119 lines
2.9 KiB
Go
119 lines
2.9 KiB
Go
// Copyright (c) Huawei Technologies Co., Ltd. 2019. All rights reserved.
|
|
// iSulad-lxcfs-toolkit is licensed under the Mulan PSL v1.
|
|
// You can use this software according to the terms and conditions of the Mulan PSL v1.
|
|
// You may obtain a copy of Mulan PSL v1 at:
|
|
// http://license.coscl.org.cn/MulanPSL
|
|
// THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
|
|
// IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
|
|
// PURPOSE.
|
|
// See the Mulan PSL v1 for more details.
|
|
// Description: mount/umount in container namespace
|
|
// Author: zhangsong
|
|
// Create: 2019-05-31
|
|
|
|
package libmount
|
|
|
|
import (
|
|
"encoding/json"
|
|
"fmt"
|
|
"isula.org/isulad-lxcfs-toolkit/libmount/nsexec"
|
|
"os"
|
|
"strconv"
|
|
"strings"
|
|
"syscall"
|
|
|
|
"github.com/docker/docker/pkg/reexec"
|
|
)
|
|
|
|
func init() {
|
|
reexec.Register(nsexec.NsEnterReexecName, WorkInContainer)
|
|
}
|
|
|
|
func setupPipe(name string) (*os.File, error) {
|
|
v := os.Getenv(name)
|
|
|
|
fd, err := strconv.Atoi(v)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("unable to convert %s=%s to int", name, v)
|
|
}
|
|
return os.NewFile(uintptr(fd), "pipe"), nil
|
|
}
|
|
|
|
func setupWorkType(name string) (int, error) {
|
|
v := os.Getenv(name)
|
|
|
|
worktype, err := strconv.Atoi(v)
|
|
if err != nil {
|
|
return -1, fmt.Errorf("unable to convert %s=%s to int", name, v)
|
|
}
|
|
return worktype, nil
|
|
}
|
|
|
|
// WorkInContainer will handle command in new namespace(container).
|
|
func WorkInContainer() {
|
|
var err error
|
|
var worktype int
|
|
var pipe *os.File
|
|
pipe, err = setupPipe(nsexec.InitPipe)
|
|
if err != nil {
|
|
fmt.Fprintf(os.Stderr, "%v", err)
|
|
return
|
|
}
|
|
|
|
// when pipe setup, should always send back the errors.
|
|
defer func() {
|
|
var msg nsexec.ErrMsg
|
|
if err != nil {
|
|
msg.Error = fmt.Sprintf("%s", err.Error())
|
|
}
|
|
if err := nsexec.WriteJSON(pipe, msg); err != nil {
|
|
fmt.Fprintf(os.Stderr, "%v\n", err)
|
|
}
|
|
}()
|
|
|
|
worktype, err = setupWorkType(nsexec.WorkType)
|
|
if err != nil {
|
|
return
|
|
}
|
|
|
|
// handle work here:
|
|
switch worktype {
|
|
case nsexec.MountMsg:
|
|
err = doMount(pipe)
|
|
case nsexec.UmountMsg:
|
|
err = doUmount(pipe)
|
|
default:
|
|
err = fmt.Errorf("unkown worktype=(%d)", worktype)
|
|
}
|
|
// do not need to check err here because we have check in defer
|
|
return
|
|
}
|
|
|
|
func doMount(pipe *os.File) error {
|
|
var mount nsexec.Mount
|
|
if err := json.NewDecoder(pipe).Decode(&mount); err != nil {
|
|
return err
|
|
}
|
|
for i := 0; i < len(mount.SrcPaths) && i < len(mount.DestPaths); i++ {
|
|
if err := syscall.Mount(mount.SrcPaths[i], mount.DestPaths[i], "none", syscall.MS_BIND, ""); err != nil {
|
|
return err
|
|
}
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func doUmount(pipe *os.File) error {
|
|
var umount nsexec.Umount
|
|
if err := json.NewDecoder(pipe).Decode(&umount); err != nil {
|
|
return err
|
|
}
|
|
for i := 0; i < len(umount.Paths); i++ {
|
|
if err := syscall.Unmount(umount.Paths[i], syscall.MNT_DETACH); err != nil {
|
|
if !strings.Contains(err.Error(), "invalid argument") {
|
|
return err
|
|
}
|
|
}
|
|
}
|
|
return nil
|
|
}
|