[Toybox] [PATCH] hostname: fix behavior when in jail.

[Rob Landley]

On 1/20/19 4:20 PM, enh wrote:
> On Sat, Jan 19, 2019 at 12:43 PM Rob Landley <rob at landley.net> wrote:
>>
>> On 1/19/19 1:41 PM, enh via Toybox wrote:
>>> Only -d and -f should cause a DNS lookup. The rest should just act
>>> directly on the result of gethostname(3). Encountered with the AOSP
>>> buildbots' use of nsjail, but tested with both the Debian hostname and
>>> toybox hostname thus:
>>
>> Applied.
>>
>> I'm rooting on this build work from a distance, sorry I haven't been more direct
>> help. I'm curious what commands are left that _don't_ point to toybox. (I used
>> to do things like "for i in $(echo $PATH | tr : '\n'); do for i in $(echo $i/* |
>> tr ' ' '\n'); do basename $i; done; done | sort -u" for that...)
> 
> the link in the roadmap (the checked-in copy; the web site is too old)

Fixed. (I should add that to my release checklist.)

> is, for better or worse, a link to the current status:
> https://android.googlesource.com/platform/build/soong/+/master/ui/build/paths/config.go

So the "var Configuration = map[string]PathConfig{" block is the list of
commands _not_ yet supplied by a built-in package?

Sigh. What I eventually want to get to is something like mkroot+ where it can
build a base root filesystem, add the NDK toolchain and enough of a read-only
git tool to drive repo fetches, and the either chroot into there or launch it as
a container or run it under qemu, and then build AOSP.

There's a ways to go still, but that's my goal. Because once we've got that,
doing it under Android is basically a minijail target.

Other people have their own opinions, of course:

  https://twitter.com/landley/status/1085605309475966977

It would be _nice_ if android could do that out of the box, and "install a build
container" is a big ask for people without a big data plan using multiple year
old hardware they inherited for which the upstream play store may have gone
byebye already... But as they say, "we'll burn that bridge when we come to
it"...

> i haven't had chance to test your latest cp patch, nor my sed patch or
> yours. assuming they're okay, and ignoring stuff in pending (like dd)
> or that just isn't started yet (like hexdump),

If all you need is hexdump -C I've got it 2/3 done over here because I use that
a lot myself. (Also, hd is an abbreviation for hexdump -C.)

If you need non -C hexdump, it's presumably a variant of od and xxd and I need
to look at merging that code. (THREE implementations. 4 if you count hexedit.)

> patch is probably in
> the worst state: that will need fuzz support (which POSIX describes in
> more detail than i would have expected:
> https://pubs.opengroup.org/onlinepubs/9699919799/utilities/patch.html)
> and support for the `[FILE [PATCH]]` command-line syntax, not just -i.

Ok. I've done the first 1/3 of fuzz support locally already...

> iirc there's also `realpath --relative-to` but i haven't even looked
> at what that means yet.

It's not in Ubuntu 14.04's man page for realpath, and I haven't poked at my
pending Devuan 2.0 install in a week. (Instead I mail ordered a new battery for
the old laptop...)

> and when i first used toybox to build AOSP by
> accident there was some issue with find, but that's on the short list
> of things i haven't even looked at yet.

Get me a test case and I'll try to fix it...

> at some point i'll have to go through all the weird and whacky formats
> supplied to date(1), but that one i might try to enlist the help of
> the build folks to get me a complete set off the build servers (aiui
> they've said that's possible but non-trivial, and only date seems like
> it might be hairy enough -- and hard enough to grep for -- to warrant
> that).

It's all strptime() and strftime() under the covers. I let them specify the
format strings, if you want more built in format strings I need to know what
they are. (For "autodetect" we can have it iterate through an array trying each
one fairly easily, assuming failure/success are easy to distinguish.)

> but the TL;DR is that more than half of the commands you're allowed to
> run as part of the build (and that list includes stuff like python and
> javac) are switched to toybox. almost all of them that exist in toybox
> at all [minus pending] are switched over (the exceptions being date,
> find, grep/egrep, lsof, patch, realpath, and timeout; at least lsof --
> used only for diagnostics -- should be trivial).

Cool.

> probably a bigger decision right now is whether i want to try to flip
> the switch for the grep family on the device, or whether it's a bit
> late in the cycle for that. i should probably decide one way or the
> other this week. are there any known reasons why i shouldn't give it a
> go?

Hmmm... I did --color support, all the tests pass... Hmmm, I have diffs in my
local tree:

diff --git a/toys/posix/grep.c b/toys/posix/grep.c
index 2cf078b..5ca9c5d 100644
--- a/toys/posix/grep.c
+++ b/toys/posix/grep.c
@@ -92,6 +92,7 @@ static void numdash(long num, char dash)
 static void outline(char *line, char dash, char *name, long lcount, long bcount,
   int trim)
 {
+  if (!trim && FLAG(o)) return;
   if (name && FLAG(H)) printf("%s%s%s%c", TT.purple, name, TT.cyan, dash);
   if (FLAG(c)) {
     printf("%s%ld", TT.grey, lcount);
@@ -353,7 +354,7 @@ static void do_grep(int fd, char *name)
     if (FLAG(m) && mcount >= TT.m) break;
   }
 
-  if (FLAG(c)) outline(0, ':', name, mcount, 0, -1);
+  if (FLAG(c)) outline(0, ':', name, mcount, 0, 1);
 
   // loopfiles will also close the fd, but this frees an (opaque) struct.
   fclose(file);
@@ -499,5 +500,7 @@ void grep_main(void)
       else dirtree_read(*ss, do_grep_r);
     }
   } else loopfiles_rw(ss, O_RDONLY|WARN_ONLY, 0, do_grep);
+
+// count is wrong
   if (TT.tried == toys.optc || (FLAG(q)&&TT.found)) toys.exitval = !TT.found;
 }

Which... Ed Maste found that last one on BSD and I went down the
"install a FreeBSD qemu image" rathole instead...

So some minor stuff. Lemme try to get that sorted tomorrow? (I get
MLK day off...)

Rob