diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2022-02-17 15:35:36 +0100 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2022-02-17 15:35:36 +0100 |
commit | 433a8cf0d2f99b9b122d6fb8afd581e36dabe429 (patch) | |
tree | 576d6b160b8460bd75287975192c138ce79abd1f | |
parent | 82da13295e93983aaf2fe88766fa82243aa265aa (diff) | |
download | nixos-433a8cf0d2f99b9b122d6fb8afd581e36dabe429.tar nixos-433a8cf0d2f99b9b122d6fb8afd581e36dabe429.tar.gz nixos-433a8cf0d2f99b9b122d6fb8afd581e36dabe429.tar.bz2 nixos-433a8cf0d2f99b9b122d6fb8afd581e36dabe429.tar.xz nixos-433a8cf0d2f99b9b122d6fb8afd581e36dabe429.zip |
vidhar: ...
-rwxr-xr-x | hosts/vidhar/borg/copy.py | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/hosts/vidhar/borg/copy.py b/hosts/vidhar/borg/copy.py index 66846394..fa698029 100755 --- a/hosts/vidhar/borg/copy.py +++ b/hosts/vidhar/borg/copy.py | |||
@@ -96,8 +96,8 @@ def copy_archive(src_repo_path, dst_repo_path, entry): | |||
96 | # print('unshare/chroot', file=stderr) | 96 | # print('unshare/chroot', file=stderr) |
97 | uid, gid = os.getuid(), os.getgid() | 97 | uid, gid = os.getuid(), os.getgid() |
98 | unshare.unshare(unshare.CLONE_NEWNS | unshare.CLONE_NEWUSER) | 98 | unshare.unshare(unshare.CLONE_NEWNS | unshare.CLONE_NEWUSER) |
99 | # with open('/proc/self/setgroups', 'w') as setgroups: | 99 | with open('/proc/self/setgroups', 'w') as setgroups: |
100 | # setgroups.write('deny') | 100 | setgroups.write('deny') |
101 | # with open('/proc/self/uid_map', 'w') as uid_map: | 101 | # with open('/proc/self/uid_map', 'w') as uid_map: |
102 | # uid_map.write(f'0 {uid} 1') | 102 | # uid_map.write(f'0 {uid} 1') |
103 | # with open('/proc/self/gid_map', 'w') as gid_map: | 103 | # with open('/proc/self/gid_map', 'w') as gid_map: |
@@ -105,10 +105,10 @@ def copy_archive(src_repo_path, dst_repo_path, entry): | |||
105 | pyprctl.cap_permitted.sys_admin = True | 105 | pyprctl.cap_permitted.sys_admin = True |
106 | pyprctl.cap_inheritable.sys_admin = True | 106 | pyprctl.cap_inheritable.sys_admin = True |
107 | pyprctl.cap_ambient.sys_admin = True | 107 | pyprctl.cap_ambient.sys_admin = True |
108 | # with open('/proc/self/uid_map', 'w') as uid_map: | 108 | with open('/proc/self/uid_map', 'w') as uid_map: |
109 | # uid_map.write(f'{uid} {uid} 1') | 109 | uid_map.write(f'0 0 1\n{uid} {uid} 1') |
110 | # with open('/proc/self/gid_map', 'w') as gid_map: | 110 | with open('/proc/self/gid_map', 'w') as gid_map: |
111 | # gid_map.write(f'{gid} {gid} 1') | 111 | gid_map.write(f'0 0 1\n{gid} {gid} 1') |
112 | subprocess.run(['mount', '--make-rprivate', '/'], check=True) | 112 | subprocess.run(['mount', '--make-rprivate', '/'], check=True) |
113 | chroot = pathlib.Path(tmpdir) / 'chroot' | 113 | chroot = pathlib.Path(tmpdir) / 'chroot' |
114 | upper = pathlib.Path(tmpdir) / 'upper' | 114 | upper = pathlib.Path(tmpdir) / 'upper' |