objectstore: only bind-mount /usr for host trees
The only thing we should ever need from the host is `/usr`. Therefore instead of bind-mounting the entirety that is `/`, just bind-mount `/usr`.
This commit is contained in:
Christian Kellner
Tom Gundersen
parent
d2c4888843
commit
2b4e913e1e
1 changed files with 7 additions and 1 deletions
|
|
@ -254,7 +254,13 @@ class HostTree:
|
||||||
@contextlib.contextmanager
|
@contextlib.contextmanager
|
||||||
def read(self):
|
def read(self):
|
||||||
with self.store.tempdir() as tmp:
|
with self.store.tempdir() as tmp:
|
||||||
mount("/", tmp)
|
# Create a bare bones root file system
|
||||||
|
# with just /usr mounted from the host
|
||||||
|
usr = os.path.join(tmp, "usr")
|
||||||
|
os.makedirs(usr)
|
||||||
|
|
||||||
|
mount(tmp, tmp) # ensure / is read-only
|
||||||
|
mount("/usr", usr)
|
||||||
try:
|
try:
|
||||||
yield tmp
|
yield tmp
|
||||||
finally:
|
finally:
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue