[Toybox] [PATCH] hostname: fix behavior when in jail.

enh enh at google.com
Sun Jan 20 14:20:39 PST 2019 

On Sat, Jan 19, 2019 at 12:43 PM Rob Landley <rob at landley.net> wrote:
>
> On 1/19/19 1:41 PM, enh via Toybox wrote:
> > Only -d and -f should cause a DNS lookup. The rest should just act
> > directly on the result of gethostname(3). Encountered with the AOSP
> > buildbots' use of nsjail, but tested with both the Debian hostname and
> > toybox hostname thus:
>
> Applied.
>
> I'm rooting on this build work from a distance, sorry I haven't been more direct
> help. I'm curious what commands are left that _don't_ point to toybox. (I used
> to do things like "for i in $(echo $PATH | tr : '\n'); do for i in $(echo $i/* |
> tr ' ' '\n'); do basename $i; done; done | sort -u" for that...)

the link in the roadmap (the checked-in copy; the web site is too old)
is, for better or worse, a link to the current status:
https://android.googlesource.com/platform/build/soong/+/master/ui/build/paths/config.go

i haven't had chance to test your latest cp patch, nor my sed patch or
yours. assuming they're okay, and ignoring stuff in pending (like dd)
or that just isn't started yet (like hexdump), patch is probably in
the worst state: that will need fuzz support (which POSIX describes in
more detail than i would have expected:
https://pubs.opengroup.org/onlinepubs/9699919799/utilities/patch.html)
and support for the `[FILE [PATCH]]` command-line syntax, not just -i.

iirc there's also `realpath --relative-to` but i haven't even looked
at what that means yet. and when i first used toybox to build AOSP by
accident there was some issue with find, but that's on the short list
of things i haven't even looked at yet.

at some point i'll have to go through all the weird and whacky formats
supplied to date(1), but that one i might try to enlist the help of
the build folks to get me a complete set off the build servers (aiui
they've said that's possible but non-trivial, and only date seems like
it might be hairy enough -- and hard enough to grep for -- to warrant
that).

but the TL;DR is that more than half of the commands you're allowed to
run as part of the build (and that list includes stuff like python and
javac) are switched to toybox. almost all of them that exist in toybox
at all [minus pending] are switched over (the exceptions being date,
find, grep/egrep, lsof, patch, realpath, and timeout; at least lsof --
used only for diagnostics -- should be trivial).

probably a bigger decision right now is whether i want to try to flip
the switch for the grep family on the device, or whether it's a bit
late in the cycle for that. i should probably decide one way or the
other this week. are there any known reasons why i shouldn't give it a
go?

> Rob

More information about the Toybox mailing list