gocage/cmd/start.go

package cmd

import (
	"os"
	"fmt"
//	"log"
	"errors"
	"regexp"
//	"os/exec"
//	"reflect"
	"strings"
	"strconv"
)

func SetJailProperties(args []string) {
	type properties struct {
		name	string
		value	string
	}
	
	var jail Jail
	var props []properties
	
	if len(args) > 0 {
		for i, a := range args {
			// This is the jail name
			if i == len(args)-1 {
				jail.Name = a
			} else {
				kv := strings.Split(a, "=")
				if len(kv) != 2 {
					// TODO : Show help
					fmt.Printf("Error parsing args: %s\n", a)
					return
				} else {
					p := properties{name: kv[0], value: kv[1]}
					props = append(props, p)
				}
			}
		}
	} 
	
	if len(jail.Name) == 0 || len(args) == 0 {
		// TODO : Show help
		fmt.Printf("Error\n")
		return
	}
	
	for _, p := range props {
		err := setJailProperty(&jail, p.name, p.value)
		if err != nil {
			fmt.Printf("Error: %s\n", err.Error())
			return
		}
	}
}

// TODO : Support types. For now we just update int, other types will crash
// WIP. Not working now (need to address the real struct field, not a copy of it)
// setJailProperty takes a string as propValue, whatever the real property type is.
//  It will be converted.
func setJailProperty(jail *Jail, propName string, propValue string) error {
	// First get propName type, to convert propValue
/*	k, _, err := getStructFieldKind(jail, propName)
	if err != nil {
		return err
	}
	kind := k.String()
*/

	for i, j := range gJails {
		if j.Name == jail.Name {
			val, _, err := getStructFieldValue(&gJails[i], propName)
			//val, _, err := getStructFieldValue(&gJails[i].Config, strings.Split(propName, ".")[1])
			if err != nil {
				return err
			}

			/*if kind == "string" {
			// WIll the affectation be done in source object or a copy?
				val.Set(propValue)
			} else if kind == "int" {
				v, err := strconv.Atoi(propValue)
				if err != nil {
					return errors.New(fmt.Sprintf("propValue have wrong type: %s\n", err.Error()))
				}
				val.Set(v)
			} else {
				return errors.New(fmt.Sprintf("Property %s have an unsupported type in setJailProperty!\n", propName))
			}*/

			if val.CanSet() {
				ival, err := strconv.Atoi(propValue)
				if err != nil {
					return err
				}
				val.SetInt(int64(ival))
				fmt.Printf("%s: %s set to %s\n", jail.Name, propName, propValue)
				gJails[i].ConfigUpdated = true
			} else {
				return errors.New(fmt.Sprintf("Field is not writable : %s", propName))
			}
		}
	}

	return nil
}

// FIXME : Do not work?!
//  We cant use internalName as the value exist only when jail is running
func setJailConfigUpdated(jail *Jail) error {
	if len(jail.ConfigPath) == 0 {
		return errors.New(fmt.Sprintf("No config path for jail %s", jail.Name))
	}

	for i, j := range gJails {
		if jail.Name == j.Name {
			fmt.Printf("Tag %s as configUpdated\n", jail.Name)
			gJails[i].ConfigUpdated = true
			return nil
		}
	}

	return errors.New("Jail not found")
}

func mountProcFs(jail *Jail) error {
	cmd := fmt.Sprintf("mount -t procfs proc %s/proc", jail.RootPath)
	_, err := executeCommand(cmd)
	if err != nil {
		return errors.New(fmt.Sprintf("Error mounting procfs on %s/proc: %s", jail.RootPath, err.Error()))
	}
	
	return nil
}

func mountLinProcFs(jail *Jail) error {
	ldir := fmt.Sprintf("%s/compat/linux/proc", jail.RootPath)
	_, err := os.Stat(ldir)
	if os.IsNotExist(err) {
		errDir := os.MkdirAll(ldir, 0755)
		if errDir != nil {
			return errors.New(fmt.Sprintf("Error creating directory %s: %s", ldir, errDir.Error()))
		}
	}
	cmd := fmt.Sprintf("mount -t linprocfs linproc %s", ldir)
	_, err = executeCommand(cmd)
	if err != nil {
		return errors.New(fmt.Sprintf("Error mounting linprocfs on %s: %s", ldir, err.Error()))
	}
	
	return nil
}

func mountDevFs(jail *Jail) error {
	cmd := fmt.Sprintf("mount -t devfs dev %s/dev", jail.RootPath)
	_, err := executeCommand(cmd)
	if err != nil {
		return errors.New(fmt.Sprintf("Error mounting devfs on %s/dev: %s", jail.RootPath, err.Error()))
	}
	
	return nil
}

func mountFdescFs(jail *Jail) error {
	// FreeBSD <= 9.3 do not support fdescfs
	if gHostVersion <= 9.3 {
		fmt.Printf("    FreeBSD <= 9.3 does not support fdescfs, disabling in config\n")
		jail.Config.Mount_fdescfs = 0
		// Tag config so it will be synced on disk
		jail.ConfigUpdated = true
	
		// Should we consider this an error?
		return nil
	}
	
	cmd := fmt.Sprintf("mount -t fdescfs descfs %s/dev/fd", jail.RootPath)
	_, err := executeCommand(cmd)
	if err != nil {
		return errors.New(fmt.Sprintf("Error mounting fdescfs on %s/dev/fd: %s", jail.RootPath, err.Error()))
	}
	
	return nil
}

func mountAllJailFsFromHost(jail *Jail) error {
	procfsFound := false
	linProcfsFound := false
	devfsFound := false
	fdescfsFound := false

    cmd := "mount -p"
    out, err := executeCommand(cmd)
    if err != nil {
        return errors.New(fmt.Sprintf("Error executing mount: %s", err.Error()))
    }   

	var outclean []string
    remSpPtrn := regexp.MustCompile(`\s+`)
    for _, l := range strings.Split(out, "\n") {
		outclean = append(outclean, remSpPtrn.ReplaceAllString(l, " "))
	}

	// Check if these FS are already mounted
	for _, l := range outclean {
        f := strings.Split(l, " ")
        if len(f) > 2 {

			if strings.EqualFold(f[1], fmt.Sprintf("%s/proc", jail.RootPath)) {
				procfsFound = true
			}
			if strings.EqualFold(f[1], fmt.Sprintf("%s/compat/linux/proc", jail.RootPath)) {
				linProcfsFound = true
			}
			if strings.EqualFold(f[1], fmt.Sprintf("%s/dev", jail.RootPath)) {
				devfsFound = true
			}
			if strings.EqualFold(f[1], fmt.Sprintf("%s/dev/fd", jail.RootPath)) {
				fdescfsFound = true
			}
		}
	}

	// Mount wanted FS
	if jail.Config.Mount_procfs > 0 && procfsFound == false {
		err := mountProcFs(jail)
        if err != nil {
	        return err
        }   
	}
	
	if jail.Config.Mount_linprocfs > 0 && linProcfsFound == false {
		err = mountLinProcFs(jail)
        if err != nil {
	        return err
        }
	}
	
	if jail.Config.Mount_devfs > 0 && devfsFound == false {
		err := mountDevFs(jail)
		if err != nil {
	        return err
		}
	}
	if jail.Config.Mount_fdescfs > 0 && fdescfsFound == false {
		err := mountFdescFs(jail)
		if err != nil {
			return err
		}
	}

	
	// Ces montages doivent-ils etre effectués une fois le jail démarré?

	// FreeBSD <= 9.3 do not support fdescfs
	//if gHostVersion <= 9.3 && jail.Config.Allow_mount_tmpfs > 0 {
	if gHostVersion <= 9.3 && jail.Config.Allow_mount_tmpfs > 0 {
		fmt.Printf("    FreeBSD <= 9.3 does not support tmpfs, disabling in config\n")
		jail.Config.Allow_mount_tmpfs = 0
		// Tag config so it will be synced on disk
		jail.ConfigUpdated = true
		err = setJailConfigUpdated(jail)
		if err != nil {
			fmt.Printf(fmt.Sprintf("Error updating config for jail %s: %s", jail.Name, err.Error()))
			return err
		}
	}

	if gHostVersion < 12 {
		if jail.Config.Allow_mlock > 0 {
			jail.Config.Allow_mlock = 0		
			jail.ConfigUpdated = true
			/* WIP
			err = setJailProperty(jail, "Config.Allow_mlock", "0")
			if err != nil {
				return err
			}*/
		}
		if jail.Config.Allow_mount_fusefs > 0 {
		}
		if jail.Config.Allow_vmm > 0 {
		}
	}

    return nil 
}


// TODO 
func prepareJailedZfsDatasets(jail *Jail) error {
	if jail.Config.Jail_zfs > 0 {
		// For jail to mount filesystem, enforce_statfs should be 1 or lower (2 is the default)
		// TODO : Write these changes in jail config file
		jail.Config.Allow_mount = 1
		jail.Config.Allow_mount_zfs = 1
		// TODO : Overload Json Unmarshalling to fix bad typed values, keeping iocage compatibility
		if jail.Config.Enforce_statfs > "1" {
			jail.Config.Enforce_statfs = "1"
		}
		for _, d := range strings.Split(jail.Config.Jail_zfs_dataset, " ") {
			// Check if dataset exist, create if necessary
			cmd := fmt.Sprintf("zfs get -H creation %s/%s", jail.Zpool, d)
			out, err := executeCommand(cmd)
			if err != nil {
				if strings.HasSuffix(out, "dataset does not exist") {
					cmd = fmt.Sprintf("zfs create -o compression=lz4 -o mountpoint=none %s/%s", jail.Zpool, d)
					_, err = executeCommand(cmd)
					if err != nil {
						return errors.New(fmt.Sprintf("Error creating dataset %s/%s: %s", jail.Zpool, d, err.Error()))
					}
				} else {
					return errors.New(fmt.Sprintf("Error getting zfs dataset %s: %s", d, err.Error()))
				}
			}

			cmd = fmt.Sprintf("zfs set jailed=on %s/%s", jail.Zpool, d)
			out, err = executeCommand(cmd)
			if err != nil {
				return errors.New(fmt.Sprintf("Error executing \"zfs set jailed=on %s/%s\": %s", jail.Zpool, d, err.Error()))
			}
			// TODO : Execute "zfs jail $jailname $dataset" when jail will be up
		}
	}
	return nil
}


/*
	Start jail:
		Check jail fstab?
		Mount procfs
		Mount linprocfs
		Mount devfs?
		Mount fdescfs?
		If jail_zfs, then check jail_zfs_dataset exist (and create otherwise)
		TODO : Check NAT settings and compatibility with other jails
		Generate devfsruleset from configured
		Write config file in /var/run/jails.ioc-$NAME.conf
		Execute PreStart (Exec_prestart)
		Start jail (With ENV VARS for network conf)
		Start networking
		Mount jail_zfs_datasets inside jail
		Generate resolv.Conf
		Copy /etc/localtime into jail (?)
		Configure NAT
		Execute Exec_start into jail
		Execute Exec_poststart
		If DHCP, check with ifconfig inside jail
		Set RCTL Rules

	Use setfib for each jail command
*/
func StartJail(args []string) {
	// jail we have to start
	var cj *Jail

	for _, j := range args {
		fmt.Printf("> Starting jail %s\n", j)

		for i, rj := range gJails {
			if rj.Name == j {
				// Get jail reference, not a copy of it; So we can modify attributes
				cj = &gJails[i]
				break
			}
		}
		if cj == nil {
			fmt.Printf("Jail not found: %s\n", j)
			continue
		}

		if cj.Running == true {
			fmt.Printf("Jail %s is already running!\n", cj.Name)
			continue
		}

		fmt.Printf("  > Mount special filesystems:\n")
		err := mountAllJailFsFromHost(cj)
		if err != nil {
			fmt.Printf("ERROR: %s\n", err.Error())
		} else {
			fmt.Printf("  > Mount special filesystems: OK\n")
		}

		if cj.Config.Jail_zfs > 0 {
			fmt.Printf("  > Prepare ZFS Datasets:\n")
			err := prepareJailedZfsDatasets(cj)
			if err != nil {
				fmt.Printf("ERROR: %s\n", err.Error())
			} else {
				fmt.Printf("  > Prepare ZFS Datasets: OK\n")
			}
		}


/*
		out, err := executeCommand(fmt.Sprintf("rctl jail:%s", cj.InternalName))
		if err == nil && len(out) > 0 {
			fmt.Printf("  > Remove RCTL rules:\n")
			err := removeRctlRules(cj.InternalName, []string{""})
			if err != nil {
				fmt.Printf("ERROR: %s\n", err.Error())
			} else {
				fmt.Printf("  > Remove RCTL rules: OK\n")
			}
		}

		if len (cj.Config.Exec_prestop) > 0 {
			fmt.Printf("  > Execute prestop:\n")
			_, err := executeCommand(cj.Config.Exec_prestop)
			if err != nil {
				fmt.Printf("ERROR: %s\n", err.Error())
			} else {
				fmt.Printf("  > Execute prestop: OK\n")
			}
		}
		
		if len (cj.Config.Exec_stop) > 0 {
			fmt.Printf("  > Execute stop:\n")
			_, err := executeCommandInJail(cj, cj.Config.Exec_stop)
			if err != nil {
				fmt.Printf("ERROR: %s\n", err.Error())
			} else {
				fmt.Printf("  > Execute stop: OK\n")
			}
		}

		if cj.Config.Jail_zfs > 0 {
			fmt.Printf("  > Umount jailed ZFS:\n")
			err := umountAndUnjailZFS(cj)
			if err != nil {
				fmt.Printf("ERROR: %s\n", err.Error())
			} else {
				fmt.Printf("  > Umount jailed ZFS: OK\n")
			}
		}

		if cj.Config.Vnet > 0 && len(cj.Config.Ip4_addr) > 0 {
			fmt.Printf("  > Destroy VNet interfaces:\n")
			err := destroyVNetInterfaces(cj)
			if err != nil {
				fmt.Printf("ERROR: %s\n", err.Error())
			} else {
				fmt.Printf("  > Destroy VNet interfaces: OK\n")
			}
		}
		
		fmt.Printf("  > Remove devfsruleset %s:\n", cj.Config.Devfs_ruleset)
		err = deleteDevfsRuleset(cj)
		if err != nil {
			fmt.Printf("ERROR: %s\n", err.Error())
		} else {
			fmt.Printf("  > Remove devfsruleset %s: OK\n", cj.Config.Devfs_ruleset)
		}
		
		fmt.Printf("  > Stop jail %s:\n", cj.Name)
		err = stopJail(cj)
		if err != nil {
			fmt.Printf("ERROR: %s\n", err.Error())
		} else {
			fmt.Printf("  > Stop jail %s: OK\n", cj.Name)
		}
*/

	}
}
Start implementing gocage start 2021-12-21 20:48:07 +01:00			`package cmd`

			`import (`
			`"os"`
			`"fmt"`
			`// "log"`
			`"errors"`
			`"regexp"`
			`// "os/exec"`
			`// "reflect"`
			`"strings"`
Set property K for int type + write config to disk 2022-04-02 21:38:54 +02:00			`"strconv"`
Start implementing gocage start 2021-12-21 20:48:07 +01:00			`)`

WIP: set jail properties 2022-04-02 17:12:51 +02:00			`func SetJailProperties(args []string) {`
			`type properties struct {`
			`name string`
			`value string`
			`}`

			`var jail Jail`
			`var props []properties`

			`if len(args) > 0 {`
			`for i, a := range args {`
			`// This is the jail name`
			`if i == len(args)-1 {`
			`jail.Name = a`
			`} else {`
			`kv := strings.Split(a, "=")`
			`if len(kv) != 2 {`
			`// TODO : Show help`
			`fmt.Printf("Error parsing args: %s\n", a)`
			`return`
			`} else {`
			`p := properties{name: kv[0], value: kv[1]}`
			`props = append(props, p)`
			`}`
			`}`
			`}`
			`}`

			`if len(jail.Name) == 0 \|\| len(args) == 0 {`
			`// TODO : Show help`
			`fmt.Printf("Error\n")`
			`return`
			`}`

			`for _, p := range props {`
WIP: Implementing setJailProperty, add recursivity to getStructFieldValue 2022-04-02 21:15:06 +02:00			`err := setJailProperty(&jail, p.name, p.value)`
			`if err != nil {`
			`fmt.Printf("Error: %s\n", err.Error())`
			`return`
			`}`
WIP: set jail properties 2022-04-02 17:12:51 +02:00			`}`
			`}`

Set property K for int type + write config to disk 2022-04-02 21:38:54 +02:00			`// TODO : Support types. For now we just update int, other types will crash`
Mount local FS; get struct pointer so we can modify values 2022-04-02 14:18:50 +02:00			`// WIP. Not working now (need to address the real struct field, not a copy of it)`
			`// setJailProperty takes a string as propValue, whatever the real property type is.`
			`// It will be converted.`
			`func setJailProperty(jail *Jail, propName string, propValue string) error {`
			`// First get propName type, to convert propValue`
			`/* k, _, err := getStructFieldKind(jail, propName)`
			`if err != nil {`
			`return err`
			`}`
			`kind := k.String()`
			`*/`

			`for i, j := range gJails {`
			`if j.Name == jail.Name {`
			`val, _, err := getStructFieldValue(&gJails[i], propName)`
WIP: Implementing setJailProperty, add recursivity to getStructFieldValue 2022-04-02 21:15:06 +02:00			`//val, _, err := getStructFieldValue(&gJails[i].Config, strings.Split(propName, ".")[1])`
Mount local FS; get struct pointer so we can modify values 2022-04-02 14:18:50 +02:00			`if err != nil {`
WIP: Implementing setJailProperty, add recursivity to getStructFieldValue 2022-04-02 21:15:06 +02:00			`return err`
Mount local FS; get struct pointer so we can modify values 2022-04-02 14:18:50 +02:00			`}`

			`/*if kind == "string" {`
			`// WIll the affectation be done in source object or a copy?`
			`val.Set(propValue)`
			`} else if kind == "int" {`
			`v, err := strconv.Atoi(propValue)`
			`if err != nil {`
			`return errors.New(fmt.Sprintf("propValue have wrong type: %s\n", err.Error()))`
			`}`
			`val.Set(v)`
			`} else {`
			`return errors.New(fmt.Sprintf("Property %s have an unsupported type in setJailProperty!\n", propName))`
			`}*/`

Set property K for int type + write config to disk 2022-04-02 21:38:54 +02:00			`if val.CanSet() {`
			`ival, err := strconv.Atoi(propValue)`
			`if err != nil {`
			`return err`
			`}`
			`val.SetInt(int64(ival))`
			`fmt.Printf("%s: %s set to %s\n", jail.Name, propName, propValue)`
			`gJails[i].ConfigUpdated = true`
			`} else {`
			`return errors.New(fmt.Sprintf("Field is not writable : %s", propName))`
			`}`
Mount local FS; get struct pointer so we can modify values 2022-04-02 14:18:50 +02:00			`}`
			`}`

			`return nil`
			`}`

Set property K for int type + write config to disk 2022-04-02 21:38:54 +02:00			`// FIXME : Do not work?!`
Mount local FS; get struct pointer so we can modify values 2022-04-02 14:18:50 +02:00			`// We cant use internalName as the value exist only when jail is running`
			`func setJailConfigUpdated(jail *Jail) error {`
			`if len(jail.ConfigPath) == 0 {`
			`return errors.New(fmt.Sprintf("No config path for jail %s", jail.Name))`
			`}`

			`for i, j := range gJails {`
Set property K for int type + write config to disk 2022-04-02 21:38:54 +02:00			`if jail.Name == j.Name {`
			`fmt.Printf("Tag %s as configUpdated\n", jail.Name)`
Mount local FS; get struct pointer so we can modify values 2022-04-02 14:18:50 +02:00			`gJails[i].ConfigUpdated = true`
			`return nil`
			`}`
			`}`

			`return errors.New("Jail not found")`
			`}`

			`func mountProcFs(jail *Jail) error {`
Bugfix 2022-04-02 15:38:24 +02:00			`cmd := fmt.Sprintf("mount -t procfs proc %s/proc", jail.RootPath)`
Mount local FS; get struct pointer so we can modify values 2022-04-02 14:18:50 +02:00			`_, err := executeCommand(cmd)`
			`if err != nil {`
			`return errors.New(fmt.Sprintf("Error mounting procfs on %s/proc: %s", jail.RootPath, err.Error()))`
			`}`

			`return nil`
			`}`

			`func mountLinProcFs(jail *Jail) error {`
			`ldir := fmt.Sprintf("%s/compat/linux/proc", jail.RootPath)`
			`_, err := os.Stat(ldir)`
			`if os.IsNotExist(err) {`
			`errDir := os.MkdirAll(ldir, 0755)`
			`if errDir != nil {`
			`return errors.New(fmt.Sprintf("Error creating directory %s: %s", ldir, errDir.Error()))`
			`}`
			`}`
Bugfix 2022-04-02 15:38:24 +02:00			`cmd := fmt.Sprintf("mount -t linprocfs linproc %s", ldir)`
Mount local FS; get struct pointer so we can modify values 2022-04-02 14:18:50 +02:00			`_, err = executeCommand(cmd)`
			`if err != nil {`
			`return errors.New(fmt.Sprintf("Error mounting linprocfs on %s: %s", ldir, err.Error()))`
			`}`

			`return nil`
			`}`

			`func mountDevFs(jail *Jail) error {`
Bugfix 2022-04-02 15:38:24 +02:00			`cmd := fmt.Sprintf("mount -t devfs dev %s/dev", jail.RootPath)`
Mount local FS; get struct pointer so we can modify values 2022-04-02 14:18:50 +02:00			`_, err := executeCommand(cmd)`
			`if err != nil {`
			`return errors.New(fmt.Sprintf("Error mounting devfs on %s/dev: %s", jail.RootPath, err.Error()))`
			`}`

			`return nil`
			`}`

			`func mountFdescFs(jail *Jail) error {`
			`// FreeBSD <= 9.3 do not support fdescfs`
			`if gHostVersion <= 9.3 {`
			`fmt.Printf(" FreeBSD <= 9.3 does not support fdescfs, disabling in config\n")`
			`jail.Config.Mount_fdescfs = 0`
			`// Tag config so it will be synced on disk`
			`jail.ConfigUpdated = true`

			`// Should we consider this an error?`
			`return nil`
			`}`

Bugfix 2022-04-02 15:38:24 +02:00			`cmd := fmt.Sprintf("mount -t fdescfs descfs %s/dev/fd", jail.RootPath)`
Mount local FS; get struct pointer so we can modify values 2022-04-02 14:18:50 +02:00			`_, err := executeCommand(cmd)`
			`if err != nil {`
			`return errors.New(fmt.Sprintf("Error mounting fdescfs on %s/dev/fd: %s", jail.RootPath, err.Error()))`
			`}`

			`return nil`
			`}`
Start implementing gocage start 2021-12-21 20:48:07 +01:00
			`func mountAllJailFsFromHost(jail *Jail) error {`
			`procfsFound := false`
			`linProcfsFound := false`
			`devfsFound := false`
			`fdescfsFound := false`

			`cmd := "mount -p"`
			`out, err := executeCommand(cmd)`
			`if err != nil {`
			`return errors.New(fmt.Sprintf("Error executing mount: %s", err.Error()))`
			`}`

			`var outclean []string`
			remSpPtrn := regexp.MustCompile(`\s+`)
			`for _, l := range strings.Split(out, "\n") {`
			`outclean = append(outclean, remSpPtrn.ReplaceAllString(l, " "))`
			`}`

			`// Check if these FS are already mounted`
			`for _, l := range outclean {`
			`f := strings.Split(l, " ")`
			`if len(f) > 2 {`

			`if strings.EqualFold(f[1], fmt.Sprintf("%s/proc", jail.RootPath)) {`
			`procfsFound = true`
			`}`
			`if strings.EqualFold(f[1], fmt.Sprintf("%s/compat/linux/proc", jail.RootPath)) {`
			`linProcfsFound = true`
			`}`
			`if strings.EqualFold(f[1], fmt.Sprintf("%s/dev", jail.RootPath)) {`
			`devfsFound = true`
			`}`
			`if strings.EqualFold(f[1], fmt.Sprintf("%s/dev/fd", jail.RootPath)) {`
			`fdescfsFound = true`
			`}`
			`}`
			`}`

			`// Mount wanted FS`
			`if jail.Config.Mount_procfs > 0 && procfsFound == false {`
Mount local FS; get struct pointer so we can modify values 2022-04-02 14:18:50 +02:00			`err := mountProcFs(jail)`
Start implementing gocage start 2021-12-21 20:48:07 +01:00			`if err != nil {`
Mount local FS; get struct pointer so we can modify values 2022-04-02 14:18:50 +02:00			`return err`
Start implementing gocage start 2021-12-21 20:48:07 +01:00			`}`
			`}`
Mount local FS; get struct pointer so we can modify values 2022-04-02 14:18:50 +02:00
Start implementing gocage start 2021-12-21 20:48:07 +01:00			`if jail.Config.Mount_linprocfs > 0 && linProcfsFound == false {`
Mount local FS; get struct pointer so we can modify values 2022-04-02 14:18:50 +02:00			`err = mountLinProcFs(jail)`
Start implementing gocage start 2021-12-21 20:48:07 +01:00			`if err != nil {`
Mount local FS; get struct pointer so we can modify values 2022-04-02 14:18:50 +02:00			`return err`
Start implementing gocage start 2021-12-21 20:48:07 +01:00			`}`
			`}`
Mount local FS; get struct pointer so we can modify values 2022-04-02 14:18:50 +02:00
Start implementing gocage start 2021-12-21 20:48:07 +01:00			`if jail.Config.Mount_devfs > 0 && devfsFound == false {`
Mount local FS; get struct pointer so we can modify values 2022-04-02 14:18:50 +02:00			`err := mountDevFs(jail)`
			`if err != nil {`
			`return err`
			`}`
Start implementing gocage start 2021-12-21 20:48:07 +01:00			`}`
			`if jail.Config.Mount_fdescfs > 0 && fdescfsFound == false {`
Mount local FS; get struct pointer so we can modify values 2022-04-02 14:18:50 +02:00			`err := mountFdescFs(jail)`
			`if err != nil {`
			`return err`
			`}`
			`}`


			`// Ces montages doivent-ils etre effectués une fois le jail démarré?`

			`// FreeBSD <= 9.3 do not support fdescfs`
			`//if gHostVersion <= 9.3 && jail.Config.Allow_mount_tmpfs > 0 {`
			`if gHostVersion <= 9.3 && jail.Config.Allow_mount_tmpfs > 0 {`
			`fmt.Printf(" FreeBSD <= 9.3 does not support tmpfs, disabling in config\n")`
			`jail.Config.Allow_mount_tmpfs = 0`
			`// Tag config so it will be synced on disk`
			`jail.ConfigUpdated = true`
			`err = setJailConfigUpdated(jail)`
			`if err != nil {`
			`fmt.Printf(fmt.Sprintf("Error updating config for jail %s: %s", jail.Name, err.Error()))`
			`return err`
			`}`
			`}`

			`if gHostVersion < 12 {`
			`if jail.Config.Allow_mlock > 0 {`
			`jail.Config.Allow_mlock = 0`
			`jail.ConfigUpdated = true`
			`/* WIP`
			`err = setJailProperty(jail, "Config.Allow_mlock", "0")`
			`if err != nil {`
			`return err`
			`}*/`
			`}`
			`if jail.Config.Allow_mount_fusefs > 0 {`
			`}`
			`if jail.Config.Allow_vmm > 0 {`
			`}`
Start implementing gocage start 2021-12-21 20:48:07 +01:00			`}`

			`return nil`
			`}`

Mount local FS; get struct pointer so we can modify values 2022-04-02 14:18:50 +02:00
Start implementing gocage start 2021-12-21 20:48:07 +01:00			`// TODO`
Mount local FS; get struct pointer so we can modify values 2022-04-02 14:18:50 +02:00			`func prepareJailedZfsDatasets(jail *Jail) error {`
Start implementing gocage start 2021-12-21 20:48:07 +01:00			`if jail.Config.Jail_zfs > 0 {`
Mount local FS; get struct pointer so we can modify values 2022-04-02 14:18:50 +02:00			`// For jail to mount filesystem, enforce_statfs should be 1 or lower (2 is the default)`
Start implementing gocage start 2021-12-21 20:48:07 +01:00			`// TODO : Write these changes in jail config file`
			`jail.Config.Allow_mount = 1`
			`jail.Config.Allow_mount_zfs = 1`
Mount local FS; get struct pointer so we can modify values 2022-04-02 14:18:50 +02:00			`// TODO : Overload Json Unmarshalling to fix bad typed values, keeping iocage compatibility`
			`if jail.Config.Enforce_statfs > "1" {`
			`jail.Config.Enforce_statfs = "1"`
			`}`
Start implementing gocage start 2021-12-21 20:48:07 +01:00			`for _, d := range strings.Split(jail.Config.Jail_zfs_dataset, " ") {`
Mount local FS; get struct pointer so we can modify values 2022-04-02 14:18:50 +02:00			`// Check if dataset exist, create if necessary`
			`cmd := fmt.Sprintf("zfs get -H creation %s/%s", jail.Zpool, d)`
			`out, err := executeCommand(cmd)`
			`if err != nil {`
			`if strings.HasSuffix(out, "dataset does not exist") {`
			`cmd = fmt.Sprintf("zfs create -o compression=lz4 -o mountpoint=none %s/%s", jail.Zpool, d)`
			`_, err = executeCommand(cmd)`
			`if err != nil {`
			`return errors.New(fmt.Sprintf("Error creating dataset %s/%s: %s", jail.Zpool, d, err.Error()))`
			`}`
			`} else {`
			`return errors.New(fmt.Sprintf("Error getting zfs dataset %s: %s", d, err.Error()))`
			`}`
			`}`

			`cmd = fmt.Sprintf("zfs set jailed=on %s/%s", jail.Zpool, d)`
			`out, err = executeCommand(cmd)`
			`if err != nil {`
			`return errors.New(fmt.Sprintf("Error executing \"zfs set jailed=on %s/%s\": %s", jail.Zpool, d, err.Error()))`
			`}`
			`// TODO : Execute "zfs jail $jailname $dataset" when jail will be up`
Start implementing gocage start 2021-12-21 20:48:07 +01:00			`}`
			`}`
			`return nil`
			`}`
Mount local FS; get struct pointer so we can modify values 2022-04-02 14:18:50 +02:00
Start implementing gocage start 2021-12-21 20:48:07 +01:00

			`/*`
			`Start jail:`
			`Check jail fstab?`
			`Mount procfs`
			`Mount linprocfs`
			`Mount devfs?`
			`Mount fdescfs?`
			`If jail_zfs, then check jail_zfs_dataset exist (and create otherwise)`
			`TODO : Check NAT settings and compatibility with other jails`
			`Generate devfsruleset from configured`
			`Write config file in /var/run/jails.ioc-$NAME.conf`
			`Execute PreStart (Exec_prestart)`
			`Start jail (With ENV VARS for network conf)`
			`Start networking`
			`Mount jail_zfs_datasets inside jail`
			`Generate resolv.Conf`
			`Copy /etc/localtime into jail (?)`
			`Configure NAT`
			`Execute Exec_start into jail`
			`Execute Exec_poststart`
			`If DHCP, check with ifconfig inside jail`
			`Set RCTL Rules`

			`Use setfib for each jail command`
			`*/`
			`func StartJail(args []string) {`
			`// jail we have to start`
			`var cj *Jail`

			`for _, j := range args {`
			`fmt.Printf("> Starting jail %s\n", j)`

Mount local FS; get struct pointer so we can modify values 2022-04-02 14:18:50 +02:00			`for i, rj := range gJails {`
Start implementing gocage start 2021-12-21 20:48:07 +01:00			`if rj.Name == j {`
Mount local FS; get struct pointer so we can modify values 2022-04-02 14:18:50 +02:00			`// Get jail reference, not a copy of it; So we can modify attributes`
			`cj = &gJails[i]`
Start implementing gocage start 2021-12-21 20:48:07 +01:00			`break`
			`}`
			`}`
			`if cj == nil {`
			`fmt.Printf("Jail not found: %s\n", j)`
			`continue`
			`}`

			`if cj.Running == true {`
			`fmt.Printf("Jail %s is already running!\n", cj.Name)`
			`continue`
			`}`

			`fmt.Printf(" > Mount special filesystems:\n")`
			`err := mountAllJailFsFromHost(cj)`
			`if err != nil {`
			`fmt.Printf("ERROR: %s\n", err.Error())`
			`} else {`
			`fmt.Printf(" > Mount special filesystems: OK\n")`
			`}`

Mount local FS; get struct pointer so we can modify values 2022-04-02 14:18:50 +02:00			`if cj.Config.Jail_zfs > 0 {`
			`fmt.Printf(" > Prepare ZFS Datasets:\n")`
			`err := prepareJailedZfsDatasets(cj)`
			`if err != nil {`
			`fmt.Printf("ERROR: %s\n", err.Error())`
			`} else {`
			`fmt.Printf(" > Prepare ZFS Datasets: OK\n")`
			`}`
			`}`

Start implementing gocage start 2021-12-21 20:48:07 +01:00
			`/*`
			`out, err := executeCommand(fmt.Sprintf("rctl jail:%s", cj.InternalName))`
			`if err == nil && len(out) > 0 {`
			`fmt.Printf(" > Remove RCTL rules:\n")`
			`err := removeRctlRules(cj.InternalName, []string{""})`
			`if err != nil {`
			`fmt.Printf("ERROR: %s\n", err.Error())`
			`} else {`
			`fmt.Printf(" > Remove RCTL rules: OK\n")`
			`}`
			`}`

			`if len (cj.Config.Exec_prestop) > 0 {`
			`fmt.Printf(" > Execute prestop:\n")`
			`_, err := executeCommand(cj.Config.Exec_prestop)`
			`if err != nil {`
			`fmt.Printf("ERROR: %s\n", err.Error())`
			`} else {`
			`fmt.Printf(" > Execute prestop: OK\n")`
			`}`
			`}`

			`if len (cj.Config.Exec_stop) > 0 {`
			`fmt.Printf(" > Execute stop:\n")`
			`_, err := executeCommandInJail(cj, cj.Config.Exec_stop)`
			`if err != nil {`
			`fmt.Printf("ERROR: %s\n", err.Error())`
			`} else {`
			`fmt.Printf(" > Execute stop: OK\n")`
			`}`
			`}`

			`if cj.Config.Jail_zfs > 0 {`
			`fmt.Printf(" > Umount jailed ZFS:\n")`
			`err := umountAndUnjailZFS(cj)`
			`if err != nil {`
			`fmt.Printf("ERROR: %s\n", err.Error())`
			`} else {`
			`fmt.Printf(" > Umount jailed ZFS: OK\n")`
			`}`
			`}`

			`if cj.Config.Vnet > 0 && len(cj.Config.Ip4_addr) > 0 {`
			`fmt.Printf(" > Destroy VNet interfaces:\n")`
			`err := destroyVNetInterfaces(cj)`
			`if err != nil {`
			`fmt.Printf("ERROR: %s\n", err.Error())`
			`} else {`
			`fmt.Printf(" > Destroy VNet interfaces: OK\n")`
			`}`
			`}`

			`fmt.Printf(" > Remove devfsruleset %s:\n", cj.Config.Devfs_ruleset)`
			`err = deleteDevfsRuleset(cj)`
			`if err != nil {`
			`fmt.Printf("ERROR: %s\n", err.Error())`
			`} else {`
			`fmt.Printf(" > Remove devfsruleset %s: OK\n", cj.Config.Devfs_ruleset)`
			`}`

			`fmt.Printf(" > Stop jail %s:\n", cj.Name)`
			`err = stopJail(cj)`
			`if err != nil {`
			`fmt.Printf("ERROR: %s\n", err.Error())`
			`} else {`
			`fmt.Printf(" > Stop jail %s: OK\n", cj.Name)`
			`}`
			`*/`

			`}`
			`}`