package sandbox

import (
	"encoding/gob"
	"fmt"
	"os"
	"path"
	"syscall"

	"git.gensokyo.uk/security/fortify/internal/fmsg"
)

func init() { gob.Register(new(MountProc)) }

type MountProc struct {
	Path string
}

func (p *MountProc) apply() error {
	if !path.IsAbs(p.Path) {
		return fmsg.WrapError(syscall.EBADE,
			fmt.Sprintf("path %q is not absolute", p.Path))
	}

	target := toSysroot(p.Path)
	if err := os.MkdirAll(target, 0755); err != nil {
		return fmsg.WrapError(err, err.Error())
	}
	return fmsg.WrapErrorSuffix(syscall.Mount("proc", target, "proc",
		syscall.MS_NOSUID|syscall.MS_NOEXEC|syscall.MS_NODEV, ""),
		fmt.Sprintf("cannot mount proc on %q:", p.Path))
}

func (p *MountProc) Is(op FSOp) bool { vp, ok := op.(*MountProc); return ok && *p == *vp }
func (p *MountProc) String() string  { return fmt.Sprintf("proc on %q", p.Path) }
func (f *Filesystem) Proc(dest string) *Filesystem {
	*f = append(*f, &MountProc{dest})
	return f
}