From a76fcb0217b786dc8661c981d6473d969552d7ab Mon Sep 17 00:00:00 2001 From: xSmurf Date: Sun, 7 Jun 2015 00:25:28 +0000 Subject: [PATCH] Added sandbox base path to global config --- config.go | 10 ++++++---- fs/fs.go | 8 ++++---- oz-daemon/daemon.go | 3 ++- oz-daemon/launch.go | 2 +- oz-init/init.go | 2 +- 5 files changed, 14 insertions(+), 11 deletions(-) diff --git a/config.go b/config.go index 5d59e9e..a13fe2e 100644 --- a/config.go +++ b/config.go @@ -6,10 +6,11 @@ import ( ) type Config struct { - ProfileDir string `json:"profile_dir"` - ShellPath string `json:"shell_path"` - AllowRootShell bool `json:"allow_root_shell"` - LogXpra bool `json:"log_xpra"` + ProfileDir string `json:"profile_dir"` + ShellPath string `json:"shell_path"` + SandboxPath string `json:"sandbox_path"` + AllowRootShell bool `json:"allow_root_shell"` + LogXpra bool `json:"log_xpra"` } const DefaultConfigPath = "/etc/oz/oz.conf" @@ -18,6 +19,7 @@ func NewDefaultConfig() *Config { return &Config{ ProfileDir: "/var/lib/oz/cells.d", ShellPath: "/bin/bash", + SandboxPath: "/srv/oz", AllowRootShell: false, LogXpra: false, } diff --git a/fs/fs.go b/fs/fs.go index 72903b6..a4e4829 100644 --- a/fs/fs.go +++ b/fs/fs.go @@ -71,8 +71,8 @@ func (fs *Filesystem) newItem(path, target string, readonly bool) (*mountItem, e }, nil } -func NewFromProfile(profile *oz.Profile, user *user.User, log *logging.Logger) *Filesystem { - fs := NewFilesystem(profile.Name, user, log) +func NewFromProfile(profile *oz.Profile, user *user.User, basePath string, log *logging.Logger) *Filesystem { + fs := NewFilesystem(profile.Name, user, basePath, log) for _, wl := range profile.Whitelist { fs.addWhitelist(wl.Path, wl.Path, wl.ReadOnly) } @@ -87,14 +87,14 @@ func NewFromProfile(profile *oz.Profile, user *user.User, log *logging.Logger) * return fs } -func NewFilesystem(name string, user *user.User, log *logging.Logger) *Filesystem { +func NewFilesystem(name string, user *user.User, basePath string, log *logging.Logger) *Filesystem { fs := new(Filesystem) fs.log = log fs.name = name if log == nil { fs.log = logging.MustGetLogger("oz") } - fs.base = path.Join("/srv/oz", name) + fs.base = path.Join(basePath, name) fs.root = path.Join(fs.base, "rootfs") fs.user = user fs.userID = strconv.Itoa(os.Getuid()) diff --git a/oz-daemon/daemon.go b/oz-daemon/daemon.go index af9d36a..c6d33dd 100644 --- a/oz-daemon/daemon.go +++ b/oz-daemon/daemon.go @@ -48,6 +48,7 @@ func initialize() *daemonState { d.log.Info("Could not load config file (%s), using default config", oz.DefaultConfigPath) config = oz.NewDefaultConfig() } + d.log.Info("Oz Global Config: %+v", config) d.config = config ps, err := oz.LoadProfiles(config.ProfileDir) if err != nil { @@ -148,7 +149,7 @@ func (d *daemonState) handleClean(clean *CleanMsg, msg *ipc.Message) error { } // XXX u, _ := user.Current() - fs := fs.NewFromProfile(p, u, d.log) + fs := fs.NewFromProfile(p, u, d.config.SandboxPath, d.log) if err := fs.Cleanup(); err != nil { return msg.Respond(&ErrorMsg{err.Error()}) } diff --git a/oz-daemon/launch.go b/oz-daemon/launch.go index bef43da..e5888d2 100644 --- a/oz-daemon/launch.go +++ b/oz-daemon/launch.go @@ -65,7 +65,7 @@ func (d *daemonState) launch(p *oz.Profile, uid, gid uint32) (*Sandbox, error) { if err != nil { return nil, fmt.Errorf("failed to lookup user for uid=%d: %v", uid, err) } - fs := fs.NewFromProfile(p, u, d.log) + fs := fs.NewFromProfile(p, u, d.config.SandboxPath, d.log) if err := fs.Setup(); err != nil { return nil, err } diff --git a/oz-init/init.go b/oz-init/init.go index 2385a8f..0ff25ec 100644 --- a/oz-init/init.go +++ b/oz-init/init.go @@ -108,7 +108,7 @@ func parseArgs() *initState { gid: gid, user: u, display: display, - fs: fs.NewFromProfile(p, u, log), + fs: fs.NewFromProfile(p, u, config.SandboxPath, log), } }