🪆 --as-root to run command inside of container/VM as root

2025-11-04 06:30:27 +03:00 · 2025-10-14 13:24:42 +02:00 · 2025-10-14 13:24:42 +02:00 · 69c67badfb
commit 69c67badfb
parent 60f5f8fa1c
2 changed files with 16 additions and 7 deletions
--- a/fdroidserver/common.py
+++ b/fdroidserver/common.py
@ -5135,28 +5135,29 @@ def get_podman_container(appid, vercode):
    return ret


-def inside_exec(appid, vercode, command, virt_container_type):
+def inside_exec(appid, vercode, command, virt_container_type, as_root=False):
    """Execute the command inside of the VM for the build."""
    if virt_container_type == 'vagrant':
-        return vagrant_exec(appid, vercode, command)
+        return vagrant_exec(appid, vercode, command, as_root)
    elif virt_container_type == 'podman':
-        return podman_exec(appid, vercode, command)
+        return podman_exec(appid, vercode, command, as_root)
    else:
        raise Exception(
            f"'{virt_container_type}' not supported, currently supported: vagrant, podman"
        )


-def podman_exec(appid, vercode, command):
+def podman_exec(appid, vercode, command, as_root=False):
    """Execute the command inside of a podman container for the build."""
    container_name = get_container_name(appid, vercode)
    to_stdin = shlex.join(command)
+    user = 'root' if as_root else BUILD_USER
    p = subprocess.run(
        [
            'podman',
            'exec',
            '--interactive',
-            '--user=vagrant',
+            f'--user={user}',
            f'--workdir={BUILD_HOME}',
            container_name,
        ]
@ -5181,7 +5182,7 @@ def get_vagrantfile_path(appid, vercode):
    return Path('tmp/buildserver', get_container_name(appid, vercode), 'Vagrantfile')


-def vagrant_exec(appid, vercode, command):
+def vagrant_exec(appid, vercode, command, as_root=False):
    """Execute a command in the Vagrant VM via ssh."""
    vagrantfile = get_vagrantfile_path(appid, vercode)
    to_stdin = shlex.join(command)
@ -5190,7 +5191,7 @@ def vagrant_exec(appid, vercode, command):
            'vagrant',
            'ssh',
            '-c',
-            'bash',
+            'sudo bash' if as_root else 'bash',
        ],
        input=to_stdin,
        text=True,
--- a/fdroidserver/exec.py
+++ b/fdroidserver/exec.py
@ -2,6 +2,7 @@
 #
 # exec.py - part of the FDroid server tools
 # Copyright (C) 2024-2025, Hans-Christoph Steiner <hans@eds.org>
+# Copyright (C) 2024-2025, Michael Pöhn <michael@poehn.at>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by
@ -34,6 +35,12 @@ def main():
    parser = ArgumentParser(
        description="Run a subcommand in the buildserver container/box."
    )
+    parser.add_argument(
+        '--as-root',
+        default=False,
+        action='store_true',
+        help="run command inside of container/VM as root user",
+    )
    common.setup_global_opts(parser)
    common.setup_virt_container_type_opts(parser)
    parser.add_argument(
@ -53,6 +60,7 @@ def main():
            vercode,
            options.COMMAND,
            common.get_virt_container_type(options),
+            options.as_root,
        )
    except Exception as e:
        if options.verbose: