Commit 817fd499 authored by Heinz N. Gies's avatar Heinz N. Gies

Resolve "Set resolvers"

parent 6a3fb3c8
......@@ -9,13 +9,7 @@ jail_root="$2"
validate_root "${jail_root}"
## Find files that do not beling in the jail root, which is everything but
## jail, the rest will be populated by us
find ${jail_root}/root \
-not -path "${jail_root}/root/jail" \
-not -path "${jail_root}/root/jail/*" \
-not -path "${jail_root}/root"\
-delete
clean_outer_root "${jail_root}"
# create bas
......@@ -54,6 +48,21 @@ cp -r ${brand_root} ${jail_root}/root$(dirname ${brand_root})
mkdir -p ${jail_root}/root$(dirname ${brand_root})/../shared
cp -r ${brand_root} ${jail_root}/root$(dirname ${brand_root})/../shared
if [ -f "${jail_root}/root/config/resolvers" ]
then
for r in $(cat "${jail_root}/root/config/resolvers")
do
echo "nameserver ${r}" >> ${jail_root}/root/jail/etc/resolv.conf
done
fi
if [ -f "${jail_root}/root/config/root_authorized_keys" ]
then
mkdir -p "${jail_root}/root/jail/root/.ssh"
cp "${jail_root}/root/config/root_authorized_keys" "${jail_root}/root/jail/root/.ssh/authorized_keys"
fi
#TODO: network config:
# * get resolvers and set them resolvers
# * routs? (do we need to set them?)
......
......@@ -8,13 +8,7 @@ jail_root="$2"
validate_root "${jail_root}"
## Find files that do not beling in the jail root, which is everything but
## jail, the rest will be populated by us
find ${jail_root}/root \
-not -path "${jail_root}/root/jail" \
-not -path "${jail_root}/root/jail/*" \
-not -path "${jail_root}/root" \
-delete
clean_outer_root "${jail_root}"
# create bas
......
......@@ -51,3 +51,19 @@ install_brand_files() {
cp -r ${brands_src}/shared ${brands_target}
}
## Find files that do not beling in the jail root, which is everything but
## jail, the rest will be populated by us
clean_outer_root() {
jail_root=$1
validate_root "${jail_root}"
find "${jail_root}/root" \
-not -path "${jail_root}/root/config" \
-not -path "${jail_root}/root/config/*" \
-not -path "${jail_root}/root/jail" \
-not -path "${jail_root}/root/jail/*" \
-not -path "${jail_root}/root" \
-delete
}
......@@ -16,6 +16,7 @@ use uuid::Uuid;
use regex::Regex;
use rand::{thread_rng, Rng};
use std::collections::BTreeMap as Map;
/// Jail configuration values
#[derive(Debug, Serialize, Deserialize, Clone)]
......@@ -204,6 +205,8 @@ pub struct JailConfig {
/// hostname of the jail
pub hostname: String,
#[serde(default = "empty_resolvers")]
pub resolvers: Vec<String>,
/// weather to start this jail on --startup
#[serde(default = "dflt_false")]
pub autoboot: bool,
......@@ -264,8 +267,10 @@ pub struct JailConfig {
#[serde(skip_serializing_if = "Option::is_none")]
pub package_version: Option<String>,
// TODO:
// customer_metadata: KV
// internal_metadata: KV
#[serde(default = "empty_map")]
pub customer_metadata: Map<String, String>,
#[serde(default = "empty_map")]
pub internal_metadata: Map<String, String>,
// internal_metadata_namespaces: Vec<String>
// zfs_data_compression
}
......@@ -459,10 +464,17 @@ fn empty_nics() -> Vec<NIC> {
Vec::new()
}
fn empty_resolvers() -> Vec<String> {
Vec::new()
}
fn dflt_brand() -> String {
String::from("jail")
}
fn empty_map() -> Map<String, String> {
Map::new()
}
fn new_mac() -> String {
let mut rng = thread_rng();
// the second half of the first ocet should be 02
......
......@@ -10,6 +10,11 @@ use uuid::Uuid;
use jdb::IdxEntry;
use jail_config::JailConfig;
use brand::Brand;
use std::path::PathBuf;
use std::fs;
use std::fs::File;
use std::io::prelude::*;
#[derive(Debug)]
/// Basic information about a ZFS dataset
......@@ -40,6 +45,7 @@ static IFCONFIG: &'static str = "echo";
/// Jail config
#[derive(Debug, Clone)]
pub struct Jail<'a> {
/// Index refference
pub idx: &'a IdxEntry,
......@@ -76,7 +82,9 @@ impl<'a> Jail<'a> {
let mut target_name = jprefix.clone();
target_name.push_str(iface.iface.as_str());
let args = vec![epair, String::from("name"), target_name];
debug!("destroying epair"; "vm" => self.idx.uuid.hyphenated().to_string(), "args" => args.clone().join(" "));
debug!("destroying epair";
"vm" => self.idx.uuid.hyphenated().to_string(),
"args" => args.clone().join(" "));
let output = Command::new(IFCONFIG).args(args.clone()).output().expect(
"ifconfig failed",
);
......@@ -87,6 +95,53 @@ impl<'a> Jail<'a> {
Ok(0)
}
pub fn init(&self, _config: &Config) -> Result<i32, Box<Error>> {
let mut config = self.jail_root();
config.push("config");
debug!("initializing jail";
"dir" => config.to_str(),
"vm" => self.idx.uuid.hyphenated().to_string());
fs::create_dir(config.clone())?;
if ! self.config.resolvers.is_empty() {
let mut resolvers = config.clone();
resolvers.push("resolvers");
debug!("preparing resolver file";
"vm" => self.idx.uuid.hyphenated().to_string(),
"file" => resolvers.to_str(),
"resolvers" => self.config.resolvers.clone().join(" "));
let mut resolver_file = File::create(resolvers)?;
for resolver in self.config.resolvers.iter() {
resolver_file.write_all(resolver.as_bytes())?;
resolver_file.write_all(b"\n")?;
}
}
match self.config.customer_metadata.get("root_authorized_keys") {
None => (),
Some(keys) => {
let mut keys_path = config.clone();
keys_path.push("root_authorized_keys");
debug!("preparing root_authorized_keys file";
"vm" => self.idx.uuid.hyphenated().to_string(),
"file" => keys_path.to_str());
let mut keys_file = File::create(keys_path)?;
keys_file.write_all(keys.as_bytes())?;
}
}
match self.config.customer_metadata.get("user-script") {
None => (),
Some(script) => {
let mut script_path = config.clone();
script_path.push("user_script");
debug!("preparing user_script file";
"vm" => self.idx.uuid.hyphenated().to_string(),
"file" => script_path.to_str());
let mut script_file = File::create(script_path)?;
script_file.write_all(script.as_bytes())?;
}
}
Ok(0)
}
/// stops a jail
pub fn stop(&self, config: &Config) -> Result<i32, Box<Error>> {
......@@ -163,11 +218,15 @@ impl<'a> Jail<'a> {
Ok(0)
}
fn create_args(&self, config: &Config) -> Result<CreateArgs, Box<Error>> {
fn jail_root(&self) -> PathBuf {
let mut root = PathBuf::from("/");
root.push(self.idx.root.clone());
root.push("root");
root
}
fn create_args(&self, config: &Config) -> Result<CreateArgs, Box<Error>> {
let brand = self.brand(config)?;
let uuid = self.idx.uuid.hyphenated().to_string();
let mut name = String::from("name=");
name.push_str(uuid.as_str());
......
......@@ -500,17 +500,43 @@ fn create(conf: &Config, matches: &clap::ArgMatches) -> Result<i32, Box<Error>>
}
}
fn init_up<'a>(state: CreateState<'a>) -> Result<CreateState<'a>, Failure<CreateState<'a>>> {
let s1 = state.clone();
let jail = Jail{
idx: & s1.entry.unwrap(),
config: s1.config,
inner: None,
outer: None,
};
let state1 = CreateState{
conf: state.conf,
uuid: state.uuid,
dataset: state.dataset,
config: state.config,
entry: state.entry,
snapshot: state.snapshot,
root: state.root,
};
match jail.init(state1.conf) {
Ok(_) => Ok(state1),
Err(err) => Err(Failure::new(state1, err))
}
}
fn init_down(state: CreateState) -> CreateState {
crit!("Rolling back init");
state
}
fn brand_install_up(state: CreateState) -> Result<CreateState, Failure<CreateState>> {
let s1 = state.clone();
let jail = Jail{
idx: & s1.entry.unwrap().clone(),
config: s1.config,
inner: None,
outer: None,
};
match Brand::load(state.config.brand.as_str(), state.conf) {
Err(_) => Err(Failure::new(state, GenericError::bx("invalid brand"))),
Ok(brand) => {
let s1 = state.clone();
let jail = Jail{
idx: & s1.entry.unwrap(),
config: s1.config,
inner: None,
outer: None,
};
match brand.install.output(&jail, state.conf) {
Ok(_) => Ok(state),
Err(_) => Err(Failure::new(state, GenericError::bx("failed to initilize brand")))
......@@ -527,6 +553,7 @@ fn create(conf: &Config, matches: &clap::ArgMatches) -> Result<i32, Box<Error>>
Adventure::new(insert_up, insert_down),
Adventure::new(snap_up, snap_down),
Adventure::new(clone_up, clone_down),
Adventure::new(init_up, init_down),
Adventure::new(brand_install_up, brand_install_down),
]);
match saga.tell(state) {
......
......@@ -184,7 +184,6 @@ impl JailUpdate {
c.nics.push(nic.clone());
}
for update in self.update_nics.iter() {
c.nics = match update.primary {
Some(true) =>
c.nics.iter().map(|nic| {
......@@ -221,6 +220,7 @@ fn empty_nics() -> Vec<NIC> {
#[cfg(test)]
mod tests {
use std::collections::BTreeMap as Map;
use jail_config::JailConfig;
use update::*;
use uuid::Uuid;
......@@ -292,6 +292,9 @@ mod tests {
owner_uuid: None,
package_name: None,
package_version: None,
resolvers: Vec::new(),
customer_metadata: Map::new(),
internal_metadata: Map::new(),
}
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment