matth
/
subgraph-oz
mirror of https://github.com/xSmurf/oz.git
1
1
Fork 0
Code Releases Activity

gofmt

Browse Source
master
brl 10 years ago
parent d1bb0fdeec
commit 18bfbe034d
7 changed files with 80 additions and 82 deletions
Show Stats Download Patch File Download Diff File

16
config.go
Unescape View File

@ -6,14 +6,14 @@ import (
) )
type Config struct { type Config struct {
ProfileDir string `json:"profile_dir"` ProfileDir string `json:"profile_dir"`
ShellPath string `json:"shell_path"` ShellPath string `json:"shell_path"`
SandboxPath string `json:"sandbox_path"` SandboxPath string `json:"sandbox_path"`
BridgeMACAddr string `json:"bridge_mac"` BridgeMACAddr string `json:"bridge_mac"`
NMIgnoreFile string `json:"nm_ignore_file"` NMIgnoreFile string `json:"nm_ignore_file"`
UseFullDev bool `json:"use_full_dev"` UseFullDev bool `json:"use_full_dev"`
AllowRootShell bool `json:"allow_root_shell"` AllowRootShell bool `json:"allow_root_shell"`
LogXpra bool `json:"log_xpra"` LogXpra bool `json:"log_xpra"`
} }
const DefaultConfigPath = "/etc/oz/oz.conf" const DefaultConfigPath = "/etc/oz/oz.conf"

2
fs/cleanup.go
Unescape View File

@ -7,7 +7,7 @@ import (
"sort" "sort"
"strings" "strings"
"syscall" "syscall"
// External // External
"github.com/op/go-logging" "github.com/op/go-logging"
) )

6
fs/ozinit.go
Unescape View File

@ -36,7 +36,7 @@ func (fs *Filesystem) ozinitMountDev() error {
return err return err
} }
} }
if err := mountSpecial("/dev/pts", "devpts"); err != nil { if err := mountSpecial("/dev/pts", "devpts"); err != nil {
fs.log.Warning("Failed to mount pts directory: %v", err) fs.log.Warning("Failed to mount pts directory: %v", err)
return err return err
@ -91,7 +91,7 @@ func (fs *Filesystem) ozinitCreateSymlinks() error {
return err return err
} }
} }
if fs.fullDevices == false { if fs.fullDevices == false {
for _, sl := range deviceSymlinks { for _, sl := range deviceSymlinks {
if err := syscall.Symlink(sl[0], sl[1]); err != nil { if err := syscall.Symlink(sl[0], sl[1]); err != nil {
@ -99,7 +99,7 @@ func (fs *Filesystem) ozinitCreateSymlinks() error {
} }
} }
} }
return nil return nil
} }

66
fs/setup.go
Unescape View File

@ -21,7 +21,7 @@ var basicEmptyDirs = []string{
"/run/lock", "/root", "/run/lock", "/root",
"/opt", "/srv", "/dev", "/proc", "/opt", "/srv", "/dev", "/proc",
"/sys", "/mnt", "/media", "/sys", "/mnt", "/media",
//"/run/shm", //"/run/shm",
} }
var basicBlacklist = []string{ var basicBlacklist = []string{
@ -52,32 +52,32 @@ var deviceSymlinks = [][2]string{
type fsDeviceDefinition struct { type fsDeviceDefinition struct {
path string path string
mode uint32 mode uint32
dev int dev int
perm uint32 perm uint32
} }
const ugorw = syscall.S_IRUSR|syscall.S_IWUSR | syscall.S_IRGRP|syscall.S_IWGRP | syscall.S_IROTH|syscall.S_IWOTH const ugorw = syscall.S_IRUSR | syscall.S_IWUSR | syscall.S_IRGRP | syscall.S_IWGRP | syscall.S_IROTH | syscall.S_IWOTH
const urwgr = syscall.S_IRUSR|syscall.S_IWUSR | syscall.S_IRGRP const urwgr = syscall.S_IRUSR | syscall.S_IWUSR | syscall.S_IRGRP
const urw = syscall.S_IRUSR|syscall.S_IWUSR const urw = syscall.S_IRUSR | syscall.S_IWUSR
var basicDevices = []fsDeviceDefinition{ var basicDevices = []fsDeviceDefinition{
{path: "/dev/full", mode: syscall.S_IFCHR|ugorw, dev: _makedev(1, 7), perm: 0666}, {path: "/dev/full", mode: syscall.S_IFCHR | ugorw, dev: _makedev(1, 7), perm: 0666},
{path: "/dev/null", mode: syscall.S_IFCHR|ugorw, dev: _makedev(1, 3), perm: 0666}, {path: "/dev/null", mode: syscall.S_IFCHR | ugorw, dev: _makedev(1, 3), perm: 0666},
{path: "/dev/random", mode: syscall.S_IFCHR|ugorw, dev: _makedev(1, 8), perm: 0666}, {path: "/dev/random", mode: syscall.S_IFCHR | ugorw, dev: _makedev(1, 8), perm: 0666},
{path: "/dev/console", mode: syscall.S_IFCHR|urw, dev: _makedev(5, 1), perm: 0600}, {path: "/dev/console", mode: syscall.S_IFCHR | urw, dev: _makedev(5, 1), perm: 0600},
{path: "/dev/tty", mode: syscall.S_IFCHR|ugorw, dev: _makedev(5, 0), perm: 0666}, {path: "/dev/tty", mode: syscall.S_IFCHR | ugorw, dev: _makedev(5, 0), perm: 0666},
{path: "/dev/tty1", mode: syscall.S_IFREG|urwgr, dev: 0, perm: 0640}, {path: "/dev/tty1", mode: syscall.S_IFREG | urwgr, dev: 0, perm: 0640},
{path: "/dev/tty2", mode: syscall.S_IFREG|urwgr, dev: 0, perm: 0640}, {path: "/dev/tty2", mode: syscall.S_IFREG | urwgr, dev: 0, perm: 0640},
{path: "/dev/tty3", mode: syscall.S_IFREG|urwgr, dev: 0, perm: 0640}, {path: "/dev/tty3", mode: syscall.S_IFREG | urwgr, dev: 0, perm: 0640},
{path: "/dev/tty4", mode: syscall.S_IFREG|urwgr, dev: 0, perm: 0640}, {path: "/dev/tty4", mode: syscall.S_IFREG | urwgr, dev: 0, perm: 0640},
{path: "/dev/urandom", mode: syscall.S_IFCHR|ugorw, dev: _makedev(1, 9), perm: 0666}, {path: "/dev/urandom", mode: syscall.S_IFCHR | ugorw, dev: _makedev(1, 9), perm: 0666},
{path: "/dev/zero", mode: syscall.S_IFCHR|ugorw, dev: _makedev(1, 5), perm: 0666}, {path: "/dev/zero", mode: syscall.S_IFCHR | ugorw, dev: _makedev(1, 5), perm: 0666},
} }
func _makedev(x, y int) int { func _makedev(x, y int) int {
return (((x)<<8) | (y)) return (((x) << 8) | (y))
} }
func (fs *Filesystem) Setup(profilesPath string) error { func (fs *Filesystem) Setup(profilesPath string) error {
@ -85,7 +85,7 @@ func (fs *Filesystem) Setup(profilesPath string) error {
for _, bd := range basicBindDirs { for _, bd := range basicBindDirs {
if bd == profilesPath { if bd == profilesPath {
profilePathInBindDirs = true profilePathInBindDirs = true
break; break
} }
} }
@ -114,7 +114,7 @@ func (fs *Filesystem) Setup(profilesPath string) error {
return err return err
} }
} }
return fs.setupMountItems() return fs.setupMountItems()
} }
@ -151,17 +151,17 @@ func (fs *Filesystem) setupRootfs() error {
if err := syscall.Mount(fs.base, fs.base, "tmpfs", flags, data); err != nil { if err := syscall.Mount(fs.base, fs.base, "tmpfs", flags, data); err != nil {
return fmt.Errorf("failed to create base tmpfs at %s: %v", fs.base, err) return fmt.Errorf("failed to create base tmpfs at %s: %v", fs.base, err)
} }
/* /*
// Currently unused // Currently unused
// create extra directories // create extra directories
extra := []string{"sockets", "dev"} extra := []string{"sockets", "dev"}
for _, sub := range extra { for _, sub := range extra {
d := path.Join(fs.base, sub) d := path.Join(fs.base, sub)
if err := os.Mkdir(d, 0755); err != nil { if err := os.Mkdir(d, 0755); err != nil {
return fmt.Errorf("unable to create directory (%s): %v", d, err) return fmt.Errorf("unable to create directory (%s): %v", d, err)
} }
} }
*/ */
return nil return nil
} }
@ -189,7 +189,7 @@ func (fs *Filesystem) setupDev() error {
fs.log.Warning("Failed to mount devtmpfs: %v", err) fs.log.Warning("Failed to mount devtmpfs: %v", err)
return err return err
} }
for _, dev := range basicDevices { for _, dev := range basicDevices {
path := path.Join(fs.root, dev.path) path := path.Join(fs.root, dev.path)
if err := syscall.Mknod(path, dev.mode, dev.dev); err != nil { if err := syscall.Mknod(path, dev.mode, dev.dev); err != nil {

50
network/daemon.go
Unescape View File

@ -1,6 +1,6 @@
package network package network
import( import (
//Builtin //Builtin
"errors" "errors"
"fmt" "fmt"
@ -21,35 +21,35 @@ func BridgeInit(bridgeMAC string, nmIgnoreFile string, log *logging.Logger) (*Ho
if os.Getpid() == 1 { if os.Getpid() == 1 {
panic(errors.New("Cannot use netinit from child.")) panic(errors.New("Cannot use netinit from child."))
} }
htn := &HostNetwork{ htn := &HostNetwork{
BridgeMAC: bridgeMAC, BridgeMAC: bridgeMAC,
} }
if _, err := os.Stat(nmIgnoreFile); os.IsNotExist(err) { if _, err := os.Stat(nmIgnoreFile); os.IsNotExist(err) {
log.Warning("Warning! Network Manager may not properly configured to ignore the bridge interface! This may result in management conflicts!") log.Warning("Warning! Network Manager may not properly configured to ignore the bridge interface! This may result in management conflicts!")
} }
br, err := tenus.BridgeFromName(ozDefaultInterfaceBridge) br, err := tenus.BridgeFromName(ozDefaultInterfaceBridge)
if err != nil { if err != nil {
log.Info("Bridge not found, attempting to create a new one") log.Info("Bridge not found, attempting to create a new one")
br, err = tenus.NewBridgeWithName(ozDefaultInterfaceBridge) br, err = tenus.NewBridgeWithName(ozDefaultInterfaceBridge)
if err != nil { if err != nil {
return nil, fmt.Errorf("Unable to create bridge %+v", err) return nil, fmt.Errorf("Unable to create bridge %+v", err)
} }
} }
if err:= htn.configureBridgeInterface(br, log); err != nil { if err := htn.configureBridgeInterface(br, log); err != nil {
return nil, err return nil, err
} }
brL := br.NetInterface() brL := br.NetInterface()
addrs, err := brL.Addrs() addrs, err := brL.Addrs()
if err != nil { if err != nil {
return nil, fmt.Errorf("Unable to get bridge interface addresses: %+v", err) return nil, fmt.Errorf("Unable to get bridge interface addresses: %+v", err)
} }
// Build the ip range which we will use for the network // Build the ip range which we will use for the network
if err := htn.buildBridgeNetwork(addrs); err != nil { if err := htn.buildBridgeNetwork(addrs); err != nil {
return nil, err return nil, err
@ -61,19 +61,19 @@ func BridgeInit(bridgeMAC string, nmIgnoreFile string, log *logging.Logger) (*Ho
func PrepareSandboxNetwork(htn *HostNetwork, log *logging.Logger) (*SandboxNetwork, error) { func PrepareSandboxNetwork(htn *HostNetwork, log *logging.Logger) (*SandboxNetwork, error) {
stn := new(SandboxNetwork) stn := new(SandboxNetwork)
stn.VethHost = tenus.MakeNetInterfaceName(ozDefaultInterfacePrefix) stn.VethHost = tenus.MakeNetInterfaceName(ozDefaultInterfacePrefix)
stn.VethGuest = stn.VethHost + "1" stn.VethGuest = stn.VethHost + "1"
stn.Gateway = htn.Gateway stn.Gateway = htn.Gateway
stn.Class = htn.Class stn.Class = htn.Class
// Allocate a new IP address // Allocate a new IP address
stn.Ip = getFreshIP(htn.Min, htn.Max, log) stn.Ip = getFreshIP(htn.Min, htn.Max, log)
if stn.Ip == "" { if stn.Ip == "" {
return nil, errors.New("Unable to acquire random IP") return nil, errors.New("Unable to acquire random IP")
} }
return stn, nil return stn, nil
} }
@ -81,11 +81,11 @@ func NetInit(stn *SandboxNetwork, htn *HostNetwork, childPid int, log *logging.L
if os.Getpid() == 1 { if os.Getpid() == 1 {
panic(errors.New("Cannot use netSetup from child.")) panic(errors.New("Cannot use netSetup from child."))
} }
// Seed random number generator (poorly but we're not doing crypto) // Seed random number generator (poorly but we're not doing crypto)
rand.Seed(time.Now().Unix() ^ int64((os.Getpid() + childPid))) rand.Seed(time.Now().Unix() ^ int64((os.Getpid() + childPid)))
log.Info("Configuring host veth pair '%s' with: %s", stn.VethHost, stn.Ip + "/" + htn.Class) log.Info("Configuring host veth pair '%s' with: %s", stn.VethHost, stn.Ip+"/"+htn.Class)
// Fetch the bridge from the ifname // Fetch the bridge from the ifname
br, err := tenus.BridgeFromName(ozDefaultInterfaceBridge) br, err := tenus.BridgeFromName(ozDefaultInterfaceBridge)
@ -100,7 +100,7 @@ func NetInit(stn *SandboxNetwork, htn *HostNetwork, childPid int, log *logging.L
//if err := htn.configureBridgeInterface(br, log); err != nil { //if err := htn.configureBridgeInterface(br, log); err != nil {
// return fmt.Errorf("Unable to reconfigure bridge: %+v", err) // return fmt.Errorf("Unable to reconfigure bridge: %+v", err)
//} //}
// Create the veth pair // Create the veth pair
veth, err := tenus.NewVethPairWithOptions(stn.VethHost, tenus.VethOptions{PeerName: stn.VethGuest}) veth, err := tenus.NewVethPairWithOptions(stn.VethHost, tenus.VethOptions{PeerName: stn.VethGuest})
if err != nil { if err != nil {
@ -134,7 +134,7 @@ func NetInit(stn *SandboxNetwork, htn *HostNetwork, childPid int, log *logging.L
if err != nil { if err != nil {
return fmt.Errorf("Unable to parse ip %s, %s.", stn.Ip, err) return fmt.Errorf("Unable to parse ip %s, %s.", stn.Ip, err)
} }
// Set interface address in the namespace // Set interface address in the namespace
if err := veth.SetPeerLinkNetInNs(pid, vethGuestIp, vethGuestIpNet, nil); err != nil { if err := veth.SetPeerLinkNetInNs(pid, vethGuestIp, vethGuestIpNet, nil); err != nil {
return fmt.Errorf("Unable to parse ip link in namespace, %s.", err) return fmt.Errorf("Unable to parse ip link in namespace, %s.", err)
@ -148,23 +148,23 @@ func (stn *SandboxNetwork) Cleanup(log *logging.Logger) {
if os.Getpid() == 1 { if os.Getpid() == 1 {
panic(errors.New("Cannot use Cleanup from child.")) panic(errors.New("Cannot use Cleanup from child."))
} }
if _, err := net.InterfaceByName(stn.VethHost); err != nil { if _, err := net.InterfaceByName(stn.VethHost); err != nil {
log.Info("No veth found to cleanup") log.Info("No veth found to cleanup")
return return
} }
tenus.DeleteLink(stn.VethHost) tenus.DeleteLink(stn.VethHost)
} }
func (htn *HostNetwork) configureBridgeInterface(br tenus.Bridger, log *logging.Logger) error { func (htn *HostNetwork) configureBridgeInterface(br tenus.Bridger, log *logging.Logger) error {
// Set the bridge mac address so it can be fucking ignored by Network-Manager. // Set the bridge mac address so it can be fucking ignored by Network-Manager.
if htn.BridgeMAC != "" { if htn.BridgeMAC != "" {
if err := br.SetLinkMacAddress(htn.BridgeMAC); err != nil { if err := br.SetLinkMacAddress(htn.BridgeMAC); err != nil {
return fmt.Errorf("Unable to set MAC address for gateway", err) return fmt.Errorf("Unable to set MAC address for gateway", err)
} }
} }
if htn.Gateway == nil { if htn.Gateway == nil {
// Lookup an empty ip range // Lookup an empty ip range
brIp, brIpNet, err := findEmptyRange() brIp, brIpNet, err := findEmptyRange()
@ -175,7 +175,7 @@ func (htn *HostNetwork) configureBridgeInterface(br tenus.Bridger, log *logging.
htn.GatewayNet = brIpNet htn.GatewayNet = brIpNet
log.Info("Found available range: %+v", htn.GatewayNet.String()) log.Info("Found available range: %+v", htn.GatewayNet.String())
} }
if err := br.SetLinkIp(htn.Gateway, htn.GatewayNet); err != nil { if err := br.SetLinkIp(htn.Gateway, htn.GatewayNet); err != nil {
if os.IsExist(err) { if os.IsExist(err) {
log.Info("Bridge IP appears to be already assigned") log.Info("Bridge IP appears to be already assigned")
@ -192,7 +192,7 @@ func (htn *HostNetwork) configureBridgeInterface(br tenus.Bridger, log *logging.
return nil return nil
} }
func (htn *HostNetwork)buildBridgeNetwork(addrs []net.Addr) error { func (htn *HostNetwork) buildBridgeNetwork(addrs []net.Addr) error {
// Try to build the network config from the bridge's address // Try to build the network config from the bridge's address
addrIndex := -1 addrIndex := -1
for i, addr := range addrs { for i, addr := range addrs {
@ -219,11 +219,11 @@ func (htn *HostNetwork)buildBridgeNetwork(addrs []net.Addr) error {
} }
} }
if addrIndex < 0 { if addrIndex < 0 {
return errors.New("Could not find IPv4 for bridge interface") return errors.New("Could not find IPv4 for bridge interface")
} }
return nil return nil
} }

12
network/network.go
Unescape View File

@ -4,9 +4,9 @@ import (
//Builtin //Builtin
"fmt" "fmt"
"net" "net"
"strings"
"strconv" "strconv"
"strings"
"github.com/op/go-logging" "github.com/op/go-logging"
) )
@ -71,7 +71,6 @@ func init() {
} }
} }
// Print status of the network interfaces // Print status of the network interfaces
func NetPrint(log *logging.Logger) { func NetPrint(log *logging.Logger) {
strLine := "" strLine := ""
@ -87,7 +86,7 @@ func NetPrint(log *logging.Logger) {
log.Info(strHr) log.Info(strHr)
log.Info(strHeader) log.Info(strHeader)
for _, netif := range ifs { for _, netif := range ifs {
addrs, _ := netif.Addrs() addrs, _ := netif.Addrs()
@ -131,15 +130,14 @@ func NetPrint(log *logging.Logger) {
} }
strLine += fmt.Sprintf("\n") strLine += fmt.Sprintf("\n")
log.Info(strLine) log.Info(strLine)
} }
log.Info(strHr) log.Info(strHr)
} }
// Convert longip to net.IP // Convert longip to net.IP
func inet_ntoa(ipnr uint64) net.IP { func inet_ntoa(ipnr uint64) net.IP {
var bytes [4]byte var bytes [4]byte

10
network/ozinit.go
Unescape View File

@ -10,7 +10,7 @@ import (
// Internal // Internal
"github.com/op/go-logging" "github.com/op/go-logging"
//External //External
"github.com/j-keck/arping" "github.com/j-keck/arping"
"github.com/milosgajdos83/tenus" "github.com/milosgajdos83/tenus"
@ -50,17 +50,17 @@ func setupLoopback(stn *SandboxNetwork) error {
if err != nil { if err != nil {
return fmt.Errorf("Unable to bring loopback interface up, %s.", err) return fmt.Errorf("Unable to bring loopback interface up, %s.", err)
} }
return nil return nil
} }
func setupVEth(stn *SandboxNetwork) error { func setupVEth(stn *SandboxNetwork) error {
ifc, err := tenus.NewLinkFrom(stn.VethGuest) ifc, err := tenus.NewLinkFrom(stn.VethGuest)
if err != nil { if err != nil {
return fmt.Errorf("Unable to fetch inteface %s, %s.", stn.VethGuest, err) return fmt.Errorf("Unable to fetch inteface %s, %s.", stn.VethGuest, err)
} }
// Bring the link down to prepare for renaming // Bring the link down to prepare for renaming
if err = ifc.SetLinkDown(); err != nil { if err = ifc.SetLinkDown(); err != nil {
return fmt.Errorf("Unable to bring interface %s down, %s.", stn.VethGuest, err) return fmt.Errorf("Unable to bring interface %s down, %s.", stn.VethGuest, err)
@ -86,7 +86,7 @@ func setupVEth(stn *SandboxNetwork) error {
if err = ifc.SetLinkDefaultGw(&stn.Gateway); err != nil { if err = ifc.SetLinkDefaultGw(&stn.Gateway); err != nil {
return fmt.Errorf("Unable to set default route %s.", err) return fmt.Errorf("Unable to set default route %s.", err)
} }
return nil return nil
} }

Write Preview
Loading…
Cancel
Save