Pass user uid when launching oz-init

10 years ago · 4828a2f0b5
parent 14581f8612
commit 4828a2f0b5
2 changed files with 15 additions and 7 deletions
--- a/oz-daemon/daemon.go
+++ b/oz-daemon/daemon.go
@ -8,6 +8,7 @@ import (
 	"github.com/subgraph/oz/ipc"
 	"syscall"
 	"github.com/subgraph/oz/fs"
+	"os/user"
 )

 type daemonState struct {
@ -95,8 +96,7 @@ func (d *daemonState) handleLaunch(msg *LaunchMsg, m *ipc.Message) error {
 		return m.Respond(&ErrorMsg{err.Error()})
 	}
 	d.Debug("Would launch %s", p.Name)
-
-	_,err = d.launch(p)
+	_,err = d.launch(p, m.Ucred.Uid)
 	if err != nil {
 		d.Warning("launch of %s failed: %v", p.Name, err)
 		return m.Respond(&ErrorMsg{err.Error()})
@ -139,7 +139,9 @@ func (d *daemonState) handleClean(clean *CleanMsg, msg *ipc.Message) error {
 			return msg.Respond(&ErrorMsg{errmsg})
 		}
 	}
-	fs := fs.NewFromProfile(p, d.log)
+	// XXX
+	u,_ := user.Current()
+	fs := fs.NewFromProfile(p, u, d.log)
 	if err := fs.Cleanup(); err != nil {
 		return msg.Respond(&ErrorMsg{err.Error()})
 	}
--- a/oz-daemon/launch.go
+++ b/oz-daemon/launch.go
@ -8,6 +8,7 @@ import (
 	"fmt"
 	"io"
 	"bufio"
+	"os/user"
 )

 const initPath = "/usr/local/bin/oz-init"
@ -35,7 +36,7 @@ func findSandbox(id int) *Sandbox {
 */
 const initCloneFlags = syscall.CLONE_NEWNS | syscall.CLONE_NEWIPC | syscall.CLONE_NEWPID | syscall.CLONE_NEWUTS

-func createInitCommand(addr, name, chroot string) *exec.Cmd {
+func createInitCommand(addr, name, chroot string, uid uint32) *exec.Cmd {
 	cmd := exec.Command(initPath)
 	cmd.Dir = "/"
 	cmd.SysProcAttr = &syscall.SysProcAttr{
@ -45,12 +46,17 @@ func createInitCommand(addr, name, chroot string) *exec.Cmd {
 	cmd.Env = []string{
 		"INIT_ADDRESS="+addr,
 		"INIT_PROFILE="+name,
+		fmt.Sprintf("INIT_UID=%d", uid),
 	}
 	return cmd
 }

-func (d *daemonState) launch(p *oz.Profile) (*Sandbox, error) {
-	fs := fs.NewFromProfile(p, d.log)
+func (d *daemonState) launch(p *oz.Profile, uid uint32) (*Sandbox, error) {
+	u,err := user.LookupId(fmt.Sprintf("%d", uid))
+	if err != nil {
+		return nil, fmt.Errorf("failed to lookup user for uid=%d: %v", uid, err)
+	}
+	fs := fs.NewFromProfile(p, u, d.log)
 	if err := fs.Setup(); err != nil {
 		return nil, err
 	}
@ -58,7 +64,7 @@ func (d *daemonState) launch(p *oz.Profile) (*Sandbox, error) {
 	if err != nil {
 		return nil, err
 	}
-	cmd := createInitCommand(addr, p.Name, fs.Root())
+	cmd := createInitCommand(addr, p.Name, fs.Root(), uid)
 	pp,err := cmd.StderrPipe()
 	if err != nil {
 		fs.Cleanup()