yo/gocage
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

BUGFIX removed usr from gBaseDirs as it should not be mounted from basejail

Browse Source
This commit is contained in:
yo 2023-08-06 14:51:05 +02:00
parent fce64b2939
commit 9208102c84
2 changed files with 27 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
cmd/create.go
View File

@ -5,6 +5,7 @@ import (
"fmt" "fmt"
//"log" //"log"
"time" "time"
"errors"
"strings" "strings"
cp "github.com/otiai10/copy" cp "github.com/otiai10/copy"
log "github.com/sirupsen/logrus" log "github.com/sirupsen/logrus"
@ -85,15 +86,24 @@ func CreateJail(args []string) {
fmt.Printf(" > Create base read-only directories\n") fmt.Printf(" > Create base read-only directories\n")
dstRootDir := fmt.Sprintf("%s/jails/%s/root", ds.Mountpoint, jname) dstRootDir := fmt.Sprintf("%s/jails/%s/root", ds.Mountpoint, jname)
for _, d := range append(gBaseDirs, gEmptyDirs...) { for _, d := range append(gBaseDirs, gEmptyDirs...) {
srcPerm, err := getPermissions(fmt.Sprintf("%s/%s", bj.RootPath, d)) dstPath := dstRootDir
if err != nil { srcPath := bj.RootPath
fmt.Printf("ERROR getting permissions of %s/%s: %s\n", bj.RootPath, d, err.Error()) for _, cd := range strings.Split(d, "/") {
return srcPath = fmt.Sprintf("%s/%s", srcPath, cd)
} dstPath = fmt.Sprintf("%s/%s", dstPath, cd)
err = os.Mkdir(fmt.Sprintf("%s/%s", dstRootDir, d), srcPerm.Mode().Perm()) _, err := os.Stat(dstPath)
if err != nil { if errors.Is(err, os.ErrNotExist) {
fmt.Printf("ERROR creating directory %s/%s: %s\n", dstRootDir, d, err.Error()) srcPerm, err := getPermissions(srcPath)
return if err != nil {
fmt.Printf("ERROR getting permissions of %s: %s\n", srcPath, err.Error())
return
}
err = os.Mkdir(dstPath, srcPerm.Mode().Perm())
if err != nil {
fmt.Printf("ERROR creating directory %s: %s\n", dstPath, err.Error())
return
}
}
} }
} }
@ -154,6 +164,11 @@ func CreateJail(args []string) {
return return
} }
defer fstabHandle.Close() defer fstabHandle.Close()
for _, d := range gBaseDirs {
fmt.Fprintf(fstabHandle, "%s\t%s\tnullfs\tro\t0\t0\n", fmt.Sprintf("%s/%s", bj.RootPath, d), fmt.Sprintf("%s/%s", dstRootDir, d))
}
fmt.Printf(" > Jail created!\n") fmt.Printf(" > Jail created!\n")
} else { } else {
/************************************************************************** /**************************************************************************
@ -252,6 +267,7 @@ func CreateJail(args []string) {
j.Config.Release = gCreateArgs.Release j.Config.Release = gCreateArgs.Release
j.Config.Host_hostname = jname j.Config.Host_hostname = jname
j.Config.Host_hostuuid = jname j.Config.Host_hostuuid = jname
j.Config.Jailtype = "jail"
j.WriteConfigToDisk(false) j.WriteConfigToDisk(false)
@ -265,6 +281,5 @@ func CreateJail(args []string) {
defer fstabHandle.Close() defer fstabHandle.Close()
fmt.Printf(" > Jail created!\n") fmt.Printf(" > Jail created!\n")
} }
// TODO : Set JailType
} }
} }

4
cmd/root.go
View File

@ -66,8 +66,8 @@ var (
gUpgradeRelease string gUpgradeRelease string
// For a based jail, these are directories binded to basejail // For a based jail, these are directories binded to basejail
gBaseDirs = []string{"bin", "boot", "lib", "libexec", "rescue", "sbin", "usr", "usr/bin", gBaseDirs = []string{"bin", "boot", "lib", "libexec", "rescue", "sbin", "usr/bin", "usr/include",
"usr/include", "usr/lib", "usr/lib32", "usr/libdata", "usr/libexec", "usr/sbin", "usr/share"} "usr/lib", "usr/lib32", "usr/libdata", "usr/libexec", "usr/sbin", "usr/share"}
// These directories are to be created empty // These directories are to be created empty
gEmptyDirs = []string{"dev", "media", "mnt", "net", "proc"} gEmptyDirs = []string{"dev", "media", "mnt", "net", "proc"}
// Copy these from base template // Copy these from base template