2022-04-05 20:58:33 +02:00
|
|
|
package cmd
|
|
|
|
|
|
|
|
|
|
import (
|
2022-06-18 11:08:03 +02:00
|
|
|
"os"
|
2022-04-05 20:58:33 +02:00
|
|
|
"fmt"
|
2022-06-18 11:08:03 +02:00
|
|
|
"log"
|
2022-07-10 14:14:12 +02:00
|
|
|
"errors"
|
2022-06-18 11:08:03 +02:00
|
|
|
"strconv"
|
|
|
|
|
"syscall"
|
2022-04-05 20:58:33 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func ShellJail(args []string) error {
|
2022-06-18 11:08:03 +02:00
|
|
|
// We cant shell more than one jail bc we replace gocage execution with jexec, so there wont be no return to gocage
|
2022-04-05 20:58:33 +02:00
|
|
|
if len(args) > 0 {
|
2023-08-06 14:50:33 +02:00
|
|
|
cj, err := getJailFromArray(args[0], []string{"basejail", "jail"}, gJails)
|
2022-07-10 14:14:12 +02:00
|
|
|
if err != nil {
|
|
|
|
|
fmt.Printf("Error getting jail %s: %v\n", args[0], err)
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := shellJail(cj); err != nil {
|
|
|
|
|
fmt.Printf("%v\n", err)
|
|
|
|
|
return err
|
2022-04-05 20:58:33 +02:00
|
|
|
}
|
|
|
|
|
}
|
2022-07-10 14:14:12 +02:00
|
|
|
|
2022-04-05 20:58:33 +02:00
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2022-07-10 14:14:12 +02:00
|
|
|
func shellJail(jail *Jail) error {
|
|
|
|
|
if false == jail.Running {
|
|
|
|
|
return errors.New("Jail is not running")
|
|
|
|
|
}
|
2023-07-23 15:10:11 +02:00
|
|
|
|
2022-06-18 11:08:03 +02:00
|
|
|
jid := strconv.Itoa(jail.JID)
|
|
|
|
|
|
2022-07-10 21:13:36 +02:00
|
|
|
err := syscall.Exec("/usr/sbin/jexec", []string{"jexec", jid, "login", "-f", "root"}, os.Environ())
|
2022-06-18 11:08:03 +02:00
|
|
|
|
|
|
|
|
// We should never get here, as syscall.Exec replace the gocage binary execution with jexec
|
|
|
|
|
// This means the moment syscall.Exec fires, gocage execution halt.
|
2022-04-05 20:58:33 +02:00
|
|
|
if err != nil {
|
2022-06-18 11:08:03 +02:00
|
|
|
log.Printf("Exec returned %v\n", err)
|
2022-04-05 20:58:33 +02:00
|
|
|
}
|
2023-07-23 15:10:11 +02:00
|
|
|
|
2022-07-10 14:14:12 +02:00
|
|
|
return nil
|
2022-04-05 20:58:33 +02:00
|
|
|
}
|
