From 1656857d00f283131678b54175d50901b5eb628e Mon Sep 17 00:00:00 2001 From: Stanislaw Adaszewski Date: Wed, 6 May 2020 11:02:52 +0200 Subject: [PATCH] Selective unlocking and selective backups. --- focker/compose.py | 9 +++++++-- focker/jail.py | 14 +++++++++++--- focker/snapshot.py | 8 +++++++- 3 files changed, 25 insertions(+), 6 deletions(-) diff --git a/focker/compose.py b/focker/compose.py index c69fcdc..2bfc962 100644 --- a/focker/compose.py +++ b/focker/compose.py @@ -16,12 +16,15 @@ from .zfs import AmbiguousValueError, \ zfs_set_props from .jail import jail_fs_create, \ jail_create, \ - jail_remove + jail_remove, \ + backup_file from .misc import random_sha256_hexdigest, \ find_prefix import subprocess import jailconf import os +from .misc import focker_lock, \ + focker_unlock def build_volumes(spec): @@ -55,7 +58,9 @@ def build_images(spec, path, args): os.path.join(path, focker_dir), '-t', tag] if args.squeeze: cmd.append('--squeeze') + focker_unlock() res = subprocess.run(cmd) + focker_lock() if res.returncode != 0: raise RuntimeError('Image build failed: ' + str(res.returncode)) @@ -65,6 +70,7 @@ def build_jails(spec): # conf = jailconf.load('/etc/jail.conf') #else: # conf = jailconf.JailConf() + backup_file('/etc/jail.conf') for (jailname, jailspec) in spec.items(): try: name, _ = zfs_find(jailname, focker_type='jail') @@ -105,6 +111,5 @@ def command_compose_build(args): build_jails(spec['jails']) - def command_compose_run(args): raise NotImplementedError diff --git a/focker/jail.py b/focker/jail.py index 793f21e..4300fd7 100644 --- a/focker/jail.py +++ b/focker/jail.py @@ -16,9 +16,11 @@ import jailconf from .mount import getmntinfo import shlex import stat +from .misc import focker_lock, \ + focker_unlock -def backup_file(fname, nbackups=10): +def backup_file(fname, nbackups=10, chmod=0o600): existing_backups = [] for i in range(nbackups): bakname = '%s.%d' % (fname, i) @@ -27,17 +29,17 @@ def backup_file(fname, nbackups=10): existing_backups.append((bakname, st.st_mtime)) else: shutil.copyfile(fname, bakname) + os.chmod(bakname, chmod) return bakname existing_backups.sort(key=lambda a: a[1]) # overwrite the oldest bakname = existing_backups[0][0] shutil.copyfile(fname, bakname) + os.chmod(bakname, chmod) return bakname def jail_conf_write(conf): - bakname = backup_file('/etc/jail.conf') - os.chmod(bakname, 0o600) conf.write('/etc/jail.conf') @@ -201,6 +203,7 @@ def jail_remove(path): def command_jail_create(args): + backup_file('/etc/jail.conf') name = jail_fs_create(args.image) if args.tags: zfs_tag(name, args.tags) @@ -238,17 +241,22 @@ def command_jail_exec(args): name, _ = zfs_find(args.reference, focker_type='jail') path = zfs_mountpoint(name) jid = get_jid(path) + focker_unlock() subprocess.run(['jexec', str(jid)] + args.command) + focker_lock() def jail_oneshot(image, command, env, mounts): # pdb.set_trace() + backup_file('/etc/jail.conf') name = jail_fs_create(image) path = zfs_mountpoint(name) jailname = jail_create(path, ' '.join(map(shlex.quote, command or ['/bin/sh'])), env, mounts) + focker_unlock() subprocess.run(['jail', '-c', jailname]) + focker_lock() jail_remove(path) diff --git a/focker/snapshot.py b/focker/snapshot.py index 65b4358..0c8740e 100644 --- a/focker/snapshot.py +++ b/focker/snapshot.py @@ -6,6 +6,8 @@ # from .zfs import * +from .misc import focker_lock, \ + focker_unlock def new_snapshot(base, fun, name): @@ -17,7 +19,11 @@ def new_snapshot(base, fun, name): name = root + '/' + name zfs_run(['zfs', 'clone', base, name]) try: - fun() + try: + focker_unlock() + fun() + finally: + focker_lock() zfs_run(['zfs', 'set', 'readonly=on', name]) snap_name = name + '@1' zfs_run(['zfs', 'snapshot', snap_name])