fst/config: alternative /etc directory
This is useful for static /etc directories provided by self-contained application packages, or in cases where autoetc is useful for paths other than /etc. Signed-off-by: Ophestra <cat@gensokyo.uk>
This commit is contained in:
parent
aef847b5ae
commit
2fdbd6a4dd
@ -70,6 +70,8 @@ type SandboxConfig struct {
|
|||||||
Filesystem []*FilesystemConfig `json:"filesystem"`
|
Filesystem []*FilesystemConfig `json:"filesystem"`
|
||||||
// symlinks created inside the sandbox
|
// symlinks created inside the sandbox
|
||||||
Link [][2]string `json:"symlink"`
|
Link [][2]string `json:"symlink"`
|
||||||
|
// read-only /etc directory
|
||||||
|
Etc string `json:"etc,omitempty"`
|
||||||
// automatically set up /etc symlinks
|
// automatically set up /etc symlinks
|
||||||
AutoEtc bool `json:"auto_etc"`
|
AutoEtc bool `json:"auto_etc"`
|
||||||
// paths to override by mounting tmpfs over them
|
// paths to override by mounting tmpfs over them
|
||||||
@ -127,7 +129,11 @@ func (s *SandboxConfig) Bwrap(os linux.System) (*bwrap.Config, error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if !s.AutoEtc {
|
if !s.AutoEtc {
|
||||||
conf.Dir("/etc")
|
if s.Etc == "" {
|
||||||
|
conf.Dir("/etc")
|
||||||
|
} else {
|
||||||
|
conf.Bind(s.Etc, "/etc")
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
for _, c := range s.Filesystem {
|
for _, c := range s.Filesystem {
|
||||||
@ -147,7 +153,11 @@ func (s *SandboxConfig) Bwrap(os linux.System) (*bwrap.Config, error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if s.AutoEtc {
|
if s.AutoEtc {
|
||||||
conf.Bind("/etc", Tmp+"/etc")
|
if s.Etc == "" {
|
||||||
|
conf.Bind("/etc", Tmp+"/etc")
|
||||||
|
} else {
|
||||||
|
conf.Bind(s.Etc, Tmp+"/etc")
|
||||||
|
}
|
||||||
|
|
||||||
// link host /etc contents to prevent passwd/group from being overwritten
|
// link host /etc contents to prevent passwd/group from being overwritten
|
||||||
if d, err := os.ReadDir("/etc"); err != nil {
|
if d, err := os.ReadDir("/etc"); err != nil {
|
||||||
|
11
print.go
11
print.go
@ -70,7 +70,16 @@ func printShow(instance *state.State, config *fst.Config, short bool) {
|
|||||||
flags = append(flags, "none")
|
flags = append(flags, "none")
|
||||||
}
|
}
|
||||||
fmt.Fprintf(w, " Flags:\t%s\n", strings.Join(flags, " "))
|
fmt.Fprintf(w, " Flags:\t%s\n", strings.Join(flags, " "))
|
||||||
fmt.Fprintf(w, " Overrides:\t%s\n", strings.Join(sandbox.Override, " "))
|
|
||||||
|
etc := sandbox.Etc
|
||||||
|
if etc == "" {
|
||||||
|
etc = "/etc"
|
||||||
|
}
|
||||||
|
fmt.Fprintf(w, " Etc:\t%s\n", etc)
|
||||||
|
|
||||||
|
if len(sandbox.Override) > 0 {
|
||||||
|
fmt.Fprintf(w, " Overrides:\t%s\n", strings.Join(sandbox.Override, " "))
|
||||||
|
}
|
||||||
|
|
||||||
// Env map[string]string `json:"env"`
|
// Env map[string]string `json:"env"`
|
||||||
// Link [][2]string `json:"symlink"`
|
// Link [][2]string `json:"symlink"`
|
||||||
|
Loading…
Reference in New Issue
Block a user