From ba69639872a02e8930943b82185ca90eb721568d Mon Sep 17 00:00:00 2001 From: Daniel Golle Date: Fri, 3 Jan 2020 12:29:17 +0200 Subject: [PATCH] jail: create resolv.conf symlink for netns jails Signed-off-by: Daniel Golle --- jail/jail.c | 23 ++++++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/jail/jail.c b/jail/jail.c index 2d23ad2..9b8d1a9 100644 --- a/jail/jail.c +++ b/jail/jail.c @@ -96,7 +96,7 @@ static int mkdir_p(char *dir, mode_t mask) return ret; } -int mount_bind(const char *root, const char *path, int readonly, int error) +static int _mount_bind(const char *root, const char *path, const char *target, int readonly, int error) { struct stat s; char new[PATH_MAX]; @@ -107,12 +107,13 @@ int mount_bind(const char *root, const char *path, int readonly, int error) return error; } - snprintf(new, sizeof(new), "%s%s", root, path); + snprintf(new, sizeof(new), "%s%s", root, target?target:path); + if (S_ISDIR(s.st_mode)) { mkdir_p(new, 0755); } else { mkdir_p(dirname(new), 0755); - snprintf(new, sizeof(new), "%s%s", root, path); + snprintf(new, sizeof(new), "%s%s", root, target?target:path); fd = creat(new, 0644); if (fd == -1) { ERROR("creat(%s) failed: %m\n", new); @@ -136,6 +137,10 @@ int mount_bind(const char *root, const char *path, int readonly, int error) return 0; } +int mount_bind(const char *root, const char *path, int readonly, int error) { + return _mount_bind(root, path, NULL, readonly, error); +} + static int build_jail_fs(void) { char jail_root[] = "/tmp/ujail-XXXXXX"; @@ -165,6 +170,18 @@ static int build_jail_fs(void) return -1; } + if (opts.namespace & NAMESPACE_NET) { + char hostdir[PATH_MAX], jailetc[PATH_MAX], jaillink[PATH_MAX]; + + snprintf(hostdir, PATH_MAX, "/tmp/resolv.conf-%s.d", opts.name); + mkdir_p(hostdir, 0755); + _mount_bind(jail_root, hostdir, "/tmp/resolv.conf.d", 1, -1); + snprintf(jailetc, PATH_MAX, "%s/etc", jail_root); + mkdir_p(jailetc, 0755); + snprintf(jaillink, PATH_MAX, "%s/etc/resolv.conf", jail_root); + symlink("../tmp/resolv.conf.d/resolv.conf.auto", jaillink); + } + char dirbuf[sizeof(jail_root) + 4]; snprintf(dirbuf, sizeof(dirbuf), "%s/old", jail_root); mkdir(dirbuf, 0755); -- 2.30.2