old mode 100755
new mode 100644
@@ -27,8 +27,9 @@
set -e
-KAS_CONTAINER_SCRIPT_VERSION="4.8.2"
+KAS_CONTAINER_SCRIPT_VERSION="5.1"
KAS_IMAGE_VERSION_DEFAULT="${KAS_CONTAINER_SCRIPT_VERSION}"
+KAS_CONTAINER_IMAGE_DISTRO_DEFAULT="debian-bookworm"
KAS_CONTAINER_IMAGE_PATH_DEFAULT="ghcr.io/siemens/kas"
KAS_CONTAINER_IMAGE_NAME_DEFAULT="kas"
KAS_CONTAINER_SELF_NAME="$(basename "$0")"
@@ -64,7 +65,8 @@ usage()
printf "%b" "menu\t\t\tProvide configuration menu and trigger " \
"configured build.\n"
printf "%b" "\nOptional arguments:\n"
- printf "%b" "--isar\t\t\tUse kas-isar container to build Isar image.\n"
+ printf "%b" "--isar\t\t\tUse kas-isar container to build Isar image. To force\n"
+ printf "%b" " \t\t\tthe use of run0 over sudo, set KAS_SUDO_CMD=run0.\n"
printf "%b" "--with-loop-dev Pass a loop device to the " \
"container. Only required if\n"
printf "%b" "\t\t\tloop-mounting is used by recipes.\n"
@@ -117,6 +119,26 @@ trace()
"$@"
}
+prepare_sudo_cmd()
+{
+ if [ -z "${KAS_SUDO_CMD}" ]; then
+ # Try to auto-detect a privileged executor
+ if command -v sudo >/dev/null; then
+ KAS_SUDO_CMD="sudo"
+ elif command -v run0 >/dev/null; then
+ KAS_SUDO_CMD="run0"
+ else
+ fatal_error "No privileged executor found, need sudo or run0."
+ fi
+ fi
+
+ case "$KAS_SUDO_CMD" in
+ sudo) _KAS_SUDO_CMD="sudo --preserve-env";;
+ run0) _KAS_SUDO_CMD="run0 --background= --unit=kas-container@$$";;
+ *) fatal_error "Unsupported KAS_SUDO_CMD ('${KAS_SUDO_CMD}'), use sudo or run0.";;
+ esac
+}
+
enable_isar_mode()
{
if [ -n "${ISAR_MODE}" ]; then
@@ -128,15 +150,17 @@ enable_isar_mode()
KAS_ISAR_ARGS="--privileged"
if [ "${KAS_CONTAINER_ENGINE}" = "podman" ]; then
+ prepare_sudo_cmd
# sudo is needed for a privileged podman container
- KAS_CONTAINER_COMMAND="sudo --preserve-env ${KAS_CONTAINER_COMMAND}"
+ KAS_CONTAINER_COMMAND="${_KAS_SUDO_CMD} ${KAS_CONTAINER_COMMAND}"
# preserved user PATH may lack sbin needed by privileged podman
export PATH="${PATH}:/usr/sbin"
elif [ "${KAS_DOCKER_ROOTLESS}" = "1" ]; then
+ prepare_sudo_cmd
export DOCKER_HOST="${DOCKER_HOST:-unix:///var/run/docker.sock}"
debug "kas-isar does not support rootless docker. Using system docker"
# force use of well-known system docker socket
- KAS_CONTAINER_COMMAND="sudo --preserve-env ${KAS_CONTAINER_COMMAND}"
+ KAS_CONTAINER_COMMAND="${_KAS_SUDO_CMD} ${KAS_CONTAINER_COMMAND}"
KAS_DOCKER_ROOTLESS=0
fi
}
@@ -267,10 +291,14 @@ trap kas_container_cleanup EXIT INT TERM
set_container_image_var()
{
KAS_IMAGE_VERSION="${KAS_IMAGE_VERSION:-${KAS_IMAGE_VERSION_DEFAULT}}"
+ KAS_CONTAINER_IMAGE_DISTRO="${KAS_CONTAINER_IMAGE_DISTRO:-${KAS_CONTAINER_IMAGE_DISTRO_DEFAULT}}"
KAS_CONTAINER_IMAGE_NAME="${KAS_CONTAINER_IMAGE_NAME:-${KAS_CONTAINER_IMAGE_NAME_DEFAULT}}"
KAS_CONTAINER_IMAGE_PATH="${KAS_CONTAINER_IMAGE_PATH:-${KAS_CONTAINER_IMAGE_PATH_DEFAULT}}"
KAS_CONTAINER_IMAGE_DEFAULT="${KAS_CONTAINER_IMAGE_PATH}/${KAS_CONTAINER_IMAGE_NAME}:${KAS_IMAGE_VERSION}"
KAS_CONTAINER_IMAGE="${KAS_CONTAINER_IMAGE:-${KAS_CONTAINER_IMAGE_DEFAULT}}"
+ if [ -n "${KAS_CONTAINER_IMAGE_DISTRO}" ]; then
+ KAS_CONTAINER_IMAGE="${KAS_CONTAINER_IMAGE}-${KAS_CONTAINER_IMAGE_DISTRO}"
+ fi
}
# SC2034: DIR appears unused (ignore, as they are used inside eval)
@@ -283,6 +311,7 @@ setup_kas_dirs()
KAS_REPO_REF_DIR="$(check_and_expand KAS_REPO_REF_DIR required)"
DL_DIR="$(check_and_expand DL_DIR createrec)"
SSTATE_DIR="$(check_and_expand SSTATE_DIR createrec)"
+ KAS_BUILDTOOLS_DIR="$(check_and_expand KAS_BUILDTOOLS_DIR createrec)"
}
setup_kas_dirs
@@ -339,6 +368,10 @@ while [ $# -gt 0 ]; do
if [ "$(id -u)" -eq 0 ]; then
fatal_error "loop device not available!"
fi
+ prepare_sudo_cmd
+ if ! [ "$KAS_SUDO_CMD" = "sudo" ]; then
+ fatal_error '--with-loop-dev requires sudo for device setup.'
+ fi
sudo_command="/sbin/losetup -f"
sudo_message="[sudo] enter password to setup loop"
sudo_message="$sudo_message devices by calling"
@@ -593,6 +626,7 @@ forward_dir KAS_BUILD_DIR "/build" "rw"
forward_dir DL_DIR "/downloads" "rw"
forward_dir KAS_REPO_REF_DIR "/repo-ref" "rw"
forward_dir SSTATE_DIR "/sstate" "rw"
+forward_dir KAS_BUILDTOOLS_DIR "/buildtools" "rw"
if git_com_dir=$(git -C "${KAS_REPO_DIR}" rev-parse --git-common-dir 2>/dev/null) \
&& [ "$git_com_dir" != "$(git -C "${KAS_REPO_DIR}" rev-parse --git-dir)" ]; then