From a3b6bd2a94624852e5fef890fda9fde9548080f3 Mon Sep 17 00:00:00 2001 From: Ralph Ronnquist Date: Sat, 26 Mar 2022 20:00:17 +1100 Subject: [PATCH] use ifup for bridge-less cable; allow UPPER scripting for image file root; allow no-overlay subhost --- functions | 101 +++++++++++++++++++++++++++++++++------------------ overlay-boot | 26 ++++++++++++- overlay-go | 6 +++ 3 files changed, 96 insertions(+), 37 deletions(-) diff --git a/functions b/functions index 968c99d..0b01df8 100644 --- a/functions +++ b/functions @@ -50,57 +50,86 @@ auto eth$i iface eth$i inet manual EOF BR="${C%=*}" - [ -z "$BR" ] || brctl addif $BR $IF + if [ -z "$BR" ] ; then + ip link set $IF + ifup $IF + else + brctl addif $BR $IF + fi i=$((i+1)) done } -REAPER=$(dirname $(realpath $0))/reaper # (name live system root work) # Set up an overlay fmr $name on $live, with a new tmpfs on its /run, # and "install" a "reaper" as the upcoming pid 1 setup_overlay() { - local ROOT="$4" - local LIVE="$2" + local LIVE="$2" LOWER="$3" UPPER="$4" ROOT if grep -q "$1 $2" /proc/mounts ; then die "$1 is already mounted" fi - # setup $ROOT/run - mkdir -p "$ROOT/run" - mount -t tmpfs -osize=100M tmpfs "$ROOT/run" - mkdir -p "$ROOT/run/lock" - # setup $ROOT/dev - mkdir -p "$ROOT/dev" - mount -t tmpfs -osize=100M tmpfs "$ROOT/dev" - mknod -m 622 "$ROOT/dev/console" c 5 1 - mknod -m 666 "$ROOT/dev/null" c 1 3 - mknod -m 666 "$ROOT/dev/zero" c 1 5 - mknod -m 666 "$ROOT/dev/ptmx" c 5 2 - mknod -m 666 "$ROOT/dev/tty" c 5 0 - mknod -m 444 "$ROOT/dev/random" c 1 8 - mknod -m 444 "$ROOT/dev/urandom" c 1 9 - chown root:tty "$ROOT/dev/console" - chown root:tty "$ROOT/dev/ptmx" - chown root:tty "$ROOT/dev/tty" - ln -sTf /proc/self/fd "$ROOT/dev/fd" - ln -sTf /proc/self/fd/0 "$ROOT/dev/stdin" - ln -sTf /proc/self/fd/1 "$ROOT/dev/stdout" - ln -sTf /proc/self/fd/2 "$ROOT/dev/stderr" - ln -sTf /proc/kcore "$ROOT/dev/core" - mkdir "$ROOT/dev/shm" - mkdir "$ROOT/dev/pts" - chmod 1777 "$ROOT/dev/shm" + if [ -f "${UPPER%% *}" ] ; then + if [ -x "${UPPER%% *}" ] ; then + echo "${UPPER%% *} appears to be executable" >&2 + # Giving a program/script as UPPER= asks for running this + # first, to make a root filesystem available. The script takes + # ACTION "setup" and "teardown", and on "setup" it must tell + # where the ROOT is set up. + ROOT="$(env ACTION=setup $UPPER)" + if [ ! -d "$ROOT" ] ; then + # setup failed + die "root setup failed: $UPPER" + fi + UPPER="$ROOT" + ## Now falling down to "normal overlay" setup + else + die "${UPPER%% *} (root setup program/script) is not executable" + fi + fi + + # LIVE is the same as LOWER then skip the overlay; just assume + # a proper chroot system exists at LIVE. + if [ "$LIVE" != "$LOWER" ] ; then + # setup $UPPER/run + mkdir -p "$UPPER/run" + mount -t tmpfs -osize=100M tmpfs "$UPPER/run" + mkdir -p "$UPPER/run/lock" + # setup $UPPER/dev + mkdir -p "$UPPER/dev" + mount -t tmpfs -osize=100M tmpfs "$UPPER/dev" + mknod -m 622 "$UPPER/dev/console" c 5 1 + mknod -m 666 "$UPPER/dev/null" c 1 3 + mknod -m 666 "$UPPER/dev/zero" c 1 5 + mknod -m 666 "$UPPER/dev/ptmx" c 5 2 + mknod -m 666 "$UPPER/dev/tty" c 5 0 + mknod -m 444 "$UPPER/dev/random" c 1 8 + mknod -m 444 "$UPPER/dev/urandom" c 1 9 + chown root:tty "$UPPER/dev/console" + chown root:tty "$UPPER/dev/ptmx" + chown root:tty "$UPPER/dev/tty" + ln -sTf /proc/self/fd "$UPPER/dev/fd" + ln -sTf /proc/self/fd/0 "$UPPER/dev/stdin" + ln -sTf /proc/self/fd/1 "$UPPER/dev/stdout" + ln -sTf /proc/self/fd/2 "$UPPER/dev/stderr" + ln -sTf /proc/kcore "$UPPER/dev/core" + mkdir "$UPPER/dev/shm" + mkdir "$UPPER/dev/pts" + chmod 1777 "$UPPER/dev/shm" - if mount -t overlay -olowerdir=$3,upperdir=$4,workdir=$5 $1 $2 ; then - : # all good - else - umount -R "$ROOT/dev" - umount "$ROOT/run" - die "Cannot set up the overlay mount $2" + OLY="-olowerdir=$3,upperdir=$UPPER,workdir=$5" + if mount -t overlay "$OLY" $1 $2 ; then + : # all good + else + umount -R "$UPPER/dev" + umount "$UPPER/run" + die "Cannot set up the overlay mount $2" + fi fi - cp -p $REAPER $LIVE/.reaper + + echo "Installing $OVERLAYDIR/reaper to $LIVE/.reaper" + cp -p $OVERLAYDIR/reaper $LIVE/.reaper } start_services() { diff --git a/overlay-boot b/overlay-boot index 431263d..5e6bef9 100755 --- a/overlay-boot +++ b/overlay-boot @@ -4,10 +4,14 @@ # is an overlay of the subhost's root and an OS root. The service # subhost is defined by a configuration file named on teh command line +OVERLAYDIR="$(realpath $(dirname $0))" + [ $(id -u) = 0 ] || exec sudo $0 $@ . $(dirname $(realpath $0))/functions $* + CONFIG="$1" [ -r "$CONFIG" ] || die "Missing configuration $CONFIG" + config NAME $(basename $1 .${1##*.}) config LOG /tmp/oly-$NAME.log @@ -28,6 +32,10 @@ fi config BASE BASE="$(cd $(dirname $CONFIG); realpath $BASE)" +[ -z "$BASE" ] && die "BASE is unset; bogus $CONFIG ?" +[ -d "$BASE" ] || die "$BASE is not a directory; bogus $CONFIG ?" +cd "$BASE" || die "$BASE is inaccessible" + config LIVE "$BASE/live" config UPPER "$BASE/root" config WORK "$BASE/work" @@ -45,19 +53,35 @@ setup_overlay "$NAME" "$LIVE" "$LOWER" "$UPPER" "$WORK" exithandler() { ip netns del $NAME - umount -R "$LIVE" + [ "$LOWER" != "$LIVE" ] && umount -R "$LIVE" + [ -f "${UPPER%% *}" ] && [ -x "${UPPER%% *}" ] && \ + env ACTION=teardown $UPPER } trap "exithandler" 0 CMD="unshare -fp --mount-proc ip netns exec $NAME chroot $LIVE /bin/sh" echo "$CMD" +config RAM_SIZE 50M + cat <&2 + set +x + [ -p /run/dummy_service ] || mkfifo /run/dummy_service + ( printf dummy_service > /proc/self/comm ; read X < /run/dummy_service ) & + set -x +} +dummy_service /proc/*/comm exec /.reaper $NAME EOF echo "EXITED $CMD" diff --git a/overlay-go b/overlay-go index b055d98..ef237fc 100755 --- a/overlay-go +++ b/overlay-go @@ -25,3 +25,9 @@ EOF fi sudo nsenter -t "$RSPID" -n -m -p -r -w -u -C /bin/bash +if [ $? = 137 ] ; then + echo "######### please 'fg' this again (if stopped)" >&2 + stty sane # a killed bash might leave the tty insane and stty + # typically gets stopped trying to correct it +fi +echo "done" -- 2.39.2