Changes to support xpra

networking
brl 10 years ago
parent 4828a2f0b5
commit a3637a7c2e

@ -20,9 +20,11 @@ type directory struct {
type Filesystem struct { type Filesystem struct {
log *logging.Logger log *logging.Logger
home string user *user.User
name string
base string base string
root string root string
xpra string
userID string userID string
noDefaults bool noDefaults bool
noSysAndProc bool noSysAndProc bool
@ -34,6 +36,10 @@ func (fs *Filesystem) Root() string {
return fs.root return fs.root
} }
func (fs *Filesystem) Xpra() string {
return fs.xpra
}
func (fs *Filesystem) addWhitelist(path, target string, readonly bool) error { func (fs *Filesystem) addWhitelist(path, target string, readonly bool) error {
item, err := fs.newItem(path, target, readonly) item, err := fs.newItem(path, target, readonly)
if err != nil { if err != nil {
@ -65,8 +71,8 @@ func (fs *Filesystem) newItem(path, target string, readonly bool) (*mountItem, e
}, nil }, nil
} }
func NewFromProfile(profile *oz.Profile, log *logging.Logger) *Filesystem { func NewFromProfile(profile *oz.Profile, user *user.User, log *logging.Logger) *Filesystem {
fs := NewFilesystem(profile.Name, log) fs := NewFilesystem(profile.Name, user, log)
for _,wl := range profile.Whitelist { for _,wl := range profile.Whitelist {
fs.addWhitelist(wl.Path, wl.Path, wl.ReadOnly) fs.addWhitelist(wl.Path, wl.Path, wl.ReadOnly)
} }
@ -75,24 +81,22 @@ func NewFromProfile(profile *oz.Profile, log *logging.Logger) *Filesystem {
} }
fs.noDefaults = profile.NoDefaults fs.noDefaults = profile.NoDefaults
fs.noSysAndProc = profile.NoSysProc fs.noSysAndProc = profile.NoSysProc
if profile.XServer.Enabled {
fs.xpra = path.Join(user.HomeDir, ".Xoz", profile.Name)
}
return fs return fs
} }
func NewFilesystem(name string, log *logging.Logger) *Filesystem { func NewFilesystem(name string, user *user.User, log *logging.Logger) *Filesystem {
fs := new(Filesystem) fs := new(Filesystem)
fs.log = log fs.log = log
fs.name = name
if log == nil { if log == nil {
fs.log = logging.MustGetLogger("oz") fs.log = logging.MustGetLogger("oz")
} }
fs.base = path.Join("/srv/oz", name) fs.base = path.Join("/srv/oz", name)
fs.root = path.Join(fs.base, "rootfs") fs.root = path.Join(fs.base, "rootfs")
fs.user = user
u, err := user.Current()
if err != nil {
panic("Failed to look up current user: " + err.Error())
}
fs.home = u.HomeDir
fs.userID = strconv.Itoa(os.Getuid()) fs.userID = strconv.Itoa(os.Getuid())
return fs return fs
@ -205,3 +209,17 @@ func copyFileInfo(info os.FileInfo, target string) error {
os.Chmod(target, info.Mode().Perm()) os.Chmod(target, info.Mode().Perm())
return nil return nil
} }
func createSubdirs(base string, uid,gid int, mode os.FileMode, subdirs ...string) error {
dir := base
for _,sd := range subdirs {
dir = path.Join(dir, sd)
if err := os.Mkdir(dir, mode); err != nil && !os.IsExist(err) {
return err
}
if err := os.Chown(dir, uid, gid); err != nil {
return err
}
}
return nil
}

@ -80,8 +80,9 @@ func (mi *mountItem) readSourceInfo(src string) (os.FileInfo, error) {
return nil, fmt.Errorf("source path (%s) does not exist", src) return nil, fmt.Errorf("source path (%s) does not exist", src)
} }
if !strings.HasPrefix(src, mi.fs.home) { home := mi.fs.user.HomeDir
return nil, fmt.Errorf("mount item (%s) has flag MountCreateIfAbsent, but is not child of home directory (%s)", src, mi.fs.home) if !strings.HasPrefix(src, home) {
return nil, fmt.Errorf("mount item (%s) has flag MountCreateIfAbsent, but is not child of home directory (%s)", src, home)
} }
if err := os.MkdirAll(src, 0750); err != nil { if err := os.MkdirAll(src, 0750); err != nil {

@ -30,7 +30,7 @@ func (fs *Filesystem) resolveVars(p string) (string, error) {
return resolved, nil return resolved, nil
case strings.HasPrefix(p, homeVar): case strings.HasPrefix(p, homeVar):
return path.Join(fs.home, p[len(homeVar):]), nil return path.Join(fs.user.HomeDir, p[len(homeVar):]), nil
case strings.HasPrefix(p, uidVar): case strings.HasPrefix(p, uidVar):
return strings.Replace(p, uidVar, fs.userID, -1), nil return strings.Replace(p, uidVar, fs.userID, -1), nil

@ -5,6 +5,9 @@ import (
"os" "os"
"path" "path"
"syscall" "syscall"
"os/user"
"strconv"
"errors"
) )
var basicBindDirs = []string{ var basicBindDirs = []string{
@ -37,6 +40,16 @@ var basicSymlinks = [][2]string{
} }
func (fs *Filesystem) Setup() error { func (fs *Filesystem) Setup() error {
if fs.xpra != "" {
if err := fs.createXpraDir(); err != nil {
return err
}
item,err := fs.newItem(fs.xpra, fs.xpra, false)
if err != nil {
return err
}
fs.whitelist = append(fs.whitelist, item)
}
if err := fs.setupRootfs(); err != nil { if err := fs.setupRootfs(); err != nil {
return err return err
} }
@ -46,6 +59,30 @@ func (fs *Filesystem) Setup() error {
return fs.setupMountItems() return fs.setupMountItems()
} }
func (fs *Filesystem) createXpraDir() error {
uid,gid,err := userIds(fs.user)
if err != nil {
return err
}
dir := path.Join(fs.user.HomeDir, ".Xoz", fs.name)
if err := createSubdirs(fs.user.HomeDir, uid, gid, 0755, ".Xoz", fs.name); err != nil {
return fmt.Errorf("failed to create xpra directory (%s): %v", dir, err)
}
return nil
}
func userIds(user *user.User) (int, int, error) {
uid,err := strconv.Atoi(user.Uid)
if err != nil {
return -1,-1, errors.New("failed to parse uid from user struct: "+ err.Error())
}
gid,err := strconv.Atoi(user.Gid)
if err != nil {
return -1,-1, errors.New("failed to parse gid from user struct: "+ err.Error())
}
return uid,gid,nil
}
func (fs *Filesystem) setupRootfs() error { func (fs *Filesystem) setupRootfs() error {
if err := os.MkdirAll(fs.base, 0755); err != nil { if err := os.MkdirAll(fs.base, 0755); err != nil {
return fmt.Errorf("unable to create directory (%s): %v", fs.base, err) return fmt.Errorf("unable to create directory (%s): %v", fs.base, err)

Loading…
Cancel
Save