Split out a hostexec module

cgwalters · cgwalters · commit 0bffcceec813 · 2023-12-04T16:48:10.000-05:00
We'll use this even in cases where we don't have the `install`
feature.

Signed-off-by: Colin Walters &lt;walters@verbum.org&gt;
diff --git a/lib/src/blockdev.rs b/lib/src/blockdev.rs
@@ -1,4 +1,4 @@
-use crate::install::run_in_host_mountns;
+use crate::hostexec::run_in_host_mountns;
 use crate::task::Task;
 use anyhow::{anyhow, Context, Result};
 use camino::Utf8Path;
diff --git a/lib/src/cli.rs b/lib/src/cli.rs
@@ -459,7 +459,7 @@ async fn run_from_opt(opt: Opt) -> Result<()> {
         Opt::InstallToFilesystem(opts) => crate::install::install_to_filesystem(opts).await,
         #[cfg(feature = "install")]
         Opt::ExecInHostMountNamespace(args) => {
-            crate::install::exec_in_host_mountns(args.as_slice())
+            crate::hostexec::exec_in_host_mountns(args.as_slice())
         }
         Opt::Status(opts) => super::status::status(opts).await,
         #[cfg(feature = "internal-testing-api")]
diff --git a/lib/src/hostexec.rs b/lib/src/hostexec.rs
@@ -0,0 +1,33 @@
+//! Run a command in the host mount namespace
+
+use std::os::fd::AsFd;
+use std::os::unix::process::CommandExt;
+use std::process::Command;
+
+use anyhow::{Context, Result};
+use camino::Utf8Path;
+use fn_error_context::context;
+
+/// Run a command in the host mount namespace
+pub(crate) fn run_in_host_mountns(cmd: &str) -> Command {
+    let mut c = Command::new("/proc/self/exe");
+    c.args(["exec-in-host-mount-namespace", cmd]);
+    c
+}
+
+#[context("Re-exec in host mountns")]
+pub(crate) fn exec_in_host_mountns(args: &[std::ffi::OsString]) -> Result<()> {
+    let (cmd, args) = args[1..]
+        .split_first()
+        .ok_or_else(|| anyhow::anyhow!("Missing command"))?;
+    let pid1mountns = std::fs::File::open("/proc/1/ns/mnt")?;
+    nix::sched::setns(pid1mountns.as_fd(), nix::sched::CloneFlags::CLONE_NEWNS).context("setns")?;
+    rustix::process::chdir("/")?;
+    // Work around supermin doing chroot() and not pivot_root
+    // https://github.com/libguestfs/supermin/blob/5230e2c3cd07e82bd6431e871e239f7056bf25ad/init/init.c#L288
+    if !Utf8Path::new("/usr").try_exists()? && Utf8Path::new("/root/usr").try_exists()? {
+        tracing::debug!("Using supermin workaround");
+        rustix::process::chroot("/root")?;
+    }
+    Err(Command::new(cmd).args(args).exec())?
+}
diff --git a/lib/src/install.rs b/lib/src/install.rs
@@ -11,8 +11,6 @@ mod baseline;
 use std::io::BufWriter;
 use std::io::Write;
 use std::os::fd::AsFd;
-use std::os::unix::process::CommandExt;
-use std::process::Command;
 use std::str::FromStr;
 use std::sync::Arc;
 
@@ -38,6 +36,7 @@ use serde::{Deserialize, Serialize};
 
 use self::baseline::InstallBlockDeviceOpts;
 use crate::containerenv::ContainerExecutionInfo;
+use crate::hostexec::run_in_host_mountns;
 use crate::task::Task;
 
 /// The default "stateroot" or "osname"; see https://github.com/ostreedev/ostree/issues/2794
@@ -663,30 +662,6 @@ fn copy_to_oci(
     Ok(dest_imageref)
 }
 
-/// Run a command in the host mount namespace
-pub(crate) fn run_in_host_mountns(cmd: &str) -> Command {
-    let mut c = Command::new("/proc/self/exe");
-    c.args(["exec-in-host-mount-namespace", cmd]);
-    c
-}
-
-#[context("Re-exec in host mountns")]
-pub(crate) fn exec_in_host_mountns(args: &[std::ffi::OsString]) -> Result<()> {
-    let (cmd, args) = args[1..]
-        .split_first()
-        .ok_or_else(|| anyhow::anyhow!("Missing command"))?;
-    let pid1mountns = std::fs::File::open("/proc/1/ns/mnt")?;
-    nix::sched::setns(pid1mountns.as_fd(), nix::sched::CloneFlags::CLONE_NEWNS).context("setns")?;
-    rustix::process::chdir("/")?;
-    // Work around supermin doing chroot() and not pivot_root
-    // https://github.com/libguestfs/supermin/blob/5230e2c3cd07e82bd6431e871e239f7056bf25ad/init/init.c#L288
-    if !Utf8Path::new("/usr").try_exists()? && Utf8Path::new("/root/usr").try_exists()? {
-        tracing::debug!("Using supermin workaround");
-        rustix::process::chroot("/root")?;
-    }
-    Err(Command::new(cmd).args(args).exec())?
-}
-
 #[context("Querying skopeo version")]
 fn skopeo_supports_containers_storage() -> Result<bool> {
     let o = run_in_host_mountns("skopeo").arg("--version").output()?;
diff --git a/lib/src/lib.rs b/lib/src/lib.rs
@@ -15,6 +15,7 @@
 
 pub mod cli;
 pub(crate) mod deploy;
+pub(crate) mod hostexec;
 mod lsm;
 mod reboot;
 mod reexec;
diff --git a/lib/src/podman.rs b/lib/src/podman.rs
@@ -1,7 +1,7 @@
 use anyhow::{anyhow, Result};
 use serde::Deserialize;
 
-use crate::install::run_in_host_mountns;
+use crate::hostexec::run_in_host_mountns;
 
 #[derive(Deserialize)]
 #[serde(rename_all = "PascalCase")]

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-use crate::install::run_in_host_mountns;`
	`1`	`+use crate::hostexec::run_in_host_mountns;`
`2`	`2`	`use crate::task::Task;`
`3`	`3`	`use anyhow::{anyhow, Context, Result};`
`4`	`4`	`use camino::Utf8Path;`
Original file line number	Diff line number	Diff line change
`@@ -459,7 +459,7 @@ async fn run_from_opt(opt: Opt) -> Result<()> {`
`459`	`459`	`Opt::InstallToFilesystem(opts) => crate::install::install_to_filesystem(opts).await,`
`460`	`460`	`#[cfg(feature = "install")]`
`461`	`461`	`Opt::ExecInHostMountNamespace(args) => {`
`462`		`- crate::install::exec_in_host_mountns(args.as_slice())`
	`462`	`+ crate::hostexec::exec_in_host_mountns(args.as_slice())`
`463`	`463`	`}`
`464`	`464`	`Opt::Status(opts) => super::status::status(opts).await,`
`465`	`465`	`#[cfg(feature = "internal-testing-api")]`