crosutils: add scripts/.local_mounts to allow mounting additional (RO) folders in chroot

enter_chroot.sh

 #!/bin/bash
 
 # Copyright (c) 2009 The Chromium OS Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.
 
 # Script to enter the chroot environment
 
 # Load common constants.  This should be the first executable line.
 # The path to common.sh should be relative to your script's location.
@@ skipping 60 matching lines @@
 FUSE_DEVICE="/dev/fuse"
 AUTOMOUNT_PREF="/apps/nautilus/preferences/media_automount"
 SAVED_AUTOMOUNT_PREF_FILE="/tmp/.automount_pref"
 
 sudo chmod 0777 "$FLAGS_chroot/var/lock"
 
 LOCKFILE="$FLAGS_chroot/var/lock/enter_chroot"
 
 function setup_env {
   (
+    local mounted_path
     flock 200
     echo $$ >> "$LOCKFILE"
 
     info "Mounting chroot environment."
 
     # Mount only if not already mounted
-    MOUNTED_PATH="$(readlink -f "$FLAGS_chroot/proc")"
-    if [ -z "$(mount | grep -F "on $MOUNTED_PATH ")" ]
+    mounted_path="$(readlink -f "$FLAGS_chroot/proc")"
+    if [ -z "$(mount | grep -F "on $mounted_path ")" ]
     then
-      sudo mount none -t proc "$MOUNTED_PATH" || \
-          die "Could not mount $MOUNTED_PATH"
+      sudo mount none -t proc "$mounted_path" || \
+          die "Could not mount $mounted_path"
     fi
 
-    MOUNTED_PATH="$(readlink -f "$FLAGS_chroot/sys")"
-    if [ -z "$(mount | grep -F "on $MOUNTED_PATH ")" ]
+    mounted_path="$(readlink -f "$FLAGS_chroot/sys")"
+    if [ -z "$(mount | grep -F "on $mounted_path ")" ]
     then
-      sudo mount none -t sysfs "$MOUNTED_PATH" || \
-          die "Could not mount $MOUNTED_PATH"
+      sudo mount none -t sysfs "$mounted_path" || \
+          die "Could not mount $mounted_path"
     fi
 
-    MOUNTED_PATH="$(readlink -f "${FLAGS_chroot}/dev")"
-    if [ -z "$(mount | grep -F "on $MOUNTED_PATH ")" ]
+    mounted_path="$(readlink -f "${FLAGS_chroot}/dev")"
+    if [ -z "$(mount | grep -F "on $mounted_path ")" ]
     then
-      sudo mount --bind /dev "$MOUNTED_PATH" || \
-          die "Could not mount $MOUNTED_PATH"
+      sudo mount --bind /dev "$mounted_path" || \
+          die "Could not mount $mounted_path"
     fi
 
     if [ $FLAGS_ssh_agent -eq $FLAGS_TRUE ]; then
       TARGET_DIR="$(readlink -f "${FLAGS_chroot}/home/${USER}/.ssh")"
       if [ -n "${SSH_AUTH_SOCK}" \
         -a -d "${HOME}/.ssh" ]
       then
         mkdir -p "${TARGET_DIR}"
         cp -r "${HOME}/.ssh/known_hosts" "${TARGET_DIR}"
         ASOCK="$(dirname "${SSH_AUTH_SOCK}")"
         mkdir -p "${FLAGS_chroot}/${ASOCK}"
         sudo mount --bind "${ASOCK}" "${FLAGS_chroot}/${ASOCK}" || \
           die "Count not mount ${ASOCK}"
       fi
     fi
 
-    MOUNTED_PATH="$(readlink -f "${FLAGS_chroot}/dev/pts")"
-    if [ -z "$(mount | grep -F "on $MOUNTED_PATH ")" ]
+    mounted_path="$(readlink -f "${FLAGS_chroot}/dev/pts")"
+    if [ -z "$(mount | grep -F "on $mounted_path ")" ]
     then
-      sudo mount none -t devpts "$MOUNTED_PATH" || \
-          die "Could not mount $MOUNTED_PATH"
+      sudo mount none -t devpts "$mounted_path" || \
+          die "Could not mount $mounted_path"
     fi
 
-    MOUNTED_PATH="$(readlink -f "${FLAGS_chroot}$CHROOT_TRUNK_DIR")"
-    if [ -z "$(mount | grep -F "on $MOUNTED_PATH ")" ]
+    mounted_path="$(readlink -f "${FLAGS_chroot}$CHROOT_TRUNK_DIR")"
+    if [ -z "$(mount | grep -F "on $mounted_path ")" ]
     then
-      sudo mount --bind "$FLAGS_trunk" "$MOUNTED_PATH" || \
-          die "Could not mount $MOUNTED_PATH"
+      sudo mount --bind "$FLAGS_trunk" "$mounted_path" || \
+          die "Could not mount $mounted_path"
     fi
 
-    MOUNTED_PATH="$(readlink -f "${FLAGS_chroot}${INNER_CHROME_ROOT}")"
-    if [ -z "$(mount | grep -F "on $MOUNTED_PATH ")" ]
+    mounted_path="$(readlink -f "${FLAGS_chroot}${INNER_CHROME_ROOT}")"
+    if [ -z "$(mount | grep -F "on $mounted_path ")" ]
     then
       ! CHROME_ROOT="$(readlink -f "$FLAGS_chrome_root")"
       if [ -z "$CHROME_ROOT" ]; then
         ! CHROME_ROOT="$(cat "${FLAGS_chroot}${CHROME_ROOT_CONFIG}" \
           2>/dev/null)"
       fi
       if [[ ( -z "$CHROME_ROOT" ) || ( ! -d "${CHROME_ROOT}/src" ) ]]; then
         info "Not mounting chrome source"
         sudo rm -f "${FLAGS_chroot}${CHROME_ROOT_CONFIG}"
       else
         info "Mounting chrome source at: $INNER_CHROME_ROOT"
         echo "$CHROME_ROOT" | \
           sudo dd of="${FLAGS_chroot}${CHROME_ROOT_CONFIG}"
-        mkdir -p "$MOUNTED_PATH"
-        sudo mount --bind "$CHROME_ROOT" "$MOUNTED_PATH" || \
-          die "Could not mount $MOUNTED_PATH"
+        mkdir -p "$mounted_path"
+        sudo mount --bind "$CHROME_ROOT" "$mounted_path" || \
+          die "Could not mount $mounted_path"
       fi
     fi
 
-    MOUNTED_PATH="$(readlink -f "${FLAGS_chroot}${INNER_DEPOT_TOOLS_ROOT}")"
-    if [ -z "$(mount | grep -F "on $MOUNTED_PATH ")" ]
+    mounted_path="$(readlink -f "${FLAGS_chroot}${INNER_DEPOT_TOOLS_ROOT}")"
+    if [ -z "$(mount | grep -F "on $mounted_path ")" ]
     then
       if [ $(which gclient 2>/dev/null) ]; then
         info "Mounting depot_tools"
         DEPOT_TOOLS=$(dirname $(which gclient) )
-        mkdir -p "$MOUNTED_PATH"
-        if ! sudo mount --bind "$DEPOT_TOOLS" "$MOUNTED_PATH"; then
+        mkdir -p "$mounted_path"
+        if ! sudo mount --bind "$DEPOT_TOOLS" "$mounted_path"; then
           warn "depot_tools failed to mount; perhaps it's on NFS?"
           warn "This may impact chromium build."
         fi
       fi
     fi
 
     # Install fuse module.
     if [ -c "${FUSE_DEVICE}" ] ; then
       sudo modprobe fuse 2> /dev/null ||\
         warn "-- Note: modprobe fuse failed.  gmergefs will not work"
     fi
 
     # Turn off automounting of external media when we enter the
     # chroot; thus we don't have to worry about being able to unmount
     # from inside.
     if [ $(which gconftool-2 2>/dev/null) ]; then
       gconftool-2 -g ${AUTOMOUNT_PREF} > \
         "${FLAGS_chroot}${SAVED_AUTOMOUNT_PREF_FILE}"
       if [ $(gconftool-2 -s --type=boolean ${AUTOMOUNT_PREF} false) ]; then
         warn "-- Note: USB sticks may be automounted by your host OS."
         warn "-- Note: If you plan to burn bootable media, you may need to"
         warn "-- Note: unmount these devices manually, or run image_to_usb.sh"
         warn "-- Note: outside the chroot."
       fi
     fi
 
+    # Mount additional directories
+    local local_mounts="${FLAGS_trunk}/src/scripts/.local_mounts"
+    if [ -f "${local_mounts}" ]; then
+      info "Mounting local folders (read-only for safety concern)"
+      # format: mount_source
+      #      or mount_source mount_point
+      #      or # comments
+      local mount_source mount_point
+      cat "${local_mounts}" | while read mount_source mount_point; do
+        if [ "$(echo "${mount_source}" | cut -b 1)" = "#" ] ||
+           [ -z "${mount_source}" ]; then
+          continue
+        fi
+        # if only source is assigned, use source as mount point.
+        mount_point="${mount_point:-$mount_source}"
+        mounted_path="$(readlink -f "${FLAGS_chroot}${mount_point}")"
+        if [ -z "$(mount | grep -F "on ${mounted_path} ")" ]
+        then
+          # --bind can't be initialized as RO, so we have to use "ro,remount".
+          (sudo mount --bind "${mount_source}" "${mounted_path}" &&
+           sudo mount -o ro,remount "${mounted_path}") ||
+           die "Failed to mount ${mounted_path} from ${mount_source}."
+        fi
+      done
+    fi
+
   ) 200>>"$LOCKFILE" || die "setup_env failed"
 }
 
 function teardown_env {
   # Only teardown if we're the last enter_chroot to die
   (
+    local mounted_path
     flock 200
 
     # check each pid in $LOCKFILE to see if it's died unexpectedly
     TMP_LOCKFILE="$LOCKFILE.tmp"
 
     echo -n > "$TMP_LOCKFILE"  # Erase/reset temp file
     cat "$LOCKFILE" | while read PID; do
       if [ "$PID" = "$$" ]; then
         # ourself, leave PROC_NAME empty
         PROC_NAME=""
@@ skipping 12 matching lines @@
     if [ $(which gconftool-2 2>/dev/null) ]; then
       SAVED_PREF=$(cat "${FLAGS_chroot}${SAVED_AUTOMOUNT_PREF_FILE}")
       gconftool-2 -s --type=boolean ${AUTOMOUNT_PREF} ${SAVED_PREF} || \
         warn "could not re-set your automount preference."
     fi
 
     if [ -s "$LOCKFILE" ]; then
       info "At least one other pid is running in the chroot, so not"
       info "tearing down env."
     else
-      MOUNTED_PATH=$(readlink -f "$FLAGS_chroot")
+      mounted_path=$(readlink -f "$FLAGS_chroot")
       info "Unmounting chroot environment."
       # sort the list of mounts in reverse order, to ensure umount of
       # cascading mounts in proper order
       for i in \
-        $(mount | grep -F "on $MOUNTED_PATH/" | sort -r | awk '{print $3}'); do
+        $(mount | grep -F "on $mounted_path/" | sort -r | awk '{print $3}'); do
         safe_umount "$i"
       done
     fi
   ) 200>>"$LOCKFILE" || die "teardown_env failed"
 }
 
 if [ $FLAGS_mount -eq $FLAGS_TRUE ]
 then
   setup_env
   info "Make sure you run"
@@ skipping 56 matching lines @@
 # Run command or interactive shell.  Also include the non-chrooted path to
 # the source trunk for scripts that may need to print it (e.g.
 # build_image.sh).
 sudo chroot "$FLAGS_chroot" sudo -i -u $USER $CHROOT_PASSTHRU \
   EXTERNAL_TRUNK_PATH="${FLAGS_trunk}" LANG=C SSH_AGENT_PID="${SSH_AGENT_PID}" \
   SSH_AUTH_SOCK="${SSH_AUTH_SOCK}" -- "$@"
 
 # Remove trap and explicitly unmount
 trap - EXIT
 teardown_env