[elbe-devel] [PATCH 3/3] elbepack: shellhelper: make chroot() more robust

[Thomas Weißschuh]

Concatenation of shell commands is fragile.
In the case of chroot() the chroot would only apply to the first
command, not any others or any redirections.

This is surprising and breaks isolation.

Use non-shell mode of do() to properly call chroot.

As a manifestation of this bug consider the following entry in a source
XML:

    <raw_cmd>cat /etc/machine-id; cat /etc/machine-id</raw_cmd>

Before this patch, the second "cat" is executed in the initvm:

    [CMD] chroot /var/cache/elbe/018f15df-0bec-788c-8c93-344e2ccce448/target cat /etc/machine-id; cat /etc/machine-id
    fcc7eb7e95e14e699a51f872ee5be416
    02ebe8744b9a4140aca34752cb78387c

With this patch everything works as expected:

    [CMD] chroot /var/cache/elbe/018f15db-7d2b-72b6-b61e-0c5eb82faf6a/target /bin/sh -c 'cat /etc/machine-id; cat /etc/machine-id'
    56c91b574a3540219094e2f755437cb0
    56c91b574a3540219094e2f755437cb0

Signed-off-by: Thomas Weißschuh <thomas.weissschuh at linutronix.de>
---
 elbepack/shellhelper.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/elbepack/shellhelper.py b/elbepack/shellhelper.py
index cda394c34470..d998e7c62ac4 100644
--- a/elbepack/shellhelper.py
+++ b/elbepack/shellhelper.py
@@ -105,7 +105,11 @@ def chroot(directory, cmd, env_add=None, **kwargs):
                'LC_ALL': 'C'}
     if env_add:
         new_env.update(env_add)
-    do(f'chroot {directory} {cmd}', env_add=new_env, **kwargs)
+
+    if _is_shell_cmd(cmd):
+        do(['chroot', directory, '/bin/sh', '-c', cmd], env_add=new_env, **kwargs)
+    else:
+        do(['chroot', directory] + cmd, env_add=new_env, **kwargs)
 
 
 def get_command_out(cmd, stdin=None, allow_fail=False, env_add=None):

-- 
2.44.0