particle-os/debian-forge
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

osbuild.py: use readonly bind mounts when possible

Browse source
This commit is contained in:
Lars Karlitski 2019-06-13 21:12:51 +02:00
parent 2dbd177b0f
commit 7ee6571640
1 changed files with 5 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

11
osbuild.py
View file

@ -78,13 +78,11 @@ class BuildRoot:
"input_dir": None
}
binds = [
robinds = [
(f"{libdir}/run-stage", "/tmp/run-stage"),
(f"{libdir}/stages/{stage}", "/tmp/stage"),
("/etc/pki", "/etc/pki")
]
robinds = []
if input_dir:
options["input_dir"] = "/tmp/input"
robinds.append((input_dir, "/tmp/input"))
@ -95,7 +93,7 @@ class BuildRoot:
argv.append("/tmp/stage")
try:
self.run(argv, binds=binds, readonly_binds=robinds, input=json.dumps(options), encoding="utf-8", check=True)
self.run(argv, readonly_binds=robinds, input=json.dumps(options), encoding="utf-8", check=True)
except subprocess.CalledProcessError as error:
raise StageFailed(stage, error.returncode)
@ -109,12 +107,13 @@ class BuildRoot:
"input_dir": None
}
binds = [
robinds = [
(f"{libdir}/run-stage", "/tmp/run-stage"),
(f"{libdir}/stages/{name}", "/tmp/stage"),
("/etc/pki", "/etc/pki")
]
binds = []
if output_dir:
options["output_dir"] = "/tmp/output"
binds.append((output_dir, "/tmp/output"))
@ -125,7 +124,7 @@ class BuildRoot:
argv.append("/tmp/stage")
try:
self.run(argv, binds=binds, input=json.dumps(options), encoding="utf-8", check=True)
self.run(argv, binds=binds, readonly_binds=robinds, input=json.dumps(options), encoding="utf-8", check=True)
except subprocess.CalledProcessError as error:
raise StageFailed(stage, error.returncode)