umount procfs, linprofs, fdescfs and devfs at jail stop
This commit is contained in:
parent
485330f821
commit
9af50111f3
71
cmd/stop.go
71
cmd/stop.go
@ -5,6 +5,7 @@ import (
|
|||||||
"fmt"
|
"fmt"
|
||||||
// "log"
|
// "log"
|
||||||
"errors"
|
"errors"
|
||||||
|
"regexp"
|
||||||
"os/exec"
|
"os/exec"
|
||||||
// "reflect"
|
// "reflect"
|
||||||
"strings"
|
"strings"
|
||||||
@ -114,6 +115,32 @@ func deleteDevfsRuleset(jail *Jail) error {
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
func umountJailFsFromHost(jail *Jail, mountpoint string) error {
|
||||||
|
cmd := "mount -p"
|
||||||
|
out, err := executeCommand(cmd)
|
||||||
|
if err != nil {
|
||||||
|
return errors.New(fmt.Sprintf("Error executing mount: %s", err.Error()))
|
||||||
|
}
|
||||||
|
|
||||||
|
remSpPtrn := regexp.MustCompile(`\s+`)
|
||||||
|
for _, l := range strings.Split(out, "\n") {
|
||||||
|
f := strings.Split(remSpPtrn.ReplaceAllString(l, " "), " ")
|
||||||
|
if len(f) > 2 {
|
||||||
|
if strings.EqualFold(f[1], fmt.Sprintf("%s%s", jail.RootPath, mountpoint)) {
|
||||||
|
cmd = fmt.Sprintf("umount %s%s", jail.RootPath, mountpoint)
|
||||||
|
_, err := executeCommand(cmd)
|
||||||
|
if err != nil {
|
||||||
|
return errors.New(fmt.Sprintf("Error umounting %s/%s: %s", jail.RootPath, mountpoint, err.Error()))
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
// Internal usage only
|
// Internal usage only
|
||||||
func stopJail(jail *Jail) error {
|
func stopJail(jail *Jail) error {
|
||||||
cmd := "jail -q"
|
cmd := "jail -q"
|
||||||
@ -147,6 +174,10 @@ func stopJail(jail *Jail) error {
|
|||||||
Delete devfs ruleset
|
Delete devfs ruleset
|
||||||
Effectively stop jail process
|
Effectively stop jail process
|
||||||
Umount all mountpoints from $jail/fstab
|
Umount all mountpoints from $jail/fstab
|
||||||
|
Umount proc if set
|
||||||
|
Umount linprocfs if set
|
||||||
|
Umount fdescfs if set
|
||||||
|
Umount devfs if set
|
||||||
|
|
||||||
Use setfib for each command
|
Use setfib for each command
|
||||||
|
|
||||||
@ -240,6 +271,46 @@ func StopJail(args []string) {
|
|||||||
} else {
|
} else {
|
||||||
fmt.Printf(" > Stop jail %s: OK\n", cj.Name)
|
fmt.Printf(" > Stop jail %s: OK\n", cj.Name)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if cj.Config.Mount_procfs > 0 {
|
||||||
|
fmt.Printf(" > Umount procfs:\n")
|
||||||
|
err := umountJailFsFromHost(cj, "/proc")
|
||||||
|
if err != nil {
|
||||||
|
fmt.Printf("ERROR: %s\n", err.Error())
|
||||||
|
} else {
|
||||||
|
fmt.Printf(" > Umount procfs: OK\n")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if cj.Config.Mount_linprocfs > 0 {
|
||||||
|
fmt.Printf(" > Umount linprocfs:\n")
|
||||||
|
err := umountJailFsFromHost(cj, "/compat/linux/proc")
|
||||||
|
if err != nil {
|
||||||
|
fmt.Printf("ERROR: %s\n", err.Error())
|
||||||
|
} else {
|
||||||
|
fmt.Printf(" > Umount linprocfs: OK\n")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if cj.Config.Mount_fdescfs > 0 {
|
||||||
|
fmt.Printf(" > Umount fdescfs:\n")
|
||||||
|
err := umountJailFsFromHost(cj, "/dev/fd")
|
||||||
|
if err != nil {
|
||||||
|
fmt.Printf("ERROR: %s\n", err.Error())
|
||||||
|
} else {
|
||||||
|
fmt.Printf(" > Umount fdescfs: OK\n")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if cj.Config.Mount_devfs > 0 {
|
||||||
|
fmt.Printf(" > Umount devfs:\n")
|
||||||
|
err := umountJailFsFromHost(cj, "/dev")
|
||||||
|
if err != nil {
|
||||||
|
fmt.Printf("ERROR: %s\n", err.Error())
|
||||||
|
} else {
|
||||||
|
fmt.Printf(" > Umount devfs: OK\n")
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user