func LoadConfig(filepath string) {
if _, err := os.Stat(filepath); os.IsNotExist(err) {
gologit.Fatalf("%s not present or not readable", filepath)
}
buffer := &bytes.Buffer{}
buffer.WriteString("[main]\n")
f, err := os.Open(filepath)
if err != nil {
gologit.Printf("Error reading config file %s", filepath)
gologit.Fatal(err)
}
defer f.Close()
_, err = buffer.ReadFrom(f)
if err != nil {
gologit.Printf("Error reading config file %s", filepath)
gologit.Fatal(err)
}
err = gcfg.ReadInto(&Config, buffer)
if err != nil {
gologit.Printf("Error parsing config file %s", filepath)
gologit.Fatal(err)
}
}
func stopCmdRun(cmd *cobra.Command, args []string) {
// requires root
if !core.IsRoot() {
gologit.Fatalf("Must be root to stop\n")
}
jail, err := core.FindJail(args[0])
if err != nil {
gologit.Fatalf("No jail found by '%s'\n", args[0])
}
if !jail.IsRunning() {
gologit.Fatalf("Jail is not running!\n")
}
// create file
f, err := os.OpenFile(jail.GetLogPath(), os.O_APPEND|os.O_WRONLY|os.O_CREATE, 0600)
if err != nil {
gologit.Fatal(err)
}
defer f.Close()
fmt.Printf("* Stopping %s (%s)\n", jail.HostUUID, jail.Tag)
fmt.Printf(" + Removing jail process\n")
file, err := ioutil.TempFile(os.TempDir(), "rollcage.")
defer os.Remove(file.Name())
jailConfig := jail.JailConfig()
gologit.Debugln(jailConfig)
file.WriteString(jailConfig)
file.Close()
excmd := exec.Command(
"/usr/sbin/jail",
"-f", file.Name(),
"-r", fmt.Sprintf("ioc-%s", jail.HostUUID))
excmd.Stdout = f
excmd.Stderr = f
err = excmd.Run()
if err != nil {
gologit.Fatal(err)
}
// mostly for safety...
fmt.Printf(" + Tearing down mounts\n")
umountCmd("-afvF", path.Join(jail.Mountpoint, "fstab"))
umountCmd(path.Join(jail.Mountpoint, "root/dev/fd"))
umountCmd(path.Join(jail.Mountpoint, "root/dev"))
umountCmd(path.Join(jail.Mountpoint, "root/proc"))
// TODO: basejail here?
// TODO: rctl stuff here...
}
func IsRoot() bool {
u, err := user.Current()
if err != nil {
gologit.Fatal(err)
}
if u.Uid == "0" {
return true
}
return false
}
func restartCmdRun(cmd *cobra.Command, args []string) {
// requires root
if !core.IsRoot() {
gologit.Fatalf("Must be root to stop\n")
}
jail, err := core.FindJail(args[0])
if err != nil {
gologit.Fatalf("No jail found by '%s'\n", args[0])
}
if !jail.IsRunning() {
gologit.Fatalf("Jail is not running!\n")
}
// create file
f, err := os.OpenFile(jail.GetLogPath(), os.O_APPEND|os.O_WRONLY|os.O_CREATE, 0600)
if err != nil {
gologit.Fatal(err)
}
defer f.Close()
props := jail.GetProperties()
jexec := []string{fmt.Sprintf("ioc-%s", jail.HostUUID)}
jexec_stop := append(jexec, core.SplitFieldsQuoteSafe(props.GetIOC("exec_stop"))...)
excmd := exec.Command("/usr/sbin/jexec", jexec_stop...)
excmd.Stdout = f
excmd.Stderr = f
err = excmd.Run()
if err != nil {
gologit.Printf("%s\n", err)
}
jexec_start := append(jexec, core.SplitFieldsQuoteSafe(props.GetIOC("exec_start"))...)
excmd = exec.Command("/usr/sbin/jexec", jexec_start...)
excmd.Stdout = f
excmd.Stderr = f
err = excmd.Run()
if err != nil {
gologit.Printf("%s\n", err)
}
// set last_started property
t := time.Now()
core.ZFSMust(
fmt.Errorf("Error setting property"), "set",
fmt.Sprintf(
"org.freebsd.iocage:last_started=%s",
t.Format("2006-01-02_15:04:05")),
jail.Path)
}
func execCmdRun(cmd *cobra.Command, args []string) {
// requires root
if !core.IsRoot() {
gologit.Fatalf("Must be root to use exec\n")
}
jail, err := core.FindJail(args[0])
if err != nil {
gologit.Fatalf("No jail found by '%s'\n", args[0])
}
if !jail.IsRunning() {
gologit.Fatalf("Jail is not running!\n")
}
// get exec fib property
lines := core.SplitOutput(core.ZFSMust(
fmt.Errorf("Error listing jails"),
"list", "-H",
"-o", "org.freebsd.iocage:login_flags,org.freebsd.iocage:exec_fib",
jail.Path))
execFib := lines[0][1]
jexec := []string{}
if execFib != "0" {
jexec = append(jexec, "/usr/sbin/setfib", execFib)
}
jexec = append(jexec, "/usr/sbin/jexec")
if hostUser != "" {
jexec = append(jexec, "-u", hostUser)
}
if jailUser != "" {
jexec = append(jexec, "-U", jailUser)
}
jexec = append(jexec, fmt.Sprintf("ioc-%s", jail.HostUUID))
jexec = append(jexec, args[1:]...)
// set a default path
environ := []string{
"PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin",
}
// set a term from caller
environ = append(environ, fmt.Sprintf("TERM=%s", os.Getenv("TERM")))
gologit.Debugf("%#s\n", jexec)
execErr := syscall.Exec(jexec[0], jexec, environ)
if execErr != nil {
gologit.Fatal(execErr)
}
}
func chrootCmdRun(cmd *cobra.Command, args []string) {
// requires root
if !core.IsRoot() {
gologit.Fatalf("Must be root to chroot\n")
}
jail, err := core.FindJail(args[0])
if err != nil {
gologit.Fatalf("No jail found by '%s'\n", args[0])
}
propertyOut := core.ZFSMust(
fmt.Errorf("Error getting properties"),
"get", "-H", "-o", "value", "mountpoint", jail.Path)
chrootArgs := []string{
"/usr/sbin/chroot",
path.Join(propertyOut, "root"),
}
if len(args) > 1 {
chrootArgs = append(chrootArgs, args[1:]...)
} else {
shell := os.Getenv("SHELL")
if shell == "" {
shell = "/bin/sh"
}
chrootArgs = append(chrootArgs, shell)
}
// set a default path
environ := []string{
"PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin",
}
// set a term from caller
environ = append(environ, fmt.Sprintf("TERM=%s", os.Getenv("TERM")))
execErr := syscall.Exec(chrootArgs[0], chrootArgs, environ)
if execErr != nil {
gologit.Fatal(execErr)
}
}
func startCmdRun(cmd *cobra.Command, args []string) {
// requires root
if !core.IsRoot() {
gologit.Fatalf("Must be root to stop\n")
}
jail, err := core.FindJail(args[0])
if err != nil {
gologit.Fatalf("No jail found by '%s'\n", args[0])
}
if jail.IsRunning() {
gologit.Fatalf("Jail is already running!\n")
}
props := jail.GetProperties()
// set a default path
environ := []string{
"PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin",
}
fmt.Printf("* Starting %s (%s)\n", jail.HostUUID, jail.Tag)
// mount procfs
if props.GetIOC("mount_procfs") == "1" {
fmt.Printf(" + mounting procfs\n")
procpath := path.Join(jail.Mountpoint, "root/proc")
excmd := exec.Command("/sbin/mount", "-t", "procfs", "proc", procpath)
excmd.Env = environ
err := excmd.Run()
if err != nil {
gologit.Printf("%s\n", err)
}
}
// prepare jail zfs dataset if enabled
if props.GetIOC("jail_zfs") == "on" {
fmt.Printf(" + jailing zfs dataset\n")
setprops := core.ZFSProperties{
"org.freebsd.iocage:allow_mount": "1",
"org.freebsd.iocage:allow_mount_zfs": "1",
"org.freebsd.iocage:enforce_statfs": "1",
}
jail.SetProperties(setprops)
core.ZFSMust(
fmt.Errorf("Error setting property"),
"set", "jailed=on",
path.Join(core.GetZFSRootPath(), props.GetIOC("jail_zfs_dataset")))
}
// copy resolv conf
err = core.CopyFile(
"/etc/resolv.conf",
path.Join(jail.Mountpoint, "root/etc/resolv.conf"))
if err != nil {
gologit.Printf("%s\n", err)
}
// create log file
logfile, err := os.OpenFile(jail.GetLogPath(), os.O_APPEND|os.O_WRONLY|os.O_CREATE, 0600)
if err != nil {
gologit.Fatal(err)
}
defer logfile.Close()
file, err := ioutil.TempFile(os.TempDir(), "rollcage.")
defer os.Remove(file.Name())
jailConfig := jail.JailConfig()
gologit.Debugln(jailConfig)
file.WriteString(jailConfig)
file.Close()
excmd := exec.Command(
"/usr/sbin/jail",
"-f", file.Name(),
"-c", fmt.Sprintf("ioc-%s", jail.HostUUID))
excmd.Stdout = logfile
excmd.Stderr = logfile
err = excmd.Run()
if err != nil {
gologit.Fatal(err)
}
// rctl_limits?
// cpuset?
// jail zfs
if props.GetIOC("jail_zfs") == "on" {
core.ZFSMust(
fmt.Errorf("Error setting property"),
"jail", fmt.Sprintf("ioc-%s", jail.HostUUID),
path.Join(core.GetZFSRootPath(), props.GetIOC("jail_zfs_dataset")))
out, err := exec.Command(
"/usr/sbin/jexec",
fmt.Sprintf("ioc-%s", jail.HostUUID),
"zfs", "mount", "-a").CombinedOutput()
gologit.Debugln(string(out))
if err != nil {
gologit.Printf("%s\n", err)
}
}
// set last_started property
t := time.Now()
core.ZFSMust(
fmt.Errorf("Error setting property"), "set",
fmt.Sprintf(
"org.freebsd.iocage:last_started=%s",
t.Format("2006-01-02_15:04:05")),
jail.Path)
}