JakeHillion/clone-shim
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

fixed-spawners #36

Merged
JakeHillion merged 2 commits from fixed-spawners into main 2022-05-17 15:56:08 +01:00
Conversation 1 Commits 2 Files Changed 3 +37 -2
3 changed files with 37 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit c07d6df163 - Show all commits

8
src/spawner/mod.rs
View File

@ -105,6 +105,8 @@ impl<'a> Spawner<'a> {
let pipe = self.pipes.get_mut(s).unwrap().take_read()?; let pipe = self.pipes.get_mut(s).unwrap().take_read()?;
builder.keep_fd(&pipe); builder.keep_fd(&pipe);
builder.mount("/proc", "/proc").remount_proc();
let closure = || match self.pipe_trigger(pipe, entrypoint, name) { let closure = || match self.pipe_trigger(pipe, entrypoint, name) {
Ok(()) => exitcode::OK, Ok(()) => exitcode::OK,
Err(e) => { Err(e) => {
@ -129,6 +131,8 @@ impl<'a> Spawner<'a> {
let socket = self.sockets.get_mut(s).unwrap().take_read()?; let socket = self.sockets.get_mut(s).unwrap().take_read()?;
builder.keep_fd(&socket); builder.keep_fd(&socket);
builder.mount("/proc", "/proc").remount_proc();
let closure = || match self.file_socket_trigger(socket, entrypoint, name) { let closure = || match self.file_socket_trigger(socket, entrypoint, name) {
Ok(()) => exitcode::OK, Ok(()) => exitcode::OK,
Err(e) => { Err(e) => {
@ -327,6 +331,10 @@ impl<'a> Spawner<'a> {
Environment::DomainName(name) => { Environment::DomainName(name) => {
builder.set_domain_name(name); builder.set_domain_name(name);
} }
Environment::Procfs => {
builder.mount("/proc", "/proc").remount_proc();
}
} }
} }
} }

2
src/specification.rs
View File

@ -117,6 +117,8 @@ pub enum Environment {
Hostname(String), Hostname(String),
DomainName(String), DomainName(String),
Procfs,
} }
#[derive(Serialize, Deserialize, PartialEq, Eq, Hash, Debug)] #[derive(Serialize, Deserialize, PartialEq, Eq, Hash, Debug)]

29
src/void.rs
View File

@ -33,6 +33,8 @@ pub struct VoidBuilder {
mounts: HashMap<PathBuf, PathBuf>, mounts: HashMap<PathBuf, PathBuf>,
fds: HashSet<RawFd>, fds: HashSet<RawFd>,
remount_proc: bool,
} }
impl VoidBuilder { impl VoidBuilder {
@ -42,6 +44,7 @@ impl VoidBuilder {
domain_name: None, domain_name: None,
mounts: HashMap::new(), mounts: HashMap::new(),
fds: HashSet::new(), fds: HashSet::new(),
remount_proc: false,
} }
} }
@ -65,6 +68,11 @@ impl VoidBuilder {
self self
} }
pub fn remount_proc(&mut self) -> &mut Self {
self.remount_proc = true;
self
}
pub fn spawn(&mut self, child_fn: impl FnOnce() -> i32) -> Result<VoidHandle> { pub fn spawn(&mut self, child_fn: impl FnOnce() -> i32) -> Result<VoidHandle> {
let mut args = CloneArgs::new( let mut args = CloneArgs::new(
CloneFlags::CLONE_NEWCGROUP CloneFlags::CLONE_NEWCGROUP
@ -252,12 +260,29 @@ impl VoidBuilder {
fs::write(&dst, b"")?; fs::write(&dst, b"")?;
} }
// bind mount // rbind mount
mount( mount(
Some(&src), Some(&src),
&dst, &dst,
Option::<&str>::None, Option::<&str>::None,
MsFlags::MS_BIND, MsFlags::MS_BIND | MsFlags::MS_REC,
Option::<&str>::None,
)
.map_err(|e| Error::Nix {
msg: "mount",
src: e,
})?;
}
// remount proc
if self.remount_proc {
debug!("remounting /proc`");
mount(
Some("proc"),
"/proc",
Some("proc"),
MsFlags::empty(),
Option::<&str>::None, Option::<&str>::None,
) )
.map_err(|e| Error::Nix { .map_err(|e| Error::Nix {