yanguangshaonian
/
rocker
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

功能更新,添加time namespac

Browse Source
main
阳光少年 1 year ago
parent ffba90fbb3
commit 215821ee57
1 changed files with 14 additions and 5 deletions
Show Stats Download Patch File Download Diff File

19
src/main.rs
Unescape Escape View File

@ -1,4 +1,4 @@
use std::fs::OpenOptions; use std::fs::{remove_dir_all, OpenOptions};
use std::os::unix::fs::OpenOptionsExt; use std::os::unix::fs::OpenOptionsExt;
use std::{io, fs, fmt, os, path, process, time}; use std::{io, fs, fmt, os, path, process, time};
use fmt::Display; use fmt::Display;
@ -25,7 +25,8 @@ static WORKSPACE: &str = "/home/rocker";
static USER_NAME: &str = "rocker"; static USER_NAME: &str = "rocker";
static INFO_FILE: &str = "info.toml"; static INFO_FILE: &str = "info.toml";
static mut STACK: [u8; 1024*1024*1] = [0; 1024*1024*1]; static mut STACK: [u8; 1024*1024*1] = [0; 1024*1024*1];
static CLONE_FLAG: i32 = 0b1101100000000100000000000000000; // CLONE_NEWNS | CLONE_NEWUTS | CLONE_NEWPID | CLONE_NEWIPC | CLONE_NEWNET; // 在/usr/src目录执行 "find . -name "*.h" -exec grep -H "CLONE_NEWTIME" {} \;" 查找时间的namespac的值
static CLONE_FLAG: i32 = 0b1101100000000100000000000000000 | 0x00000080; // CLONE_NEWNS | CLONE_NEWUTS | CLONE_NEWPID | CLONE_NEWIPC | CLONE_NEWNET;
static START_T: OnceLock<time::Instant> = OnceLock::new(); static START_T: OnceLock<time::Instant> = OnceLock::new();
static LOGO: &str = r#" static LOGO: &str = r#"
@ -224,7 +225,7 @@ fn init_container_env(env: &String) -> Result<()>{
for (k, _) in std::env::vars(){ for (k, _) in std::env::vars(){
std::env::remove_var(k); std::env::remove_var(k);
} }
let mut env_vec = if env.starts_with("./") || env.starts_with("/") { let env_vec = if env.starts_with("./") || env.starts_with("/") {
// 读取出路径指定的文件作为env // 读取出路径指定的文件作为env
let env_text = fs::read_to_string(env)?; let env_text = fs::read_to_string(env)?;
env_text.lines().map(String::from).collect::<Vec<String>>() env_text.lines().map(String::from).collect::<Vec<String>>()
@ -293,6 +294,12 @@ fn init_container_proc() -> Result<()> {
Ok(()) Ok(())
} }
fn init_container_pts() -> Result<()> {
let mount_flags = MsFlags::MS_NODEV | MsFlags::MS_NOEXEC | MsFlags::MS_NOSUID;
mount(Some("devpts"), "/dev/pts", Some("devpts"), mount_flags, Some("mode=777"))?;
Ok(())
}
fn init_container_log() -> Result<()> { fn init_container_log() -> Result<()> {
let log_path = Path::new("logs"); let log_path = Path::new("logs");
let log_file = fs::OpenOptions::new() let log_file = fs::OpenOptions::new()
@ -334,7 +341,7 @@ fn check_container_is_running(pid: &Pid, main_exe: &Path) -> Result<bool> {
fn init_exec_ns(pid: i32) -> Result<()>{ fn init_exec_ns(pid: i32) -> Result<()>{
// 把当前进程加入到指定pid的namespace // 把当前进程加入到指定pid的namespace
for ns_name in vec!["ipc", "uts", "net", "pid", "mnt"] { for ns_name in vec!["ipc", "uts", "net", "pid", "mnt", "time"] {
let ns_path = format!("/proc/{pid}/ns/{ns_name}"); let ns_path = format!("/proc/{pid}/ns/{ns_name}");
let ns_fild = fs::File::open(ns_path)?; let ns_fild = fs::File::open(ns_path)?;
setns(ns_fild.as_fd(), CloneFlags::from_bits_retain(0))? } setns(ns_fild.as_fd(), CloneFlags::from_bits_retain(0))? }
@ -461,13 +468,15 @@ fn run_container(container_info: &ContainerInfo, is_exec_cmd: Option<&String>) -
init_container_dev(&container_merged_path).unwrap(); init_container_dev(&container_merged_path).unwrap();
} }
// 设置pivot // 设置pivot
init_container_pivot(&container_merged_path).unwrap(); init_container_pivot(&container_merged_path).unwrap();
// 挂载proc // 挂载proc
init_container_proc().unwrap(); init_container_proc().unwrap();
//
init_container_pts().unwrap();
if container_info.log { if container_info.log {
init_container_log().unwrap(); init_container_log().unwrap();
} }

Write Preview
Loading…
Cancel
Save