From 2423bf12f0fd23db7edf383a9cbe3351ba319b87 Mon Sep 17 00:00:00 2001 From: Tom Gundersen Date: Thu, 23 Jul 2020 20:09:23 +0100 Subject: [PATCH] stages: drop script stage The `script` and `test` stages should not be used in produciton, and their use should be discouraged in general. They may make sense for debugging, but should not be shipped. The test stage is still used by the boot tests, so leave that for now, and only drop the scripts stage. Signed-off-by: Tom Gundersen --- stages/org.osbuild.script | 58 --------------------------------------- 1 file changed, 58 deletions(-) delete mode 100755 stages/org.osbuild.script diff --git a/stages/org.osbuild.script b/stages/org.osbuild.script deleted file mode 100755 index 9eeab56b..00000000 --- a/stages/org.osbuild.script +++ /dev/null @@ -1,58 +0,0 @@ -#!/usr/bin/python3 -""" -Run an arbitrary script inside the target tree - -Runs an arbitrary script inside the target tree. - -Writes the contents of the `script` item to `/osbuild-script`, sets the -permissions of the script to 0550 (-r-xr-x---), then uses the host's `chroot` -binary to chroot into the tree and execute the script. The script is removed -after it completes. - -WARNING: running code inside the tree is unsafe, unreliable, and generally -discouraged. Using this stage may result in unexplained failures or other -undefined behavior, and should only be done as a last resort. - -NOTE: if `script` does not start with a line like '#!/bin/bash -', executing -it will fail with ENOEXEC. Some `chroot` binaries will try to run the script -through `/bin/sh` in that case, so it might still work, but that behavior is -not guaranteed. -""" - - -import atexit -import json -import os -import subprocess -import sys - -SCHEMA = """ -"additionalProperties": false, -"required": ["script"], -"properties": { - "script": { - "type": "string", - "description": "contents of the script file to be executed." - } -} -""" - -def main(tree, options): - script = options["script"] - - scriptfile = f"{tree}/osbuild-script" - - with open(scriptfile, "w") as f: - f.write(script) - - os.chmod(scriptfile, 0o550) - atexit.register(lambda: os.unlink(scriptfile)) - - return subprocess.run(["chroot", tree, "/osbuild-script"], check=False).returncode - - -if __name__ == '__main__': - args = json.load(sys.stdin) - r = main(args["tree"], args["options"]) - sys.exit(r)