From 90d22c3af0a27b022f835dbcdc28e7e48744a468 Mon Sep 17 00:00:00 2001 From: Nicolas Geniteau Date: Tue, 5 Nov 2013 03:45:35 +0100 Subject: [PATCH 1/3] Add Knuth in servers list --- commands/manage-server.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/commands/manage-server.sh b/commands/manage-server.sh index 145bed9..3c0620a 100755 --- a/commands/manage-server.sh +++ b/commands/manage-server.sh @@ -1,10 +1,10 @@ -#! /bin/bash +#! /usr/bin/env bash cd $(dirname "$0") WKS_LIST="apl" SRV_LIST="moore noyce hamano cpp" -SCP_LIST="ksh" +SCP_LIST="ksh knuth" KNOWN_ACTIONS="start stop restart update log viewlog view_log" From 691a72406150dbfdcb484d9577de2136c4cf07c1 Mon Sep 17 00:00:00 2001 From: Nicolas Geniteau Date: Tue, 5 Nov 2013 17:26:56 +0100 Subject: [PATCH 2/3] adding otto as server --- commands/manage-server.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/commands/manage-server.sh b/commands/manage-server.sh index 3c0620a..e1ea557 100755 --- a/commands/manage-server.sh +++ b/commands/manage-server.sh @@ -3,7 +3,7 @@ cd $(dirname "$0") WKS_LIST="apl" -SRV_LIST="moore noyce hamano cpp" +SRV_LIST="moore noyce hamano cpp otto" SCP_LIST="ksh knuth" KNOWN_ACTIONS="start stop restart update log viewlog view_log" From dfbd4e69bad07303f3bfcf3fe25dbe317fb5cf04 Mon Sep 17 00:00:00 2001 From: Nicolas Geniteau Date: Tue, 5 Nov 2013 17:29:06 +0100 Subject: [PATCH 3/3] ACU::Jail --- ACU/Jail.pm | 71 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 71 insertions(+) create mode 100644 ACU/Jail.pm diff --git a/ACU/Jail.pm b/ACU/Jail.pm new file mode 100644 index 0000000..3139925 --- /dev/null +++ b/ACU/Jail.pm @@ -0,0 +1,71 @@ +#! /usr/bin/env perl + +package Jail; + +use v5.10.1; +use strict; +use warnings; +use Carp; +use File::Temp qw(tempdir); +use File::Path qw(remove_tree); +use File::Copy::Recursive qw(dircopy); + +use ACU::Log; + +use constant { + JAILS_DIR => "/jail/", + RULESET_NO => 4, +}; + +sub run_command +{ + my $jail = shift; + my $command = shift; + my $readonly = shift; + my $work_dir = shift; + + # Verifications + croak JAILS_DIR . "$jail doesn't exist." unless ( -d JAILS_DIR . $jail); + croak JAILS_DIR . "$jail/data doesn't exist." unless ( -d JAILS_DIR . "$jail/data"); + + + my $jail_path = JAILS_DIR . $jail; + my $mounts = ""; + if ($readonly) { + $jail_path = tempdir(); + $mounts = "mount='" . JAILS_DIR . "$jail $jail_path nullfs ro 0 0' "; + } + + $mounts .= "mount='tmpfs $jail_path/tmp tmpfs rw,mode=777 0 0' "; + + my $jail_data_path = "$jail_path/data"; + + # Creating the working directory + if (defined ($work_dir) and $work_dir ne "") { + $mounts .= "mount='$work_dir $jail_data_path nullfs rw 0 0' "; + } + + # Create and start jail + my $jail_cmd = "jail -c path='$jail_path' "; + $jail_cmd .= "persist=false "; + $jail_cmd .= "devfs_ruleset=". RULESET_NO ." "; + $jail_cmd .= "$mounts"; + if (defined ($work_dir) and $work_dir ne "") { + $jail_cmd .= "exec.start='cd $jail_data_path && $command'"; + } else { + $jail_cmd .= "exec.start='$command'"; + } + system($jail_cmd); + croak "Error while executing '$jail_cmd'" if ($?); + + # Force umount + system("umount -f $jail_path/tmp"); + if (defined ($work_dir) and $work_dir ne "") { + system("umount -f $jail_data_path"); + } + if ($readonly) { + system("umount -f $jail_path"); + } +} + +1;