[packages/rpm-build-tools/netns-with-lo-addr] no-net: initial script

Mon Oct 27 15:31:53 CET 2025

commit ef4847ca86eee8a77981df7c92560a40895c0b8c
Author: Jan Palus <atler at pld-linux.org>
Date:   Mon Oct 27 15:29:37 2025 +0100

    no-net: initial script

 builder.sh |  7 ++-----
 no-net.sh  | 65 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 67 insertions(+), 5 deletions(-)
---

diff --git a/builder.sh b/builder.sh
index 2a9685d..51e199b 100755
--- a/builder.sh
+++ b/builder.sh
@@ -153,7 +153,7 @@ REVERT_BROKEN_UPGRADE="yes"
 IP=/sbin/ip
 
 # disable network for rpm build tool, autodetect if it works (doesn't work in chroot and in vserver guest)
-unshare --user --net --map-current-user true 2> /dev/null && NONETWORK="unshare --user --net --map-root-user $SHELL -\${DEBUG:+xv}c 'if test -x $IP; then $IP a add 127.0.0.1/8 dev lo 2> /dev/null && addr=1; $IP a add ::1/128 dev lo noprefixroute 2> /dev/null && addr=1; test -n \"\$addr\" && $IP l set lo up; unset addr; fi; exec unshare --map-user $(id -un) $SHELL'" || NONETWORK=""
+test -x "$APPDIR/no-net.sh" && "$APPDIR/no-net.sh" -t && NONETWORK="'$APPDIR/no-net.sh' \${DEBUG:+-D}" || NONETWORK=""
 
 if rpm --specsrpm 2>/dev/null; then
 	FETCH_BUILD_REQUIRES_RPMSPECSRPM="yes"
@@ -1718,10 +1718,7 @@ build_package() {
 	local specdir=$(insert_gitlog $SPECFILE)
 	ulimit -c unlimited
 	# FIXME: eval here is exactly why?
-	PATH=$CLEAN_PATH eval teeboth "'$logfile'" ${TIME_COMMAND} ${NICE_COMMAND} ${NONETWORK:-$SHELL}<<EOF
-${DEBUG:+set -x; set -v}
-exec $RPMBUILD $TARGET_SWITCH $BUILD_SWITCH -v $QUIET $CLEAN $RPMOPTS $RPMBUILDOPTS $BCOND --define '_specdir $PACKAGE_DIR' --define '_sourcedir $PACKAGE_DIR' $specdir/$SPECFILE
-EOF
+	PATH=$CLEAN_PATH eval teeboth "'$logfile'" ${TIME_COMMAND} ${NICE_COMMAND} ${NONETWORK} $RPMBUILD $TARGET_SWITCH $BUILD_SWITCH -v $QUIET $CLEAN $RPMOPTS $RPMBUILDOPTS $BCOND --define \'_specdir $PACKAGE_DIR\' --define \'_sourcedir $PACKAGE_DIR\' $specdir/$SPECFILE
 	retval=$?
 	rm -r $specdir
 
diff --git a/no-net.sh b/no-net.sh
new file mode 100755
index 0000000..551a3a4
--- /dev/null
+++ b/no-net.sh
@@ -0,0 +1,65 @@
+#!/bin/ksh
+
+SHELL=/bin/ksh
+IP=/sbin/ip
+
+TEST_NS=""
+DEBUG=""
+
+usage() {
+  echo "Usage: $0 [-t] [-D] [-h] <command> [args...]"
+  echo "Run <command> without network access"
+  echo
+  echo "\t-t\t\ttest support for creating namespaces"
+  echo "\t-D\t\tenable debug mode"
+  echo "\t-h\t\tprint this help"
+}
+
+while getopts tDh OPTNAME; do
+  case $OPTNAME in
+    t)
+      TEST_NS=1
+      ;;
+    D)
+      DEBUG=1
+      ;;
+    h)
+      usage
+      exit 0
+      ;;
+    ?)
+      echo "ERROR: unknown option '-$OPTARG'" >&2
+      usage
+      exit 1
+      ;;
+  esac
+done
+
+shift $(($OPTIND - 1))
+
+if [ -n "$TEST_NS" ]; then
+  unshare --user --net --map-current-user true 2> /dev/null
+  exit $?
+fi
+
+if [ $# -eq 0 ]; then
+  echo "ERROR: no command given" >&2
+  exit 1
+fi
+
+if [ -n "$DEBUG" ]; then
+  set -x
+  set -v
+fi
+
+exec unshare --user --net --map-root-user $SHELL -s${DEBUG:+xv} "$@" <<EOF
+if test -x $IP; then
+  $IP a add 127.0.0.1/8 dev lo 2> /dev/null && addr=1
+  $IP a add ::1/128 dev lo noprefixroute 2> /dev/null && addr=1
+  if test -n "\$addr"; then
+    $IP l set lo up
+  fi
+  unset addr
+  exec unshare --map-user $(id -un) "\$@"
+fi
+EOF
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/rpm-build-tools.git/commitdiff/ef4847ca86eee8a77981df7c92560a40895c0b8c

