diff options
-rwxr-xr-x | hosts/vidhar/borg/copy.py | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/hosts/vidhar/borg/copy.py b/hosts/vidhar/borg/copy.py index ab5e027d..1a415732 100755 --- a/hosts/vidhar/borg/copy.py +++ b/hosts/vidhar/borg/copy.py | |||
@@ -96,6 +96,12 @@ def copy_archive(src_repo_path, dst_repo_path, entry): | |||
96 | # print('unshare/chroot', file=stderr) | 96 | # print('unshare/chroot', file=stderr) |
97 | uid, gid = os.getuid(), os.getgid() | 97 | uid, gid = os.getuid(), os.getgid() |
98 | unshare.unshare(unshare.CLONE_NEWNS | unshare.CLONE_NEWUSER) | 98 | unshare.unshare(unshare.CLONE_NEWNS | unshare.CLONE_NEWUSER) |
99 | ps_effective = set(pyprctl.Cap.SETUID, pyprctl.Cap.SETGID) | ||
100 | ps_ambient = set(pyprctl.Cap.SYS_ADMIN) | ||
101 | pyprctl.cap_permitted.add(*(ps_effective + ps_ambient)) | ||
102 | pyprctl.cap_effective.add(*(ps_effective + ps_ambient)) | ||
103 | pyprctl.cap_inheritable.add(*ps_ambient) | ||
104 | pyprctl.cap_ambient.add(*ps_ambient) | ||
99 | with open('/proc/self/uid_map', 'r') as uid_map: | 105 | with open('/proc/self/uid_map', 'r') as uid_map: |
100 | print(uid_map.read(), file=stderr) | 106 | print(uid_map.read(), file=stderr) |
101 | with open('/proc/self/setgroups', 'w') as setgroups: | 107 | with open('/proc/self/setgroups', 'w') as setgroups: |
@@ -104,9 +110,6 @@ def copy_archive(src_repo_path, dst_repo_path, entry): | |||
104 | uid_map.write(f'0 0 4294967295') | 110 | uid_map.write(f'0 0 4294967295') |
105 | with open('/proc/self/gid_map', 'w') as gid_map: | 111 | with open('/proc/self/gid_map', 'w') as gid_map: |
106 | gid_map.write(f'0 0 4294967295') | 112 | gid_map.write(f'0 0 4294967295') |
107 | pyprctl.cap_permitted.sys_admin = True | ||
108 | pyprctl.cap_inheritable.sys_admin = True | ||
109 | pyprctl.cap_ambient.sys_admin = True | ||
110 | subprocess.run(['mount', '--make-rprivate', '/'], check=True) | 113 | subprocess.run(['mount', '--make-rprivate', '/'], check=True) |
111 | chroot = pathlib.Path(tmpdir) / 'chroot' | 114 | chroot = pathlib.Path(tmpdir) / 'chroot' |
112 | upper = pathlib.Path(tmpdir) / 'upper' | 115 | upper = pathlib.Path(tmpdir) / 'upper' |