diff options
| author | Andrew Cady <d@jerkface.net> | 2018-07-16 14:26:16 -0400 |
|---|---|---|
| committer | Andrew Cady <d@jerkface.net> | 2018-07-16 14:26:16 -0400 |
| commit | edac3168ff43f8eef8e4e62ae8b1d65020a27335 (patch) | |
| tree | fa50aad7dc38d6cb6a09ae406ef928028a9e4821 | |
| parent | d66f1b658186356df2d3c40994853da596c2b1e5 (diff) | |
use cgroup container for chroot command
| -rw-r--r-- | fsmgr.hs | 28 |
1 files changed, 26 insertions, 2 deletions
| @@ -23,6 +23,7 @@ import qualified Options.Applicative as Opt | |||
| 23 | ;import Options.Applicative hiding (action) | 23 | ;import Options.Applicative hiding (action) |
| 24 | 24 | ||
| 25 | import ConfigFile | 25 | import ConfigFile |
| 26 | import System.Directory (createDirectoryIfMissing) | ||
| 26 | import System.Posix.Process (getProcessID) | 27 | import System.Posix.Process (getProcessID) |
| 27 | 28 | ||
| 28 | noParent :: BaseImageSpecification -> Bool | 29 | noParent :: BaseImageSpecification -> Bool |
| @@ -139,6 +140,12 @@ run :: Options -> IO () | |||
| 139 | run (Options (Build (BuildOpts target))) = shakeBuildOneImage target | 140 | run (Options (Build (BuildOpts target))) = shakeBuildOneImage target |
| 140 | run (Options (Chroot (ChrootOpts target args))) = chrootImage target args | 141 | run (Options (Chroot (ChrootOpts target args))) = chrootImage target args |
| 141 | 142 | ||
| 143 | useCGroups :: Bool | ||
| 144 | useCGroups = True -- TODO: make command-line option | ||
| 145 | |||
| 146 | handle' :: IO b -> Action a -> Action a | ||
| 147 | handle' = flip actionOnException | ||
| 148 | |||
| 142 | chrootImage :: FilePath -> [String] -> IO () | 149 | chrootImage :: FilePath -> [String] -> IO () |
| 143 | chrootImage target args = | 150 | chrootImage target args = |
| 144 | shake shakeOptions {shakeFiles = "_build"} $ do | 151 | shake shakeOptions {shakeFiles = "_build"} $ do |
| @@ -153,8 +160,15 @@ chrootImage target args = | |||
| 153 | cmd_ "btrfstune -S0 -f" tmp | 160 | cmd_ "btrfstune -S0 -f" tmp |
| 154 | cmd_ "mkdir" [mnt] | 161 | cmd_ "mkdir" [mnt] |
| 155 | cmd_ "mount -t btrfs" [tmp, mnt] | 162 | cmd_ "mount -t btrfs" [tmp, mnt] |
| 156 | cmd_ (WithStderr False) (WithStdout False) "chroot" (mnt:args) -- TODO: cgroup | 163 | let (umount :: IO ()) = do |
| 157 | cmd_ "umount" [mnt] -- TODO: recursive umount | 164 | cmd_ "umount" [mnt] |
| 165 | cmd_ "rm -f" [tmp] | ||
| 166 | handle' umount $ | ||
| 167 | if useCGroups | ||
| 168 | then liftIO $ cgroupChroot ("fsmgr" <.> takeFileName target) mnt args | ||
| 169 | else cmd_ (WithStderr False) "chroot" (mnt : args) -- TODO: cgroup | ||
| 170 | cmd_ "umount" [mnt] | ||
| 171 | cmd_ "sync" | ||
| 158 | cmd_ "btrfstune -S1" tmp | 172 | cmd_ "btrfstune -S1" tmp |
| 159 | cmd_ "mv" [tmp, inp] | 173 | cmd_ "mv" [tmp, inp] |
| 160 | 174 | ||
| @@ -186,6 +200,16 @@ filepat ~%> act = phonys f | |||
| 186 | f file | (filepat ?== file) = Just (act file) | 200 | f file | (filepat ?== file) = Just (act file) |
| 187 | f _ = Nothing | 201 | f _ = Nothing |
| 188 | 202 | ||
| 203 | cgroupChroot :: String -> FilePath -> [String] -> IO () | ||
| 204 | cgroupChroot groupName mnt [] = cgroupChroot groupName mnt ["/bin/bash"] | ||
| 205 | cgroupChroot groupName mnt args = do | ||
| 206 | let cgdir = "/sys/fs/cgroup/pids" </> groupName | ||
| 207 | createDirectoryIfMissing False cgdir | ||
| 208 | cmd_ (Cwd mnt) (WithStderr False) | ||
| 209 | "unshare --ipc --uts --cgroup --mount --pid --fork chroot ." | ||
| 210 | "sh -exc" ["mount -t proc proc /proc; mount -t devpts devpts /dev/pts; exec \"$@\""] | ||
| 211 | "sh" args | ||
| 212 | |||
| 189 | shakeRules :: Rules () | 213 | shakeRules :: Rules () |
| 190 | shakeRules = do | 214 | shakeRules = do |
| 191 | "_build/*.yaml.canon" %> \out -> do | 215 | "_build/*.yaml.canon" %> \out -> do |