AUTH_SOCK="${SSH_AUTH_SOCK}" "$@" |
| |
| # Remove trap and explicitly unmount |
| trap - EXIT |
| teardown_env |