yo/gocage
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

Compare commits

base: yo:v0.30
Branches Tags
yo:master yo:api
yo:v0.42 yo:v0.41 yo:v0.40 yo:v0.39 yo:v0.38 yo:v0.37 yo:v0.35 yo:v0.34 yo:v0.31 yo:v0.30 yo:v0.29f yo:v0.25 yo:v0.24 yo:v0.23 yo:v0.22a yo:v0.2
..
compare: yo:v0.31
Branches Tags
yo:master yo:api
yo:v0.42 yo:v0.41 yo:v0.40 yo:v0.39 yo:v0.38 yo:v0.37 yo:v0.35 yo:v0.34 yo:v0.31 yo:v0.30 yo:v0.29f yo:v0.25 yo:v0.24 yo:v0.23 yo:v0.22a yo:v0.2

4 Commits
v0.30 ... v0.31

Author SHA1 Message Date
yo
07eccffbd1 Add Devfs_ruleset property to reflect generated RS 2022-10-15 16:33:29 +02:00
yo
7809107ea4 Update readme 2022-10-15 15:24:24 +02:00
yo
5ab0a59db4 Update readme 2022-10-15 15:23:58 +02:00
yo
1b27753718 Add service file 2022-10-15 15:16:26 +02:00
8 changed files with 88 additions and 28 deletions
Expand all files Collapse all files

10
README.md
View File

@ -143,7 +143,7 @@ gocage datastore list
+------------+-------------+------------+-----------+----------+------------+ +------------+-------------+------------+-----------+----------+------------+
</pre></code> </pre></code>
#### Filter datastores ### Filter datastores
As with jails and snapshots, you can filter by name: As with jails and snapshots, you can filter by name:
<pre><code> <pre><code>
gocage datastore list iocage gocage datastore list iocage
@ -154,7 +154,7 @@ gocage datastore list iocage
+------------+-------------+------------+-----------+----------+------------+ +------------+-------------+------------+-----------+----------+------------+
</pre></code> </pre></code>
#### Sort datastores ### Sort datastores
You can sort datastores: You can sort datastores:
<pre><code> <pre><code>
gocage datastore list -s -Available gocage datastore list -s -Available
@ -175,6 +175,11 @@ With multi datastore comes the need to migrate a jail between datastores.
Migration can be done with a minimal downtime, using zfs differential send/receive. Migration can be done with a minimal downtime, using zfs differential send/receive.
Source jail datasets are sent to the destination datastore, jail is stopped and a last differential sync is done before starting jail on new datastore. Source jail datasets are sent to the destination datastore, jail is stopped and a last differential sync is done before starting jail on new datastore.
### Warning
Be aware the moment you migrate a jail to another datastore than /iocage default, you lose compatibility with iocage.
Then you need to disable iocage service, and enable gocage so the jails will start automatically at boot.
Also make sure, if you don't destroy source jail, that it won't have the "boot" property set or you will have the 2 jails up at boot.
<pre><code> <pre><code>
gocage migrate -d fastiocage srv-random gocage migrate -d fastiocage srv-random
Snapshot data/iocage/jails/srv-random: Done Snapshot data/iocage/jails/srv-random: Done
@ -182,3 +187,4 @@ Snapshot data/iocage/jails/srv-random/root: Done
Migrate jail config dataset to fastdata/iocage/jails/srv-random: Done Migrate jail config dataset to fastdata/iocage/jails/srv-random: Done
Migrate jail filesystem dataset to fastdata/iocage/jails/srv-random/root: Done Migrate jail filesystem dataset to fastdata/iocage/jails/srv-random/root: Done
</pre></code> </pre></code>

1
cmd/list.go
View File

@ -273,6 +273,7 @@ func listJailsFromDirectory(dir string, dsname string) ([]Jail, error) {
j.JID = rj.Jid j.JID = rj.Jid
j.Running = true j.Running = true
j.InternalName = rj.Name j.InternalName = rj.Name
j.Devfs_ruleset = rj.Devfs_ruleset
break break
} }
} }

2
cmd/root.go
View File

@ -14,7 +14,7 @@ import (
) )
const ( const (
gVersion = "0.30" gVersion = "0.31"
// TODO : Get from $jail_zpool/defaults.json // TODO : Get from $jail_zpool/defaults.json
MIN_DYN_DEVFS_RULESET = 1000 MIN_DYN_DEVFS_RULESET = 1000

3
cmd/start.go
View File

@ -1331,8 +1331,9 @@ func StartJail(args []string) {
fmt.Printf(" > Start jail: OK\n") fmt.Printf(" > Start jail: OK\n")
fmt.Printf(" > With devfs ruleset %d\n", dynrs) fmt.Printf(" > With devfs ruleset %d\n", dynrs)
// Update running state and JID // Update running state, JID and Devfs_ruleset
cj.Running = true cj.Running = true
cj.Devfs_ruleset = dynrs
rjails, err := jail.GetJails() rjails, err := jail.GetJails()
if err != nil { if err != nil {
fmt.Printf("Error: Unable to list running jails\n") fmt.Printf("Error: Unable to list running jails\n")

18
cmd/stop.go
View File

@ -286,20 +286,13 @@ func StopJail(args []string) {
fmt.Printf(" > Destroy VNet interfaces: OK\n") fmt.Printf(" > Destroy VNet interfaces: OK\n")
} }
} }
// Get currently used ruleset from /var/run/jail.$internal_name.conf fmt.Printf(" > Remove devfs ruleset %d: \n", cj.Devfs_ruleset)
ruleset, err := getValueFromRunningConfig(cj.InternalName, "devfs_ruleset") err = deleteDevfsRuleset(cj.Devfs_ruleset)
if err != nil {
fmt.Printf("ERROR getting current devfs ruleset: %s\n", err.Error())
return
}
rsi, _ := strconv.Atoi(ruleset)
fmt.Printf(" > Remove devfs ruleset %d: \n", rsi)
err = deleteDevfsRuleset(rsi)
if err != nil { if err != nil {
fmt.Printf("ERROR: %s\n", err.Error()) fmt.Printf("ERROR: %s\n", err.Error())
} else { } else {
fmt.Printf(" > Remove devfsruleset %d: OK\n", rsi) fmt.Printf(" > Remove devfsruleset %d: OK\n", cj.Devfs_ruleset)
} }
fmt.Printf(" > Stop jail %s:\n", cj.Name) fmt.Printf(" > Stop jail %s:\n", cj.Name)
@ -401,6 +394,9 @@ func StopJail(args []string) {
if err = setStructFieldValue(&gJails[i], "InternalName", ""); err != nil { if err = setStructFieldValue(&gJails[i], "InternalName", ""); err != nil {
fmt.Printf("ERROR: clearing InternalName property: %s\n", err.Error()) fmt.Printf("ERROR: clearing InternalName property: %s\n", err.Error())
} }
if err = setStructFieldValue(&gJails[i], "Devfs_ruleset", "0"); err != nil {
fmt.Printf("ERROR: setting Devfs_ruleset property to 0: %s\n", err.Error())
}
} }
} }
} }

3
cmd/struct.go
View File

@ -27,6 +27,7 @@ type Jail struct {
Running bool Running bool
// No need, Config.Release always represent what is running (plus it know release for non-running jails) // No need, Config.Release always represent what is running (plus it know release for non-running jails)
//Release string //Release string
Devfs_ruleset int // The effective devfs ruleset generated at runtime
Zpool string Zpool string
Datastore string Datastore string
} }
@ -247,6 +248,8 @@ type JailSort struct {
DatastoreDec jailLessFunc DatastoreDec jailLessFunc
ZpoolInc jailLessFunc ZpoolInc jailLessFunc
ZpoolDec jailLessFunc ZpoolDec jailLessFunc
Devfs_rulesetInc jailLessFunc
Devfs_rulesetDec jailLessFunc
Config JailConfigSort Config JailConfigSort
} }

36
jail/main.go
View File

@ -14,16 +14,17 @@ package jail
*/ */
import "C" import "C"
import ( import (
"strconv" "strconv"
// "syscall" // "syscall"
"unsafe" "unsafe"
) )
type Jail struct { type Jail struct {
Name string Name string
Jid int Jid int
Path string Path string
Devfs_ruleset int
} }
@ -33,8 +34,8 @@ func GetJails() ([]Jail, error) {
var jl Jail var jl Jail
var err error var err error
// Make "params" a list of 4 jails parameters // Make "params" a list of 5 jails parameters
params := make([]C.struct_jailparam, 4) params := make([]C.struct_jailparam, 5)
// initialize parameter names // initialize parameter names
csname := C.CString("name") csname := C.CString("name")
@ -43,27 +44,31 @@ func GetJails() ([]Jail, error) {
defer C.free(unsafe.Pointer(csjid)) defer C.free(unsafe.Pointer(csjid))
cspath := C.CString("path") cspath := C.CString("path")
defer C.free(unsafe.Pointer(cspath)) defer C.free(unsafe.Pointer(cspath))
csdevfsrs := C.CString("devfs_ruleset")
defer C.free(unsafe.Pointer(csdevfsrs))
cslastjid := C.CString("lastjid") cslastjid := C.CString("lastjid")
defer C.free(unsafe.Pointer(cslastjid)) defer C.free(unsafe.Pointer(cslastjid))
// initialize params struct with parameter names // initialize params struct with parameter names
C.jailparam_init(&params[0], csname) C.jailparam_init(&params[0], csname)
C.jailparam_init(&params[1], csjid) C.jailparam_init(&params[1], csjid)
C.jailparam_init(&params[2], cspath) C.jailparam_init(&params[2], cspath)
C.jailparam_init(&params[3], csdevfsrs)
// The key to retrieve jail. lastjid = 0 returns first jail and its jid as jailparam_get return value // The key to retrieve jail. lastjid = 0 returns first jail and its jid as jailparam_get return value
C.jailparam_init(&params[3], cslastjid) C.jailparam_init(&params[4], cslastjid)
lastjailid := 0 lastjailid := 0
cslastjidval := C.CString(strconv.Itoa(lastjailid)) cslastjidval := C.CString(strconv.Itoa(lastjailid))
defer C.free(unsafe.Pointer(cslastjidval)) defer C.free(unsafe.Pointer(cslastjidval))
C.jailparam_import(&params[3], cslastjidval) C.jailparam_import(&params[4], cslastjidval)
// loop on existing jails // loop on existing jails
for lastjailid >= 0 { for lastjailid >= 0 {
// get parameter values // get parameter values
lastjailid = int(C.jailparam_get(&params[0], 4, 0)) lastjailid = int(C.jailparam_get(&params[0], 5, 0))
if lastjailid > 0 { if lastjailid > 0 {
nametmp := C.jailparam_export(&params[0]) nametmp := C.jailparam_export(&params[0])
jl.Name = C.GoString(nametmp) jl.Name = C.GoString(nametmp)
@ -75,23 +80,28 @@ func GetJails() ([]Jail, error) {
// Memory mgmt : Non gere par Go // Memory mgmt : Non gere par Go
C.free(unsafe.Pointer(jidtmp)) C.free(unsafe.Pointer(jidtmp))
pathtmp := C.jailparam_export(&params[2]) pathtmp := C.jailparam_export(&params[2])
jl.Path = C.GoString(pathtmp) jl.Path = C.GoString(pathtmp)
// Memory mgmt : Non gere par Go // Memory mgmt : Non gere par Go
C.free(unsafe.Pointer(pathtmp)) C.free(unsafe.Pointer(pathtmp))
drstmp := C.jailparam_export(&params[3])
jl.Devfs_ruleset, _ = strconv.Atoi(C.GoString(drstmp))
// Memory mgmt : Non gere par Go
C.free(unsafe.Pointer(drstmp))
jls = append(jls, jl) jls = append(jls, jl)
//log.Debug("Got jid " + strconv.Itoa(jl.jid) + " with name " + jl.name) //log.Debug("Got jid " + strconv.Itoa(jl.jid) + " with name " + jl.name)
// Prepare next loop iteration // Prepare next loop iteration
cslastjidval := C.CString(strconv.Itoa(lastjailid)) cslastjidval := C.CString(strconv.Itoa(lastjailid))
defer C.free(unsafe.Pointer(cslastjidval)) defer C.free(unsafe.Pointer(cslastjidval))
C.jailparam_import(&params[3], cslastjidval) C.jailparam_import(&params[4], cslastjidval)
} }
} }
// Free 4 items of params list // Free 5 items of params list
C.jailparam_free(&params[0], 4) C.jailparam_free(&params[0], 5)
return jls, err return jls, err
} }

43
service/gocage Executable file
View File

@ -0,0 +1,43 @@
#!/bin/sh
#
# $FreeBSD$
#
# PROVIDE: gocage
# REQUIRE: LOGIN cleanvar
# KEYWORD: shutdown
# Add the following lines to /etc/rc.conf to enable :
#
# gocage_enable="YES"
#
# gocage_conf="/usr/local/etc/gocage.conf.yml"
#
. /etc/rc.subr
name="gocage"
rcvar=gocage_enable
# read configuration and set defaults
load_rc_config "$name"
: ${gocage_enable:="NO"}
: ${gocage_conf="/usr/local/etc/gocage.conf.yml"}
start_cmd=${name}_start
stop_cmd=${name}_stop
gocage_start()
{
echo "Gocage starting jails... "
/usr/local/bin/gocage -c ${gocage_conf} start
}
gocage_stop()
{
echo "Gocage stopping jails... "
/usr/local/bin/gocage -c ${gocage_conf} stop
}
run_rc_command "$1"