matth
/
subgraph-oz
mirror of https://github.com/xSmurf/oz.git
1
1
Fork 0
Code Releases Activity

Pass user uid when launching oz-init

Browse Source
networking
brl 10 years ago
parent 14581f8612
commit 4828a2f0b5
2 changed files with 15 additions and 7 deletions
Show Stats Download Patch File Download Diff File

8
oz-daemon/daemon.go
Unescape View File

@ -8,6 +8,7 @@ import (
"github.com/subgraph/oz/ipc" "github.com/subgraph/oz/ipc"
"syscall" "syscall"
"github.com/subgraph/oz/fs" "github.com/subgraph/oz/fs"
"os/user"
) )
type daemonState struct { type daemonState struct {
@ -95,8 +96,7 @@ func (d *daemonState) handleLaunch(msg *LaunchMsg, m *ipc.Message) error {
return m.Respond(&ErrorMsg{err.Error()}) return m.Respond(&ErrorMsg{err.Error()})
} }
d.Debug("Would launch %s", p.Name) d.Debug("Would launch %s", p.Name)
_,err = d.launch(p, m.Ucred.Uid)
_,err = d.launch(p)
if err != nil { if err != nil {
d.Warning("launch of %s failed: %v", p.Name, err) d.Warning("launch of %s failed: %v", p.Name, err)
return m.Respond(&ErrorMsg{err.Error()}) return m.Respond(&ErrorMsg{err.Error()})
@ -139,7 +139,9 @@ func (d *daemonState) handleClean(clean *CleanMsg, msg *ipc.Message) error {
return msg.Respond(&ErrorMsg{errmsg}) return msg.Respond(&ErrorMsg{errmsg})
} }
} }
fs := fs.NewFromProfile(p, d.log) // XXX
u,_ := user.Current()
fs := fs.NewFromProfile(p, u, d.log)
if err := fs.Cleanup(); err != nil { if err := fs.Cleanup(); err != nil {
return msg.Respond(&ErrorMsg{err.Error()}) return msg.Respond(&ErrorMsg{err.Error()})
} }

14
oz-daemon/launch.go
Unescape View File

@ -8,6 +8,7 @@ import (
"fmt" "fmt"
"io" "io"
"bufio" "bufio"
"os/user"
) )
const initPath = "/usr/local/bin/oz-init" const initPath = "/usr/local/bin/oz-init"
@ -35,7 +36,7 @@ func findSandbox(id int) *Sandbox {
*/ */
const initCloneFlags = syscall.CLONE_NEWNS | syscall.CLONE_NEWIPC | syscall.CLONE_NEWPID | syscall.CLONE_NEWUTS const initCloneFlags = syscall.CLONE_NEWNS | syscall.CLONE_NEWIPC | syscall.CLONE_NEWPID | syscall.CLONE_NEWUTS
func createInitCommand(addr, name, chroot string) *exec.Cmd { func createInitCommand(addr, name, chroot string, uid uint32) *exec.Cmd {
cmd := exec.Command(initPath) cmd := exec.Command(initPath)
cmd.Dir = "/" cmd.Dir = "/"
cmd.SysProcAttr = &syscall.SysProcAttr{ cmd.SysProcAttr = &syscall.SysProcAttr{
@ -45,12 +46,17 @@ func createInitCommand(addr, name, chroot string) *exec.Cmd {
cmd.Env = []string{ cmd.Env = []string{
"INIT_ADDRESS="+addr, "INIT_ADDRESS="+addr,
"INIT_PROFILE="+name, "INIT_PROFILE="+name,
fmt.Sprintf("INIT_UID=%d", uid),
} }
return cmd return cmd
} }
func (d *daemonState) launch(p *oz.Profile) (*Sandbox, error) { func (d *daemonState) launch(p *oz.Profile, uid uint32) (*Sandbox, error) {
fs := fs.NewFromProfile(p, d.log) u,err := user.LookupId(fmt.Sprintf("%d", uid))
if err != nil {
return nil, fmt.Errorf("failed to lookup user for uid=%d: %v", uid, err)
}
fs := fs.NewFromProfile(p, u, d.log)
if err := fs.Setup(); err != nil { if err := fs.Setup(); err != nil {
return nil, err return nil, err
} }
@ -58,7 +64,7 @@ func (d *daemonState) launch(p *oz.Profile) (*Sandbox, error) {
if err != nil { if err != nil {
return nil, err return nil, err
} }
cmd := createInitCommand(addr, p.Name, fs.Root()) cmd := createInitCommand(addr, p.Name, fs.Root(), uid)
pp,err := cmd.StderrPipe() pp,err := cmd.StderrPipe()
if err != nil { if err != nil {
fs.Cleanup() fs.Cleanup()

Write Preview
Loading…
Cancel
Save