Kommentare zu: Running a script with unshared mount namespace http://www.piware.de/2012/12/running-a-script-with-unshared-mount-namespace/ addicted to Free Software Development Mon, 06 May 2013 01:32:04 +0000 hourly 1 http://wordpress.org/?v=3.3.2 Von: Martin Pitt: Running a script with unshared mount namespace - Bartle Doo http://www.piware.de/2012/12/running-a-script-with-unshared-mount-namespace/comment-page-1/#comment-9403 Martin Pitt: Running a script with unshared mount namespace - Bartle Doo Mon, 17 Dec 2012 04:18:17 +0000 http://www.piware.de/?p=794#comment-9403 [...] Planet Ubuntu GD Star [...] [...] Planet Ubuntu GD Star [...]

]]> Von: Anonymous http://www.piware.de/2012/12/running-a-script-with-unshared-mount-namespace/comment-page-1/#comment-9402 Anonymous Sun, 16 Dec 2012 20:43:05 +0000 http://www.piware.de/?p=794#comment-9402 @Jeff, Colin: Note that either the environment variable or argument approach requires you to trust the caller. Given that, what makes an environment variable preferred? @Jeff, Colin: Note that either the environment variable or argument approach requires you to trust the caller. Given that, what makes an environment variable preferred?

]]> Von: Colin Watson http://www.piware.de/2012/12/running-a-script-with-unshared-mount-namespace/comment-page-1/#comment-9398 Colin Watson Sun, 16 Dec 2012 10:53:59 +0000 http://www.piware.de/?p=794#comment-9398 I agree with Jeff (#5): use an environment variable and self-re-exec. See os-prober for an example of this. I agree with Jeff (#5): use an environment variable and self-re-exec. See os-prober for an example of this.

]]> Von: Jeff Epler http://www.piware.de/2012/12/running-a-script-with-unshared-mount-namespace/comment-page-1/#comment-9397 Jeff Epler Sun, 16 Dec 2012 03:15:53 +0000 http://www.piware.de/?p=794#comment-9397 #3 has the right idea, but it would be even better if you could use some kind of environmental test instead of an explicit commandline item. second best would be to communicate via the environment instead: exec env UNSHARED=yes unshare -m "$0" "$@". You can also pull this logic out to a script that is read via ".", so instead of a repeated stanza it's just . run-unshared-please if a qualified path if required. #3 has the right idea, but it would be even better if you could use some kind of environmental test instead of an explicit commandline item. second best would be to communicate via the environment instead: exec env UNSHARED=yes unshare -m “$0″ “$@”.

You can also pull this logic out to a script that is read via “.”, so instead of a repeated stanza it’s just
. run-unshared-please
if a qualified path if required.

]]> Von: Anonymous http://www.piware.de/2012/12/running-a-script-with-unshared-mount-namespace/comment-page-1/#comment-9396 Anonymous Sun, 16 Dec 2012 00:37:27 +0000 http://www.piware.de/?p=794#comment-9396 Assuming you trust the calling process, this seems slightly less ugly than tail and sh -c: #!/bin/sh if [ "$1" != "_unshared_" ]; then exec unshare -m "$0" _unshared_ "$@" else shift fi # rest of script Assuming you trust the calling process, this seems slightly less ugly than tail and sh -c:

#!/bin/sh
if [ "$1" != "_unshared_" ]; then
exec unshare -m “$0″ _unshared_ “$@”
else
shift
fi
# rest of script

]]> Von: dp http://www.piware.de/2012/12/running-a-script-with-unshared-mount-namespace/comment-page-1/#comment-9395 dp Sat, 15 Dec 2012 22:46:36 +0000 http://www.piware.de/?p=794#comment-9395 You can avoid the hard coding of the starting lines number using an hard coded comment, try replacing: tail -n +7 with sed -ne '/^# unshared program start/,$p' or for more flexibility awk '/^# unshared program start/,/# unshared program end/' You can avoid the hard coding of the starting lines number using
an hard coded comment, try replacing:
tail -n +7
with
sed -ne ‘/^# unshared program start/,$p’
or for more flexibility
awk ‘/^# unshared program start/,/# unshared program end/’

]]> Von: pitti http://www.piware.de/2012/12/running-a-script-with-unshared-mount-namespace/comment-page-1/#comment-9394 pitti Sat, 15 Dec 2012 21:08:14 +0000 http://www.piware.de/?p=794#comment-9394 Thanks, nice trick! The whole test suite of postgresql-common is perl, so it wouldn't matter at all for this. I just wish there would be a similar way with using /bin/sh. Thanks, nice trick! The whole test suite of postgresql-common is perl, so it wouldn’t matter at all for this. I just wish there would be a similar way with using /bin/sh.

]]> Von: Michael http://www.piware.de/2012/12/running-a-script-with-unshared-mount-namespace/comment-page-1/#comment-9393 Michael Sat, 15 Dec 2012 20:35:10 +0000 http://www.piware.de/?p=794#comment-9393 Would the following work? #!/usr/bin/perl -eexec 'unshare', '-uim', 'sh', @ARGV Would the following work?
#!/usr/bin/perl -eexec ‘unshare’, ‘-uim’, ‘sh’, @ARGV

]]>