Temporarily clear noexec flag on /var if set

The "emerge" process sometimes copies files to /var/tmp and then run it. Recent changes to images set the "noexec" flag on /var, thus preventing such activities. Temporarily clear this flag from within cros_package_to_live. BUG=none TEST=Manually set noexec on /var and run cros_package_to_live Review URL: http://codereview.chromium.org/3739001
2026-02-03 23:02:21 +01:00 · 2010-10-12 14:25:02 -07:00 · 2010-10-12 14:25:02 -07:00 · e45157fe07
commit e45157fe07
parent e695541bc6
1 changed files with 14 additions and 3 deletions
--- a/bin/cros_package_to_live
+++ b/bin/cros_package_to_live
@ -33,9 +33,12 @@ FLAGS "$@" || exit 1
 TMP=$(mktemp -d /tmp/cros_package_to_live.XXXX)

 function cleanup {
-    if [ "${mount_type}" = ro ]; then
+    if [ "${root_mount_type}" = ro ]; then
        remote_sh "mount -o remount,ro /" || /bin/true
    fi
+    if [ "${var_mount_noexec}" = yes ]; then
+        remote_sh "mount -o remount,noexec /var" || /bin/true
+    fi
    cleanup_remote_access
    rm -rf "${TMP}"
 }
@ -65,13 +68,21 @@ fi

 PKGROOT="${FLAGS_build_root}/${FLAGS_board}/packages"

+# Temporarily clear read-only flag on / if it is set
 remote_sh "grep '\S* / ' /proc/mounts | tail -1 | awk '{ print \$4 }' |
           cut -d, -f1"
-mount_type=$REMOTE_OUT
-if [ "${mount_type}" = ro ]; then
+root_mount_type=${REMOTE_OUT}
+if [ "${root_mount_type}" = ro ]; then
    remote_sh "mount -o remount,rw /"
 fi

+# Temporarily clear noexec flag on /var if it is set
+remote_sh "grep '\S* /var ' /proc/mounts | tail -1 | awk '{ print \$4 }'"
+if expr "${REMOTE_OUT}" : '.*noexec' >/dev/null; then
+    var_mount_noexec=yes
+    remote_sh "mount -o remount,exec /var"
+fi
+
 for pkg in $@; do
    latest_pkg=$(ls -tr $PKGROOT/*/${pkg}-[0-9]* | tail -1)
    if [ -z "${latest_pkg}" ]; then