mirrors/copyparty
1
0
Fork 0
mirror of https://github.com/9001/copyparty.git synced 2025-08-17 09:02:15 -06:00
Code Issues Actions Packages Projects Releases Wiki Activity

prisonparty: support zfs-ubuntu

Browse source 
* when bind-mounting, resolve any symlinks ($v/) and read target inode;
   for example merged /bin and /usr/bin
* add failsafe in case this test should break in new exciting ways;
   inspect `mount` for any instances of the jailed path
   (not /proc/mounts since that has funny space encoding)
* unmount in a while-loop because xargs freaks out if one of them fail
   * and systemd doesn't give us a /dev/stderr to write to anyways
This commit is contained in:
ed 2023-11-25 02:16:48 +00:00
parent aa0b119031
commit edd3e53ab3
1 changed files with 20 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
bin/prisonparty.sh
View file

@ -28,6 +28,16 @@ exit 1
} }
errs=
for c in awk chroot dirname getent lsof mknod mount realpath sed sort stat uniq; do
command -v $c >/dev/null || {
echo ERROR: command not found: $c
errs=1
}
done
[ $errs ] && exit 1
# read arguments # read arguments
trap help EXIT trap help EXIT
jail="$(realpath "$1")"; shift jail="$(realpath "$1")"; shift
@ -86,27 +96,28 @@ while IFS= read -r v; do
printf '\033[1;31mfolder does not exist:\033[0m %s\n' "$v" printf '\033[1;31mfolder does not exist:\033[0m %s\n' "$v"
continue continue
} }
i1=$(stat -c%D.%i "$v" 2>/dev/null || echo a) i1=$(stat -c%D.%i "$v/" 2>/dev/null || echo a)
i2=$(stat -c%D.%i "$jail$v" 2>/dev/null || echo b) i2=$(stat -c%D.%i "$jail$v/" 2>/dev/null || echo b)
# echo "v [$v] i1 [$i1] i2 [$i2]"
[ $i1 = $i2 ] && continue [ $i1 = $i2 ] && continue
mount | grep -qF " $jail$v " && echo wtf $i1 $i2 $v && continue
mkdir -p "$jail$v" mkdir -p "$jail$v"
mount --bind "$v" "$jail$v" mount --bind "$v" "$jail$v"
done done
cln() { cln() {
rv=$? trap - EXIT
wait -f -p rv $p || true wait -f -n $p && rv=0 || rv=$?
cd / cd /
echo "stopping chroot..." echo "stopping chroot..."
lsof "$jail" | grep -F "$jail" && lsof "$jail" 2>/dev/null | grep -F "$jail" &&
echo "chroot is in use; will not unmount" || echo "chroot is in use; will not unmount" ||
{ {
mount | grep -F " on $jail" | mount | grep -F " on $jail" |
awk '{sub(/ type .*/,"");sub(/.* on /,"");print}' | awk '{sub(/ type .*/,"");sub(/.* on /,"");print}' |
LC_ALL=C sort -r | tee /dev/stderr | tr '\n' '\0' | xargs -r0 umount LC_ALL=C sort -r | while IFS= read -r v; do
umount "$v" && echo "umount OK: $v"
done
} }
exit $rv exit $rv
} }
@ -137,5 +148,5 @@ export LOGNAME="$USER"
chroot --userspec=$uid:$gid "$jail" "$pybin" $pyarg "$cpp" "$@" & chroot --userspec=$uid:$gid "$jail" "$pybin" $pyarg "$cpp" "$@" &
p=$! p=$!
trap 'kill -USR1 $p' USR1 trap 'kill -USR1 $p' USR1
trap 'kill $p' INT TERM trap 'trap - INT TERM; kill $p' INT TERM
wait wait