3 ### Make a build tree private to the invoking user. Also, make a `/private'
4 ### directory in the chroot which is exclusive to the creating user.
6 ## Make sure everything is good.
7 case $1 in setup-start
) ;; *) exit 0 ;; esac
8 case $CHROOT_SESSION_PURGE in true
) ;; *) exit 0 ;; esac
9 case $CHROOT_PROFILE in sbuild | scratchbox
) ;; *) exit 0 ;; esac
10 case $CHROOT_TYPE in *-snapshot
) ;; *) exit 0 ;; esac
11 case $CHROOT_MOUNT_LOCATION in
12 "" |
/) echo >&2 "$0: not clobbering root dir"; exit 127 ;;
15 ## Make the directory private to the invoking user's group. This is a
16 ## somewhat troublesome compromise between keeping the chroot tree private
17 ## from other system users on the one hand, and maintaining system security
20 ## This assumes that the device root directory's permissions are already
21 ## restricted to privileged users only.
22 cd $CHROOT_MOUNT_LOCATION
23 chown root
:$AUTH_RGROUP .
26 ## Make an actually-private place for temporary things to be stored.
27 mkdir
-p
$CHROOT_PATH/private
28 mount
-ttmpfs
-omode
=700,uid
=$AUTH_RUID,gid
=$AUTH_RGID \
29 private
$CHROOT_PATH/private