Implement container creation. Update coreutils
This commit is contained in:
Jeremy Soller
parent
6dccd948c5
commit
070e3d7b0a
2 changed files with 86 additions and 30 deletions
|
|
@ -2,31 +2,66 @@ extern crate syscall;
|
||||||
|
|
||||||
use syscall::scheme::Scheme;
|
use syscall::scheme::Scheme;
|
||||||
|
|
||||||
use std::{env, fs, thread};
|
use std::{env, fs,thread};
|
||||||
|
use std::io::{stderr, Write};
|
||||||
use std::os::unix::process::CommandExt;
|
use std::os::unix::process::CommandExt;
|
||||||
use std::process::Command;
|
use std::path::Path;
|
||||||
|
use std::process::{self, Command};
|
||||||
|
|
||||||
use self::chroot::ChrootScheme;
|
use self::chroot::ChrootScheme;
|
||||||
|
|
||||||
mod chroot;
|
mod chroot;
|
||||||
|
|
||||||
pub fn main() {
|
fn usage() -> ! {
|
||||||
let mut args = env::args().skip(1);
|
write!(stderr(), "contain [create|enter] root cmd args..\n").unwrap();
|
||||||
|
process::exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
let root_opt = args.next();
|
fn create(root: &Path) {
|
||||||
|
let root = Path::new(root);
|
||||||
|
|
||||||
let cmd = args.next().unwrap_or("sh".to_string());
|
println!("{}", root.display());
|
||||||
|
fs::create_dir(root).unwrap();
|
||||||
|
|
||||||
let mut names = vec![
|
let mut bin = root.to_path_buf();
|
||||||
|
bin.push("bin");
|
||||||
|
println!("{}", bin.display());
|
||||||
|
fs::create_dir(&bin).unwrap();
|
||||||
|
|
||||||
|
for entry in fs::read_dir("/bin").unwrap() {
|
||||||
|
let entry = entry.unwrap();
|
||||||
|
let mut dest = bin.clone();
|
||||||
|
dest.push(entry.file_name());
|
||||||
|
println!("{} -> {}", entry.path().display(), dest.display());
|
||||||
|
fs::copy(entry.path(), dest).unwrap();
|
||||||
|
}
|
||||||
|
|
||||||
|
let mut etc = root.to_path_buf();
|
||||||
|
etc.push("etc");
|
||||||
|
println!("{}", etc.display());
|
||||||
|
fs::create_dir(&etc).unwrap();
|
||||||
|
|
||||||
|
let mut net = etc.clone();
|
||||||
|
net.push("net");
|
||||||
|
println!("{}", net.display());
|
||||||
|
fs::create_dir(&net).unwrap();
|
||||||
|
|
||||||
|
for entry in fs::read_dir("/etc/net").unwrap() {
|
||||||
|
let entry = entry.unwrap();
|
||||||
|
let mut dest = net.clone();
|
||||||
|
dest.push(entry.file_name());
|
||||||
|
println!("{} -> {}", entry.path().display(), dest.display());
|
||||||
|
fs::copy(entry.path(), dest).unwrap();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
fn enter(root: &Path, cmd: &str, args: &[String]) {
|
||||||
|
let names = [
|
||||||
"rand",
|
"rand",
|
||||||
"tcp",
|
"tcp",
|
||||||
"udp"
|
"udp"
|
||||||
];
|
];
|
||||||
|
|
||||||
if root_opt.is_none() {
|
|
||||||
names.push("file");
|
|
||||||
}
|
|
||||||
|
|
||||||
let mut name_ptrs = Vec::new();
|
let mut name_ptrs = Vec::new();
|
||||||
for name in names.iter() {
|
for name in names.iter() {
|
||||||
name_ptrs.push([name.as_ptr() as usize, name.len()]);
|
name_ptrs.push([name.as_ptr() as usize, name.len()]);
|
||||||
|
|
@ -34,27 +69,24 @@ pub fn main() {
|
||||||
|
|
||||||
let new_ns = syscall::mkns(&name_ptrs).unwrap();
|
let new_ns = syscall::mkns(&name_ptrs).unwrap();
|
||||||
|
|
||||||
let root_thread = if let Some(root) = root_opt {
|
let root_canon = fs::canonicalize(root).unwrap();
|
||||||
Some(thread::spawn(move || {
|
let root_thread = thread::spawn(move || {
|
||||||
syscall::setrens(-1isize as usize, new_ns).unwrap();
|
syscall::setrens(-1isize as usize, new_ns).unwrap();
|
||||||
let scheme_fd = syscall::open(":file", syscall::O_CREAT | syscall::O_RDWR | syscall::O_CLOEXEC).unwrap();
|
let scheme_fd = syscall::open(":file", syscall::O_CREAT | syscall::O_RDWR | syscall::O_CLOEXEC).unwrap();
|
||||||
syscall::setrens(-1isize as usize, syscall::getns().unwrap()).unwrap();
|
syscall::setrens(-1isize as usize, syscall::getns().unwrap()).unwrap();
|
||||||
|
|
||||||
let chroot_scheme = ChrootScheme::new(fs::canonicalize(root).unwrap());
|
let chroot_scheme = ChrootScheme::new(root_canon);
|
||||||
loop {
|
loop {
|
||||||
let mut packet = syscall::Packet::default();
|
let mut packet = syscall::Packet::default();
|
||||||
if syscall::read(scheme_fd, &mut packet).unwrap() == 0 {
|
if syscall::read(scheme_fd, &mut packet).unwrap() == 0 {
|
||||||
break;
|
break;
|
||||||
}
|
|
||||||
chroot_scheme.handle(&mut packet);
|
|
||||||
syscall::write(scheme_fd, &packet).unwrap();
|
|
||||||
}
|
}
|
||||||
|
chroot_scheme.handle(&mut packet);
|
||||||
|
syscall::write(scheme_fd, &packet).unwrap();
|
||||||
|
}
|
||||||
|
|
||||||
let _ = syscall::close(scheme_fd);
|
let _ = syscall::close(scheme_fd);
|
||||||
}))
|
});
|
||||||
} else {
|
|
||||||
None
|
|
||||||
};
|
|
||||||
|
|
||||||
let pid = unsafe { syscall::clone(0).unwrap() };
|
let pid = unsafe { syscall::clone(0).unwrap() };
|
||||||
if pid == 0 {
|
if pid == 0 {
|
||||||
|
|
@ -88,3 +120,27 @@ pub fn main() {
|
||||||
println!("Container {}: exit: {:X}", new_ns, status);
|
println!("Container {}: exit: {:X}", new_ns, status);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub fn main() {
|
||||||
|
let mut args = env::args().skip(1);
|
||||||
|
|
||||||
|
if let Some(op) = args.next() {
|
||||||
|
match op.as_str() {
|
||||||
|
"create" => if let Some(root) = args.next() {
|
||||||
|
create(Path::new(&root));
|
||||||
|
} else {
|
||||||
|
usage();
|
||||||
|
},
|
||||||
|
"enter" => if let Some(root) = args.next() {
|
||||||
|
let cmd = args.next().unwrap_or("sh".to_string());
|
||||||
|
let args: Vec<String> = args.collect();
|
||||||
|
enter(Path::new(&root), &cmd, &args);
|
||||||
|
} else {
|
||||||
|
usage();
|
||||||
|
},
|
||||||
|
_ => usage()
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
usage();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
||||||
|
|
@ -1 +1 @@
|
||||||
Subproject commit 3308c4507cfe7c3922e41ad472d792dac864e83f
|
Subproject commit c043ba9089b81e805a0c98e8e9caf4a54a9603f7
|
||||||
Loading…
Add table
Add a link
Reference in a new issue