Selective unlocking and selective backups.

focker/compose.py

@@ -16,12 +16,15 @@ from .zfs import AmbiguousValueError, \
     zfs_set_props
 from .jail import jail_fs_create, \
     jail_create, \
-    jail_remove
+    jail_remove, \
+    backup_file
 from .misc import random_sha256_hexdigest, \
     find_prefix
 import subprocess
 import jailconf
 import os
+from .misc import focker_lock, \
+    focker_unlock
 
 
 def build_volumes(spec):
@@ -55,7 +58,9 @@ def build_images(spec, path, args):
             os.path.join(path, focker_dir), '-t', tag]
         if args.squeeze:
             cmd.append('--squeeze')
+        focker_unlock()
         res = subprocess.run(cmd)
+        focker_lock()
         if res.returncode != 0:
             raise RuntimeError('Image build failed: ' + str(res.returncode))
 
@@ -65,6 +70,7 @@ def build_jails(spec):
     #    conf = jailconf.load('/etc/jail.conf')
     #else:
     #    conf = jailconf.JailConf()
+    backup_file('/etc/jail.conf')
     for (jailname, jailspec) in spec.items():
         try:
             name, _ = zfs_find(jailname, focker_type='jail')
@@ -105,6 +111,5 @@ def command_compose_build(args):
         build_jails(spec['jails'])
 
 
-
 def command_compose_run(args):
     raise NotImplementedError

focker/jail.py

@@ -16,9 +16,11 @@ import jailconf
 from .mount import getmntinfo
 import shlex
 import stat
+from .misc import focker_lock, \
+    focker_unlock
 
 
-def backup_file(fname, nbackups=10):
+def backup_file(fname, nbackups=10, chmod=0o600):
     existing_backups = []
     for i in range(nbackups):
         bakname = '%s.%d' % (fname, i)
@@ -27,17 +29,17 @@ def backup_file(fname, nbackups=10):
             existing_backups.append((bakname, st.st_mtime))
         else:
             shutil.copyfile(fname, bakname)
+            os.chmod(bakname, chmod)
             return bakname
     existing_backups.sort(key=lambda a: a[1])
     # overwrite the oldest
     bakname = existing_backups[0][0]
     shutil.copyfile(fname, bakname)
+    os.chmod(bakname, chmod)
     return bakname
 
 
 def jail_conf_write(conf):
-    bakname = backup_file('/etc/jail.conf')
-    os.chmod(bakname, 0o600)
     conf.write('/etc/jail.conf')
 
 
@@ -201,6 +203,7 @@ def jail_remove(path):
 
 
 def command_jail_create(args):
+    backup_file('/etc/jail.conf')
     name = jail_fs_create(args.image)
     if args.tags:
         zfs_tag(name, args.tags)
@@ -238,17 +241,22 @@ def command_jail_exec(args):
     name, _ = zfs_find(args.reference, focker_type='jail')
     path = zfs_mountpoint(name)
     jid = get_jid(path)
+    focker_unlock()
     subprocess.run(['jexec', str(jid)] + args.command)
+    focker_lock()
 
 
 def jail_oneshot(image, command, env, mounts):
     # pdb.set_trace()
+    backup_file('/etc/jail.conf')
     name = jail_fs_create(image)
     path = zfs_mountpoint(name)
     jailname = jail_create(path,
         ' '.join(map(shlex.quote, command or ['/bin/sh'])),
         env, mounts)
+    focker_unlock()
     subprocess.run(['jail', '-c', jailname])
+    focker_lock()
     jail_remove(path)
 
 

focker/snapshot.py

@@ -6,6 +6,8 @@
 #
 
 from .zfs import *
+from .misc import focker_lock, \
+    focker_unlock
 
 
 def new_snapshot(base, fun, name):
@@ -17,7 +19,11 @@ def new_snapshot(base, fun, name):
         name = root + '/' + name
     zfs_run(['zfs', 'clone', base, name])
     try:
-        fun()
+        try:
+            focker_unlock()
+            fun()
+        finally:
+            focker_lock()
         zfs_run(['zfs', 'set', 'readonly=on', name])
         snap_name = name + '@1'
         zfs_run(['zfs', 'snapshot', snap_name])