JAIL_ATTR_NETNS,
JAIL_ATTR_USERNS,
JAIL_ATTR_CGROUPSNS,
+ JAIL_ATTR_CONSOLE,
JAIL_ATTR_REQUIREJAIL,
__JAIL_ATTR_MAX,
};
[JAIL_ATTR_NETNS] = { "netns", BLOBMSG_TYPE_BOOL },
[JAIL_ATTR_USERNS] = { "userns", BLOBMSG_TYPE_BOOL },
[JAIL_ATTR_CGROUPSNS] = { "cgroupsns", BLOBMSG_TYPE_BOOL },
+ [JAIL_ATTR_CONSOLE] = { "console", BLOBMSG_TYPE_BOOL },
[JAIL_ATTR_REQUIREJAIL] = { "requirejail", BLOBMSG_TYPE_BOOL },
};
if (jail->cgroupsns)
argv[argc++] = "-F";
+ if (jail->console)
+ argv[argc++] = "-y";
+
if (in->extroot) {
argv[argc++] = "-R";
argv[argc++] = in->extroot;
close(in->_stderr.fd.fd);
in->_stderr.fd.fd = -1;
}
+
+ if (in->console.fd.fd > -1) {
+ ustream_free(&in->console.stream);
+ close(in->console.fd.fd);
+ in->console.fd.fd = -1;
+ }
+
+ if (in->console_client.fd.fd > -1) {
+ ustream_free(&in->console_client.stream);
+ close(in->console_client.fd.fd);
+ in->console_client.fd.fd = -1;
+ }
}
void
container_of(s, struct service_instance, _stdout.stream));
}
+static void
+instance_console(struct ustream *s, int bytes)
+{
+ struct service_instance *in = container_of(s, struct service_instance, console.stream);
+ char *buf;
+ int len;
+
+ do {
+ buf = ustream_get_read_buf(s, &len);
+ if (!buf)
+ break;
+
+ ulog(LOG_INFO, "out: %s\n", buf);
+
+ /* test if console client is attached */
+ if (in->console_client.fd.fd > -1)
+ ustream_write(&in->console_client.stream, buf, len, false);
+
+ ustream_consume(s, len);
+ } while (1);
+}
+
+static void
+instance_console_client(struct ustream *s, int bytes)
+{
+ struct service_instance *in = container_of(s, struct service_instance, console_client.stream);
+ char *buf;
+ int len;
+
+ do {
+ buf = ustream_get_read_buf(s, &len);
+ if (!buf)
+ break;
+
+ ulog(LOG_INFO, "in: %s\n", buf);
+ ustream_write(&in->console.stream, buf, len, false);
+ ustream_consume(s, len);
+ } while (1);
+}
+
static void
instance_stderr(struct ustream *s, int bytes)
{
jail->cgroupsns = blobmsg_get_bool(tb[JAIL_ATTR_CGROUPSNS]);
jail->argc++;
}
+ if (tb[JAIL_ATTR_CONSOLE]) {
+ jail->console = blobmsg_get_bool(tb[JAIL_ATTR_CONSOLE]);
+ jail->argc++;
+ }
if (tb[JAIL_ATTR_MOUNT]) {
struct blob_attr *cur;
in->_stderr.stream.string_data = true;
in->_stderr.stream.notify_read = instance_stderr;
+ in->console.fd.fd = -2;
+ in->console.stream.string_data = true;
+ in->console.stream.notify_read = instance_console;
+
+ in->console_client.fd.fd = -2;
+ in->console_client.stream.string_data = true;
+ in->console_client.stream.notify_read = instance_console_client;
+
blobmsg_list_init(&in->netdev, struct instance_netdev, node, instance_netdev_cmp);
blobmsg_list_init(&in->file, struct instance_file, node, instance_file_cmp);
blobmsg_list_simple_init(&in->env);
blobmsg_add_u8(b, "netns", in->jail.netns);
blobmsg_add_u8(b, "userns", in->jail.userns);
blobmsg_add_u8(b, "cgroupsns", in->jail.cgroupsns);
+ blobmsg_add_u8(b, "console", (in->console.fd.fd > -1));
blobmsg_close_table(b, r);
if (!avl_is_empty(&in->jail.mount.avl)) {
struct blobmsg_list_node *var;
projects / project / procd.git / blobdiff