From c4785f9cb3e42b29d0cc39198559976cacc07995 Mon Sep 17 00:00:00 2001 From: Luke Shumaker Date: Mon, 26 Nov 2012 01:48:37 -0500 Subject: mkarchroot: learn -N to disable networking in the chroot Also, fix quoting in chroot_run --- mkarchroot.in | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/mkarchroot.in b/mkarchroot.in index 022943e..308f5d3 100644 --- a/mkarchroot.in +++ b/mkarchroot.in @@ -15,6 +15,7 @@ CHROOT_VERSION='v2' FORCE='n' RUN='' NOCOPY='n' +NONETWORK='n' working_dir='' @@ -31,6 +32,7 @@ usage() { echo ' -M Location of a makepkg config file' echo ' -n Do not copy config files into the chroot' echo ' -c Set pacman cache' + echo ' -N Disable networking in the chroot' echo ' -h This message' exit 1 } @@ -44,6 +46,7 @@ while getopts 'r:ufnhC:M:c:' arg; do M) makepkg_conf="$OPTARG" ;; n) NOCOPY='y' ;; c) cache_dir="$OPTARG" ;; + N) NONETWORK='y' ;; h|?) usage 0 ;; *) error "invalid argument '${arg}'"; usage ;; esac @@ -190,9 +193,17 @@ chroot_run() { local dir=$1 shift if (( have_nspawn)); then - eval systemd-nspawn -D "${dir}" -- ${@} 2>/dev/null + local nspawn_args=(-D "$dir") + if [[ $NONETWORK = y ]]; then + nspawn_args+=(--private-network) + fi + eval systemd-nspawn "${nspawn_args[@]}" -- "${@}" 2>/dev/null else - eval unshare -mui -- chroot "${dir}" ${@} + local unshare_args=(-mui) + if [[ $NONETWORK = y ]]; then + unshare_args+=(-n) + fi + eval unshare "${unshare_args[@]}" -- chroot "${dir}" "${@}" fi } -- cgit v1.2.3-70-g09d2