diff options
| author | Felix Fietkau | 2025-05-28 11:08:27 +0000 |
|---|---|---|
| committer | Felix Fietkau | 2025-05-28 11:08:27 +0000 |
| commit | 58b6c3313e07ac8b3f61abdefae6120cd41c8f93 (patch) | |
| tree | e2dc1b0d7896450b5b6509e0e388c87dd561b168 | |
| parent | 37847fee4fe74cdbc0565567129c5a463556ed91 (diff) | |
| download | procd-58b6c3313e07ac8b3f61abdefae6120cd41c8f93.tar.gz | |
jail: add flag for passing the udebug socket
Signed-off-by: Felix Fietkau <nbd@nbd.name>
| -rw-r--r-- | jail/jail.c | 8 | ||||
| -rw-r--r-- | service/instance.c | 9 | ||||
| -rw-r--r-- | service/instance.h | 1 |
3 files changed, 17 insertions, 1 deletions
diff --git a/jail/jail.c b/jail/jail.c index 7b7ac2b..e7e4d6b 100644 --- a/jail/jail.c +++ b/jail/jail.c @@ -69,7 +69,7 @@ #endif #define STACK_SIZE (1024 * 1024) -#define OPT_ARGS "cC:d:e:EfFG:h:ij:J:ln:NoO:pP:r:R:sS:uU:w:t:T:y" +#define OPT_ARGS "cC:d:De:EfFG:h:ij:J:ln:NoO:pP:r:R:sS:uU:w:t:T:y" #define OCI_VERSION_STRING "1.0.2" @@ -1026,6 +1026,7 @@ static void usage(void) fprintf(stderr, " -s\t\tjail has /sys\n"); fprintf(stderr, " -l\t\tjail has /dev/log\n"); fprintf(stderr, " -u\t\tjail has a ubus socket\n"); + fprintf(stderr, " -D\t\tjail has a udebug socket\n"); fprintf(stderr, " -U <name>\tuser to run jailed process\n"); fprintf(stderr, " -G <name>\tgroup to run jailed process\n"); fprintf(stderr, " -o\t\tremont jail root (/) read only\n"); @@ -2593,6 +2594,7 @@ int main(int argc, char **argv) uid_t uid = getuid(); const char log[] = "/dev/log"; const char ubus[] = "/var/run/ubus/ubus.sock"; + const char udebug[] = "/var/run/udebug.sock"; int ret = EXIT_FAILURE; int ch; char *tmp; @@ -2704,6 +2706,10 @@ int main(int argc, char **argv) opts.namespace |= CLONE_NEWNS; add_mount_bind(ubus, 0, -1); break; + case 'D': + opts.namespace |= CLONE_NEWNS; + add_mount_bind(udebug, 0, -1); + break; case 'l': opts.namespace |= CLONE_NEWNS; add_mount_bind(log, 0, -1); diff --git a/service/instance.c b/service/instance.c index df8c09b..b611c0f 100644 --- a/service/instance.c +++ b/service/instance.c @@ -111,6 +111,7 @@ enum { JAIL_ATTR_PROCFS, JAIL_ATTR_SYSFS, JAIL_ATTR_UBUS, + JAIL_ATTR_UDEBUG, JAIL_ATTR_LOG, JAIL_ATTR_RONLY, JAIL_ATTR_MOUNT, @@ -131,6 +132,7 @@ static const struct blobmsg_policy jail_attr[__JAIL_ATTR_MAX] = { [JAIL_ATTR_PROCFS] = { "procfs", BLOBMSG_TYPE_BOOL }, [JAIL_ATTR_SYSFS] = { "sysfs", BLOBMSG_TYPE_BOOL }, [JAIL_ATTR_UBUS] = { "ubus", BLOBMSG_TYPE_BOOL }, + [JAIL_ATTR_UDEBUG] = { "udebug", BLOBMSG_TYPE_BOOL }, [JAIL_ATTR_LOG] = { "log", BLOBMSG_TYPE_BOOL }, [JAIL_ATTR_RONLY] = { "ronly", BLOBMSG_TYPE_BOOL }, [JAIL_ATTR_MOUNT] = { "mount", BLOBMSG_TYPE_TABLE }, @@ -344,6 +346,9 @@ jail_run(struct service_instance *in, char **argv) if (jail->ubus) argv[argc++] = "-u"; + if (jail->udebug) + argv[argc++] = "-D"; + if (jail->log) argv[argc++] = "-l"; @@ -1171,6 +1176,10 @@ instance_jail_parse(struct service_instance *in, struct blob_attr *attr) jail->ubus = true; jail->argc++; } + if (tb[JAIL_ATTR_UDEBUG] && blobmsg_get_bool(tb[JAIL_ATTR_UDEBUG])) { + jail->udebug = true; + jail->argc++; + } if (tb[JAIL_ATTR_LOG] && blobmsg_get_bool(tb[JAIL_ATTR_LOG])) { jail->log = true; jail->argc++; diff --git a/service/instance.h b/service/instance.h index 215cbc7..32fae19 100644 --- a/service/instance.h +++ b/service/instance.h @@ -29,6 +29,7 @@ struct jail { uint32_t procfs:1; uint32_t sysfs:1; uint32_t ubus:1; + uint32_t udebug:1; uint32_t log:1; uint32_t ronly:1; uint32_t netns:1; |