Add minimal unprivileged bootstrap

2026-03-23 11:36:32 +01:00 · 2024-09-10 05:57:49 +01:00 · 2024-09-10 05:57:49 +01:00 · f3828e44db
commit f3828e44db
parent 1f272f9050
7 changed files with 66 additions and 10 deletions
--- a/rootfs.py
+++ b/rootfs.py
@ -31,7 +31,7 @@ def create_configuration_file(args):
        config.write(f"ARCH={args.arch}\n")
        config.write(f"ARCH_DIR={stage0_arch_map.get(args.arch, args.arch)}\n")
        config.write(f"FORCE_TIMESTAMPS={args.force_timestamps}\n")
-        config.write(f"CHROOT={args.chroot or args.bwrap}\n")
+        config.write(f"CHROOT={args.chroot or args.bwrap or args.wrap}\n")
        config.write(f"UPDATE_CHECKSUMS={args.update_checksums}\n")
        config.write(f"JOBS={args.cores}\n")
        config.write(f"SWAP_SIZE={args.swap}\n")
@ -63,6 +63,8 @@ def main():
                        default="x86")
    parser.add_argument("-c", "--chroot", help="Run inside chroot",
                        action="store_true")
+    parser.add_argument("-w", "--wrap", help="Run inside a minimal sandbox",
+                        action="store_true")
    parser.add_argument("-bw", "--bwrap", help="Run inside a bwrap sandbox",
                        action="store_true")
    parser.add_argument("-t", "--target", help="Target directory",
@ -127,15 +129,18 @@ def main():
            count += 1
        if args.bwrap:
            count += 1
+        if args.wrap:
+            count += 1
        if args.bare_metal:
            count += 1
        return count

    if check_types() > 1:
-        raise ValueError("No more than one of qemu, chroot, bwrap, bare metal"
-                         "may be used.")
+        raise ValueError("No more than one of qemu, chroot, bwrap, wrap, bare "
+                         "metal may be used.")
    if check_types() == 0:
-        raise ValueError("One of qemu, chroot, bwrap, or bare metal must be selected.")
+        raise ValueError("One of qemu, chroot, bwrap, wrap, or bare metal must"
+                         " be selected.")

    # Arch validation
    if args.arch != "x86":
@ -237,6 +242,12 @@ print(shutil.which('chroot'))
                                  '--tmpfs', '/tmp',
                                  init)

+    elif args.wrap:
+        generator.prepare(target, wrap = True)
+        arch = stage0_arch_map.get(args.arch, args.arch)
+        init = os.path.join('bootstrap-seeds', 'POSIX', arch, 'kaem-optional-seed')
+        run(init, cwd = generator.target_dir)
+
    elif args.bare_metal:
        if args.kernel:
            generator.prepare(target, using_kernel=True, target_size=size)