2020-07-14 21:09:52 +00:00
|
|
|
#ifndef _CONTAINER
|
|
|
|
#define _CONTAINER
|
|
|
|
|
2020-06-28 23:59:32 +00:00
|
|
|
#include "prototype.h"
|
|
|
|
|
|
|
|
#define __USE_GNU
|
|
|
|
#define _GNU_SOURCE
|
2020-07-14 21:09:52 +00:00
|
|
|
|
2020-06-28 23:59:32 +00:00
|
|
|
#include <sched.h>
|
|
|
|
#include <stdarg.h>
|
|
|
|
#include <sys/wait.h>
|
|
|
|
#include <string.h>
|
2020-07-14 21:09:52 +00:00
|
|
|
#include <signal.h>
|
|
|
|
#include <unistd.h>
|
2020-06-28 23:59:32 +00:00
|
|
|
|
|
|
|
#define STACKSIZE (1024 * 1024)
|
|
|
|
static char child_stack[STACKSIZE];
|
|
|
|
|
|
|
|
/**
|
2020-07-14 21:09:52 +00:00
|
|
|
* Child_exec is the func that will be executed as the result of clone
|
2020-06-28 23:59:32 +00:00
|
|
|
*/
|
2020-07-14 21:09:52 +00:00
|
|
|
int container_create(void *stuff)
|
2020-06-28 23:59:32 +00:00
|
|
|
{
|
2020-07-14 21:09:52 +00:00
|
|
|
char rootfs_path[] = "./busybox";
|
2020-06-28 23:59:32 +00:00
|
|
|
container_t *c = (container_t *)stuff;
|
2020-07-14 21:09:52 +00:00
|
|
|
struct clone_args *cloneArgs = &(c->cloneArgs);
|
|
|
|
|
|
|
|
if (pivot_root(rootfs_path) != 0)
|
|
|
|
{
|
|
|
|
error_handler_container(c, "failed to pivot root");
|
|
|
|
}
|
|
|
|
|
|
|
|
// mount dev, sys, proc into pivot root fs
|
|
|
|
remount();
|
2020-06-28 23:59:32 +00:00
|
|
|
|
|
|
|
if (sethostname(cloneArgs->hostname, strlen(cloneArgs->hostname)) != 0)
|
|
|
|
{
|
2020-07-14 21:09:52 +00:00
|
|
|
error_handler_container(c, "fail to set new hostname");
|
2020-06-28 23:59:32 +00:00
|
|
|
}
|
|
|
|
|
2020-07-14 21:09:52 +00:00
|
|
|
// run container command
|
2020-07-19 21:17:39 +00:00
|
|
|
if (run_subprocess_async(cloneArgs->argc, cloneArgs->argv) != 0)
|
2020-06-28 23:59:32 +00:00
|
|
|
{
|
2020-07-14 21:09:52 +00:00
|
|
|
error_handler_container(c, "failed to execvp arguments");
|
2020-06-28 23:59:32 +00:00
|
|
|
}
|
2020-07-14 21:09:52 +00:00
|
|
|
|
2020-07-19 21:17:39 +00:00
|
|
|
free(c); // free twice don't know why but maybe clone lost c reference
|
2020-07-14 21:09:52 +00:00
|
|
|
c = NULL;
|
|
|
|
|
|
|
|
// we end container
|
|
|
|
return EXIT_SUCCESS;
|
2020-06-28 23:59:32 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2020-07-14 21:09:52 +00:00
|
|
|
* Container constructor initialize container_t object
|
2020-06-28 23:59:32 +00:00
|
|
|
*/
|
|
|
|
container_t *initialize_container(struct clone_args cloneArgs)
|
|
|
|
{
|
|
|
|
container_t *c = (container_t *)malloc(sizeof(container_t));
|
|
|
|
// in order new net ns, new mount ns, new hostname ns, new pid ns, child ns
|
2020-07-19 21:29:55 +00:00
|
|
|
c->_cloneFlags = CLONE_NEWUSER | CLONE_NEWNET | CLONE_NEWNS | CLONE_NEWUTS | CLONE_NEWIPC | CLONE_NEWPID | CLONE_NEWCGROUP;
|
2020-06-28 23:59:32 +00:00
|
|
|
c->cloneArgs = cloneArgs;
|
|
|
|
return c;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2020-07-14 21:09:52 +00:00
|
|
|
* Launch command into container
|
2020-06-28 23:59:32 +00:00
|
|
|
*/
|
2020-07-14 21:09:52 +00:00
|
|
|
pid_t run_container(container_t *c)
|
2020-06-28 23:59:32 +00:00
|
|
|
{
|
2020-07-14 21:09:52 +00:00
|
|
|
// the result of this call is that our child_exec will be run_container in another
|
2020-06-28 23:59:32 +00:00
|
|
|
// process returning it's pid
|
2020-07-14 21:09:52 +00:00
|
|
|
pid_t pid = clone(container_create, child_stack + STACKSIZE, c->_cloneFlags | SIGCHLD, c);
|
2020-06-28 23:59:32 +00:00
|
|
|
if (pid < 0)
|
|
|
|
{
|
2020-07-14 21:09:52 +00:00
|
|
|
error_handler_container(c, "failed to run_container clone");
|
2020-06-28 23:59:32 +00:00
|
|
|
}
|
2020-07-19 21:17:39 +00:00
|
|
|
// lets wait on our child process here before we, the parent, exit
|
2020-06-28 23:59:32 +00:00
|
|
|
if (waitpid(pid, NULL, 0) == -1)
|
|
|
|
{
|
2020-07-14 21:09:52 +00:00
|
|
|
error_handler_container(c, "failed to wait pid %d", pid);
|
2020-06-28 23:59:32 +00:00
|
|
|
}
|
2020-07-14 21:09:52 +00:00
|
|
|
|
2020-06-28 23:59:32 +00:00
|
|
|
return pid;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2020-07-14 21:09:52 +00:00
|
|
|
* Handle error occured during container creation
|
2020-06-28 23:59:32 +00:00
|
|
|
* this methode permit to call container_destroy
|
|
|
|
* before printing error
|
|
|
|
* take at last parameter variadic argument
|
|
|
|
*/
|
2020-07-14 21:09:52 +00:00
|
|
|
void error_handler_container(container_t *c, const char *error_msg, ...)
|
2020-06-28 23:59:32 +00:00
|
|
|
{
|
|
|
|
va_list arg;
|
|
|
|
va_start(arg, error_msg);
|
|
|
|
|
|
|
|
destroy_container(c);
|
2020-07-14 21:09:52 +00:00
|
|
|
last_error(error_msg, arg);
|
2020-06-28 23:59:32 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2020-07-14 21:09:52 +00:00
|
|
|
* Container destructor
|
2020-06-28 23:59:32 +00:00
|
|
|
*/
|
|
|
|
void destroy_container(container_t *c)
|
|
|
|
{
|
|
|
|
free(c);
|
|
|
|
}
|
2020-07-14 21:09:52 +00:00
|
|
|
|
|
|
|
#endif
|