yo/gocage
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

Start implementing gocage start

Browse Source
This commit is contained in:
yo
2021-12-21 20:48:07 +01:00
parent 12c0a37617
commit ea25db2f27
1 changed files with 238 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

238
cmd/start.go Normal file
View File

@ -0,0 +1,238 @@
package cmd
import (
"os"
"fmt"
// "log"
"errors"
"regexp"
// "os/exec"
// "reflect"
"strings"
)
func mountAllJailFsFromHost(jail *Jail) error {
procfsFound := false
linProcfsFound := false
devfsFound := false
fdescfsFound := false
cmd := "mount -p"
out, err := executeCommand(cmd)
if err != nil {
return errors.New(fmt.Sprintf("Error executing mount: %s", err.Error()))
}
var outclean []string
remSpPtrn := regexp.MustCompile(`\s+`)
for _, l := range strings.Split(out, "\n") {
outclean = append(outclean, remSpPtrn.ReplaceAllString(l, " "))
}
// Check if these FS are already mounted
for _, l := range outclean {
f := strings.Split(l, " ")
if len(f) > 2 {
if strings.EqualFold(f[1], fmt.Sprintf("%s/proc", jail.RootPath)) {
procfsFound = true
}
if strings.EqualFold(f[1], fmt.Sprintf("%s/compat/linux/proc", jail.RootPath)) {
linProcfsFound = true
}
if strings.EqualFold(f[1], fmt.Sprintf("%s/dev", jail.RootPath)) {
devfsFound = true
}
if strings.EqualFold(f[1], fmt.Sprintf("%s/dev/fd", jail.RootPath)) {
fdescfsFound = true
}
}
}
// Mount wanted FS
if jail.Config.Mount_procfs > 0 && procfsFound == false {
cmd = fmt.Sprintf("mount -t procfs proc %s/proc", jail.RootPath)
_, err := executeCommand(cmd)
if err != nil {
return errors.New(fmt.Sprintf("Error mounting procfs on %s/proc: %s", jail.RootPath, err.Error()))
}
}
if jail.Config.Mount_linprocfs > 0 && linProcfsFound == false {
ldir := fmt.Sprintf("%s/compat/linux/proc", jail.RootPath)
_, err := os.Stat(ldir)
if os.IsNotExist(err) {
errDir := os.MkdirAll(ldir, 0755)
if errDir != nil {
return errors.New(fmt.Sprintf("Error creating directory %s: %s", ldir, errDir.Error()))
}
}
cmd = fmt.Sprintf("mount -t linprocfs proc %s", ldir)
_, err = executeCommand(cmd)
if err != nil {
return errors.New(fmt.Sprintf("Error mounting linprocfs on %s: %s", ldir, err.Error()))
}
}
if jail.Config.Mount_devfs > 0 && devfsFound == false {
cmd = fmt.Sprintf("mount -t devfs dev %s/dev", jail.RootPath)
_, err := executeCommand(cmd)
if err != nil {
return errors.New(fmt.Sprintf("Error mounting devfs on %s/dev: %s", jail.RootPath, err.Error()))
}
}
if jail.Config.Mount_fdescfs > 0 && fdescfsFound == false {
cmd = fmt.Sprintf("mount -t fdescfs descfs %s/dev/fd", jail.RootPath)
_, err := executeCommand(cmd)
if err != nil {
return errors.New(fmt.Sprintf("Error mounting fdescfs on %s/dev/fd: %s", jail.RootPath, err.Error()))
}
}
return nil
}
/*
// TODO
func mountJailZfs(jail *Jail) error {
if jail.Config.Jail_zfs > 0 {
// TODO : Write these changes in jail config file
jail.Config.Allow_mount = 1
jail.Config.Allow_mount_zfs = 1
for _, d := range strings.Split(jail.Config.Jail_zfs_dataset, " ") {
}
}
return nil
}
*/
/*
Start jail:
Check jail fstab?
Mount procfs
Mount linprocfs
Mount devfs?
Mount fdescfs?
If jail_zfs, then check jail_zfs_dataset exist (and create otherwise)
TODO : Check NAT settings and compatibility with other jails
Generate devfsruleset from configured
Write config file in /var/run/jails.ioc-$NAME.conf
Execute PreStart (Exec_prestart)
Start jail (With ENV VARS for network conf)
Start networking
Mount jail_zfs_datasets inside jail
Generate resolv.Conf
Copy /etc/localtime into jail (?)
Configure NAT
Execute Exec_start into jail
Execute Exec_poststart
If DHCP, check with ifconfig inside jail
Set RCTL Rules
Use setfib for each jail command
*/
func StartJail(args []string) {
// jail we have to start
var cj *Jail
for _, j := range args {
fmt.Printf("> Starting jail %s\n", j)
for _, rj := range gJails {
if rj.Name == j {
cj = &rj
break
}
}
if cj == nil {
fmt.Printf("Jail not found: %s\n", j)
continue
}
if cj.Running == true {
fmt.Printf("Jail %s is already running!\n", cj.Name)
continue
}
fmt.Printf(" > Mount special filesystems:\n")
err := mountAllJailFsFromHost(cj)
if err != nil {
fmt.Printf("ERROR: %s\n", err.Error())
} else {
fmt.Printf(" > Mount special filesystems: OK\n")
}
/*
out, err := executeCommand(fmt.Sprintf("rctl jail:%s", cj.InternalName))
if err == nil && len(out) > 0 {
fmt.Printf(" > Remove RCTL rules:\n")
err := removeRctlRules(cj.InternalName, []string{""})
if err != nil {
fmt.Printf("ERROR: %s\n", err.Error())
} else {
fmt.Printf(" > Remove RCTL rules: OK\n")
}
}
if len (cj.Config.Exec_prestop) > 0 {
fmt.Printf(" > Execute prestop:\n")
_, err := executeCommand(cj.Config.Exec_prestop)
if err != nil {
fmt.Printf("ERROR: %s\n", err.Error())
} else {
fmt.Printf(" > Execute prestop: OK\n")
}
}
if len (cj.Config.Exec_stop) > 0 {
fmt.Printf(" > Execute stop:\n")
_, err := executeCommandInJail(cj, cj.Config.Exec_stop)
if err != nil {
fmt.Printf("ERROR: %s\n", err.Error())
} else {
fmt.Printf(" > Execute stop: OK\n")
}
}
if cj.Config.Jail_zfs > 0 {
fmt.Printf(" > Umount jailed ZFS:\n")
err := umountAndUnjailZFS(cj)
if err != nil {
fmt.Printf("ERROR: %s\n", err.Error())
} else {
fmt.Printf(" > Umount jailed ZFS: OK\n")
}
}
if cj.Config.Vnet > 0 && len(cj.Config.Ip4_addr) > 0 {
fmt.Printf(" > Destroy VNet interfaces:\n")
err := destroyVNetInterfaces(cj)
if err != nil {
fmt.Printf("ERROR: %s\n", err.Error())
} else {
fmt.Printf(" > Destroy VNet interfaces: OK\n")
}
}
fmt.Printf(" > Remove devfsruleset %s:\n", cj.Config.Devfs_ruleset)
err = deleteDevfsRuleset(cj)
if err != nil {
fmt.Printf("ERROR: %s\n", err.Error())
} else {
fmt.Printf(" > Remove devfsruleset %s: OK\n", cj.Config.Devfs_ruleset)
}
fmt.Printf(" > Stop jail %s:\n", cj.Name)
err = stopJail(cj)
if err != nil {
fmt.Printf("ERROR: %s\n", err.Error())
} else {
fmt.Printf(" > Stop jail %s: OK\n", cj.Name)
}
*/
}
}