From b6da68b0f75b313294b42cf782420d0a30422058 Mon Sep 17 00:00:00 2001
From: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
Date: Wed, 26 Aug 2020 11:52:39 -0400
Subject: [PATCH] systemplate: do not soft-link to host filesystem in the jail

Files soft-linked from the jail will reference those in the
chroot and not the real/root filesystem. We can only get
away with hard-links in this case. Failing that, we must
copy the file and check at runtime. Hard-linking most
commonly fails due to cross-device linkage, which is
prohibited.

Change-Id: I4d43fd2ac47c42edd59de9baba5b38a78c879f6e
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/101417
Tested-by: Andras Timar <andras.timar@collabora.com>
Reviewed-by: Andras Timar <andras.timar@collabora.com>
---
 loolwsd-systemplate-setup | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/loolwsd-systemplate-setup b/loolwsd-systemplate-setup
index ea04a03decacb..649b1efd513c6 100755
--- a/loolwsd-systemplate-setup
+++ b/loolwsd-systemplate-setup
@@ -69,8 +69,8 @@ cpio -p -d -L $CHROOT
 for file in hosts nsswitch.conf resolv.conf passwd group host.conf timezone localtime
 do
     #echo "Linking/Copying /etc/$file"
-    # Prefer hard linking, fallback to soft linking, and finally to just copying.
-    ln -f /etc/$file $CHROOT/etc/ 2> /dev/null || ln -f -s /etc/$file $CHROOT/etc/ || cp /etc/$file $CHROOT/etc/ || echo "Failed to link or copy $file"
+    # Prefer hard-linking, fallback to just copying (do *not* use soft-linking because that would be relative to the jail).
+    ln -f /etc/$file $CHROOT/etc/ 2> /dev/null || cp /etc/$file $CHROOT/etc/ || echo "Failed to link or copy $file"
 done
 
 # Link dev/random and dev/urandom to ../tmp/dev/.
@@ -79,6 +79,7 @@ mkdir -p $CHROOT/dev
 mkdir -p $CHROOT/tmp/dev
 for file in random urandom
 do
+    # This link is relative anyway, so can be soft.
     ln -f ../tmp/dev/$file $CHROOT/dev/ 2> /dev/null || ln -f -s ../tmp/dev/$file $CHROOT/dev/ || echo "Failed to link dev/$file"
 done
 
@@ -89,6 +90,7 @@ mkdir -p $CHROOT/lo
 # In case the original path is different from
 for path in $INSTDIR $INSTDIR_LOGICAL
 do
+    # Create a soft-link, as it's a relative directory path (can't be a hard-link).
     INSTDIR_PARENT="$(dirname "$CHROOT/$path")"
     mkdir -p $INSTDIR_PARENT
     ln -f -s `realpath --relative-to=$INSTDIR_PARENT $CHROOT/lo` $CHROOT/$path