29a5a1f1e9
We now gracefully fallback to copying when/if systemplate is readonly. The bulk of the change is to support proper cleanup in both cases. First, we had to move as much of the jail bootstrapping into the loolwsd-systemplate-setup script, so systemplate will be as complete as possible before it is locked down. Next, we needed to update the jail with graceful fallback to linking/copying upon failure. For that, the jail setup logic in Kit.cpp has been reworked to support not just update failures, but also more comprehensive mounting failures as well. Finally, jail cleanup now is seamless. To support proper cleanup when we had mounting enabled but had to fallback, we mark jails that aren't mounted so we can 'rm -rf' the contents safely and without fear or causing undue damage (as unlikely as that is, technically we wouldn't want to rm systemplate files, if mounting read-only had failed). There are a few minor refactorings of JailUtil to make it cleaner and more robust. Change-Id: Iac34869cb84f45acf64fbbc46d46898367b496d2 Reviewed-on: https://gerrit.libreoffice.org/c/online/+/101260 Tested-by: Jenkins Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com> Reviewed-by: Andras Timar <andras.timar@collabora.com>
74 lines
2.3 KiB
C++
74 lines
2.3 KiB
C++
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4; fill-column: 100 -*- */
|
|
/*
|
|
* This file is part of the LibreOffice project.
|
|
*
|
|
* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
*/
|
|
|
|
#pragma once
|
|
|
|
#include <string>
|
|
|
|
#include <Poco/File.h>
|
|
#include <Poco/Path.h>
|
|
|
|
namespace JailUtil
|
|
{
|
|
/// Bind mount a jail directory.
|
|
bool bind(const std::string& source, const std::string& target);
|
|
|
|
/// Remount a bound mount point as readonly.
|
|
bool remountReadonly(const std::string& source, const std::string& target);
|
|
|
|
/// Unmount a bind-mounted jail directory.
|
|
bool unmount(const std::string& target);
|
|
|
|
/// Marks a jail as having been copied instead of mounted.
|
|
void markJailCopied(const std::string& root);
|
|
|
|
/// Returns true iff the jail in question was copied and not mounted.
|
|
bool isJailCopied(const std::string& root);
|
|
|
|
/// Remove the jail directory and all its contents.
|
|
void removeJail(const std::string& root);
|
|
|
|
/// Remove all jails.
|
|
void cleanupJails(const std::string& jailRoot);
|
|
|
|
/// Setup the jails.
|
|
void setupJails(bool bindMount, const std::string& jailRoot, const std::string& sysTemplate);
|
|
|
|
/// Setup /dev/random and /dev/urandom in the given jail path.
|
|
void setupJailDevNodes(const std::string& root);
|
|
|
|
/// Enable bind-mounting in this process.
|
|
void enableBindMounting();
|
|
|
|
/// Disable bind-mounting in this process.
|
|
void disableBindMounting();
|
|
|
|
/// Returns true iff bind-mounting is enabled in this process.
|
|
bool isBindMountingEnabled();
|
|
|
|
namespace SysTemplate
|
|
{
|
|
/// Setup links for /dev/random and /dev/urandom in systemplate.
|
|
void setupRandomDeviceLinks(const std::string& root);
|
|
|
|
/// Setup the dynamic files within the sysTemplate by either
|
|
/// copying or linking. See updateJail_DynamicFilesInSysTemplate.
|
|
/// If the dynamic files need updating and systemplate is read-only,
|
|
/// this will fail and mark files for copying.
|
|
void setupDynamicFiles(const std::string& sysTemplate);
|
|
|
|
/// Update the dynamic files within the sysTemplate before each child fork.
|
|
/// Returns false on failure.
|
|
bool updateDynamicFiles(const std::string& sysTemplate);
|
|
|
|
} // namespace SysTemplate
|
|
|
|
} // end namespace JailUtil
|
|
|
|
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
|