From 9af50111f3c162e60d5bec8ee7479e04bc3874f6 Mon Sep 17 00:00:00 2001
From: yo <johan@nosd.in>
Date: Sun, 19 Dec 2021 19:06:41 +0100
Subject: [PATCH] umount procfs, linprofs, fdescfs and devfs at jail stop

---
 cmd/stop.go | 71 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 71 insertions(+)

diff --git a/cmd/stop.go b/cmd/stop.go
index 68f63cd..113ef15 100644
--- a/cmd/stop.go
+++ b/cmd/stop.go
@@ -5,6 +5,7 @@ import (
 	"fmt"
 //	"log"
 	"errors"
+	"regexp"
 	"os/exec"
 //	"reflect"
 	"strings"
@@ -114,6 +115,32 @@ func deleteDevfsRuleset(jail *Jail) error {
 }
 
 
+func umountJailFsFromHost(jail *Jail, mountpoint string) error {
+	cmd := "mount -p"
+	out, err := executeCommand(cmd)
+	if err != nil {
+		return errors.New(fmt.Sprintf("Error executing mount: %s", err.Error()))
+	}
+
+	remSpPtrn := regexp.MustCompile(`\s+`)
+	for _, l := range strings.Split(out, "\n") {
+		f := strings.Split(remSpPtrn.ReplaceAllString(l, " "), " ")
+		if len(f) > 2 {
+			if strings.EqualFold(f[1], fmt.Sprintf("%s%s", jail.RootPath, mountpoint)) {
+				cmd = fmt.Sprintf("umount %s%s", jail.RootPath, mountpoint)
+				_, err := executeCommand(cmd)
+				if err != nil {
+					return errors.New(fmt.Sprintf("Error umounting %s/%s: %s", jail.RootPath, mountpoint, err.Error()))
+				}
+				return nil
+			}
+		}
+	}
+
+	return nil
+}
+
+
 // Internal usage only
 func stopJail(jail *Jail) error {
 	cmd := "jail -q"
@@ -147,6 +174,10 @@ func stopJail(jail *Jail) error {
 		Delete devfs ruleset
 		Effectively stop jail process
 		Umount all mountpoints from $jail/fstab
+		Umount proc if set
+		Umount linprocfs if set
+		Umount fdescfs if set
+		Umount devfs if set
 
 	Use setfib for each command
 
@@ -240,6 +271,46 @@ func StopJail(args []string) {
 		} else {
 			fmt.Printf("  > Stop jail %s: OK\n", cj.Name)
 		}
+
+		if cj.Config.Mount_procfs > 0 {
+			fmt.Printf("  > Umount procfs:\n")
+			err := umountJailFsFromHost(cj, "/proc")
+			if err != nil {
+				fmt.Printf("ERROR: %s\n", err.Error())
+			} else {
+				fmt.Printf("  > Umount procfs: OK\n")
+			}
+		}
+
+		if cj.Config.Mount_linprocfs > 0 {
+			fmt.Printf("  > Umount linprocfs:\n")
+			err := umountJailFsFromHost(cj, "/compat/linux/proc")
+			if err != nil {
+				fmt.Printf("ERROR: %s\n", err.Error())
+			} else {
+				fmt.Printf("  > Umount linprocfs: OK\n")
+			}
+		}
+
+		if cj.Config.Mount_fdescfs > 0 {
+			fmt.Printf("  > Umount fdescfs:\n")
+			err := umountJailFsFromHost(cj, "/dev/fd")
+			if err != nil {
+				fmt.Printf("ERROR: %s\n", err.Error())
+			} else {
+				fmt.Printf("  > Umount fdescfs: OK\n")
+			}
+		}
+
+		if cj.Config.Mount_devfs > 0 {
+			fmt.Printf("  > Umount devfs:\n")
+			err := umountJailFsFromHost(cj, "/dev")
+			if err != nil {
+				fmt.Printf("ERROR: %s\n", err.Error())
+			} else {
+				fmt.Printf("  > Umount devfs: OK\n")
+			}
+		}
 	}
 }