Chillcraft/ChillcraftOS
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use capsh to ensure file capabilities aren't set

Browse Source
This commit is contained in:
Serge Schneider
2016-11-14 23:55:45 +00:00
parent db10424a9b
commit c4fb032d3b
12 changed files with 20 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
build.sh
View File

@@ -7,7 +7,7 @@ run_sub_stage()
for i in {00..99}; do
if [ -f ${i}-debconf ]; then
log "Begin ${SUB_STAGE_DIR}/${i}-debconf"
on_chroot sh -e - << EOF
on_chroot << EOF
debconf-set-selections <<SELEOF
`cat ${i}-debconf`
SELEOF
@@ -18,7 +18,7 @@ EOF
log "Begin ${SUB_STAGE_DIR}/${i}-packages-nr"
PACKAGES="$(sed -f "${SCRIPT_DIR}/remove-comments.sed" < ${i}-packages-nr)"
if [ -n "$PACKAGES" ]; then
on_chroot sh -e - << EOF
on_chroot << EOF
apt-get install --no-install-recommends -y $PACKAGES
EOF
fi
@@ -28,7 +28,7 @@ EOF
log "Begin ${SUB_STAGE_DIR}/${i}-packages"
PACKAGES="$(sed -f "${SCRIPT_DIR}/remove-comments.sed" < ${i}-packages)"
if [ -n "$PACKAGES" ]; then
on_chroot sh -e - << EOF
on_chroot << EOF
apt-get install -y $PACKAGES
EOF
fi
@@ -69,7 +69,7 @@ EOF
fi
if [ -f ${i}-run-chroot ]; then
log "Begin ${SUB_STAGE_DIR}/${i}-run-chroot"
on_chroot sh -e - < ${i}-run-chroot
on_chroot < ${i}-run-chroot
log "End ${SUB_STAGE_DIR}/${i}-run-chroot"
fi
done