hrr_rb_lxns 0.3.0 → 0.3.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c2638d4c8b3db4d56a38f2eb038b9079f8449e20645a875a2a3c11c31099716a
-  data.tar.gz: 1b92b52c8db60ba8ebd6b5f517a74daf8125986fc52c1719c51416875ec015d7
+  metadata.gz: 868082dbf4148772707fa2b6933b4f2711e944bb89100ed1e7b2ddb095dc6731
+  data.tar.gz: 5ae7eba8c9512417992e32cb1fa0cf0f5194d46257c253a56a3e72d77c984d50
 SHA512:
-  metadata.gz: 73a2767cf322ee5ba66f2187e81e5878a4233e11baa32c8a24ee87b1ecede422a52cada11f263af2bcd34c2a9d219e25be467b668fb8e6a7b37591b668bbe2de
-  data.tar.gz: c674dbbabb9c3708255dab0480acd8c8be21fe8c0635fc68c694441c2d14b7845b513b3a85074adb10123b941555a0dd3ca7ede5abf16302aa797e4cfccfaaf6
+  metadata.gz: 0561e4d528bf1e37bb54ce1f9fd006ef4b78c6ffac1365775c635342ceaeb669bedd1d9928e4bd290f9883062504470ef4539513ffd39ef61212e73d5788cd8a
+  data.tar.gz: a57b893e2ccd416ff8e2acd5033a95ce54f17ed63c338c2fca22364e438505d420080a36078ae83ad7a361e49e16988eec333c00f54aefd02e1a7c240d68428a

data/lib/hrr_rb_lxns.rb

@@ -10,6 +10,17 @@ module HrrRbLxns
   module Constants
   end
 
+  @@namespaces = Hash.new
+  @@namespaces["mnt"]    = {char: "m", flag: NEWNS,     key: :mount,   file_to_bind: "mnt"              }.freeze if const_defined? :NEWNS
+  @@namespaces["uts"]    = {char: "u", flag: NEWUTS,    key: :uts,     file_to_bind: "uts"              }.freeze if const_defined? :NEWUTS
+  @@namespaces["ipc"]    = {char: "i", flag: NEWIPC,    key: :ipc,     file_to_bind: "ipc"              }.freeze if const_defined? :NEWIPC
+  @@namespaces["net"]    = {char: "n", flag: NEWNET,    key: :network, file_to_bind: "net"              }.freeze if const_defined? :NEWNET
+  @@namespaces["pid"]    = {char: "p", flag: NEWPID,    key: :pid,     file_to_bind: "pid_for_children" }.freeze if const_defined? :NEWPID
+  @@namespaces["user"]   = {char: "U", flag: NEWUSER,   key: :user,    file_to_bind: "user"             }.freeze if const_defined? :NEWUSER
+  @@namespaces["cgroup"] = {char: "C", flag: NEWCGROUP, key: :cgroup,  file_to_bind: "cgroup"           }.freeze if const_defined? :NEWCGROUP
+  @@namespaces["time"]   = {char: "T", flag: NEWTIME,   key: :time,    file_to_bind: "time_for_children"}.freeze if const_defined? :NEWTIME
+  @@namespaces.freeze
+
   # Collects namespace files information in /proc/PID/ns/ directory of a process.
   #
   # @example
@@ -137,6 +148,10 @@ module HrrRbLxns
 
   private
 
+  def self.namespaces
+    @@namespaces
+  end
+
   def self.interpret_flags arg
     case arg
     when Integer
@@ -150,33 +165,17 @@ module HrrRbLxns
   end
 
   def self.check_flags flags
-    valid_flags = 0
-    valid_flags += NEWIPC    if const_defined?(:NEWIPC)
-    valid_flags += NEWNS     if const_defined?(:NEWNS)
-    valid_flags += NEWNET    if const_defined?(:NEWNET)
-    valid_flags += NEWPID    if const_defined?(:NEWPID)
-    valid_flags += NEWUTS    if const_defined?(:NEWUTS)
-    valid_flags += NEWUSER   if const_defined?(:NEWUSER)
-    valid_flags += NEWCGROUP if const_defined?(:NEWCGROUP)
-    valid_flags += NEWTIME   if const_defined?(:NEWTIME)
-    unless (flags - (flags & valid_flags)).zero?
+    unless (flags - (flags & namespaces.map{|_,v| v[:flag]}.inject(:+))).zero?
       raise ArgumentError, "unsupported flags are set"
     end
   end
 
   def self.chars_to_flags chars
-    chars.each_char.inject(0) do |f, c|
-      if    c == "i" && const_defined?(:NEWIPC)    then f | NEWIPC
-      elsif c == "m" && const_defined?(:NEWNS)     then f | NEWNS
-      elsif c == "n" && const_defined?(:NEWNET)    then f | NEWNET
-      elsif c == "p" && const_defined?(:NEWPID)    then f | NEWPID
-      elsif c == "u" && const_defined?(:NEWUTS)    then f | NEWUTS
-      elsif c == "U" && const_defined?(:NEWUSER)   then f | NEWUSER
-      elsif c == "C" && const_defined?(:NEWCGROUP) then f | NEWCGROUP
-      elsif c == "T" && const_defined?(:NEWTIME)   then f | NEWTIME
-      else raise ArgumentError, "unsupported flag charactor: #{c.inspect}"
-      end
+    invalid_chars = chars.chars - namespaces.map{|_,v| v[:char]}
+    unless invalid_chars.empty?
+      raise ArgumentError, "unsupported flag charactor: #{invalid_chars.inspect}"
     end
+    namespaces.select{|_,v| chars.include?(v[:char])}.map{|_,v| v[:flag]}.inject(0){|lsum,flag| lsum | flag}
   end
 
   def self.fork? options
@@ -184,16 +183,7 @@ module HrrRbLxns
   end
 
   def self.bind_ns_files? options
-    list = Array.new
-    list.push :ipc     if const_defined?(:NEWIPC)
-    list.push :mount   if const_defined?(:NEWNS)
-    list.push :network if const_defined?(:NEWNET)
-    list.push :pid     if const_defined?(:NEWPID)
-    list.push :uts     if const_defined?(:NEWUTS)
-    list.push :user    if const_defined?(:NEWUSER)
-    list.push :cgroup  if const_defined?(:NEWCGROUP)
-    list.push :time    if const_defined?(:NEWTIME)
-    (list & options.keys).empty?.!
+    (namespaces.map{|_,v| v[:key]} & options.keys).empty?.!
   end
 
   # In some cases, namespace files need to be created by an external process.
@@ -201,18 +191,35 @@ module HrrRbLxns
   def self.bind_ns_files_from_child flags, options
     if bind_ns_files? options
       pid_to_bind = Process.pid
-      pid = nil
-      begin
-        io_r, io_w = IO.pipe
+      IO.pipe do |io_r, io_w|
         if pid = fork
-          ret = yield
-          io_w.write "1"
-          io_w.close
-          if pid_to_bind == Process.pid
+          begin
+            ret = yield
+          rescue Exception
+            Process.kill "KILL", pid
             Process.waitpid pid
-            raise Marshal.load(io_r.read) unless $?.to_i.zero?
+            raise
+          else
+            IO.pipe do |io2_r, io2_w|
+              if ret
+                io_w.write "1"
+                io_w.close
+                Process.waitpid pid
+                unless $?.to_i.zero?
+                  if ret > 0
+                    Process.kill "KILL", ret
+                    Process.waitpid ret
+                  end
+                  raise Marshal.load(io_r.read) unless $?.to_i.zero?
+                end
+              else
+                io_w.close
+                io2_w.close
+                io2_r.read
+              end
+            end
+            ret
           end
-          ret
         else
           begin
             io_r.read 1
@@ -224,16 +231,6 @@ module HrrRbLxns
             exit! true
           end
         end
-      ensure
-        io_w.write "1" rescue nil # just in case getting an error before io_w.write
-        io_w.close     rescue nil
-        io_r.close     rescue nil
-        if pid_to_bind == Process.pid
-          begin
-            Process.waitpid pid
-          rescue Errno::ECHILD
-          end
-        end
       end
     else
       yield
@@ -241,16 +238,7 @@ module HrrRbLxns
   end
 
   def self.bind_ns_files flags, options, pid
-    list = Array.new
-    list.push ["ipc",               NEWIPC,    :ipc    ] if const_defined?(:NEWIPC)
-    list.push ["mnt",               NEWNS,     :mount  ] if const_defined?(:NEWNS)
-    list.push ["net",               NEWNET,    :network] if const_defined?(:NEWNET)
-    list.push ["pid_for_children",  NEWPID,    :pid    ] if const_defined?(:NEWPID)
-    list.push ["uts",               NEWUTS,    :uts    ] if const_defined?(:NEWUTS)
-    list.push ["user",              NEWUSER,   :user   ] if const_defined?(:NEWUSER)
-    list.push ["cgroup",            NEWCGROUP, :cgroup ] if const_defined?(:NEWCGROUP)
-    list.push ["time_for_children", NEWTIME,   :time   ] if const_defined?(:NEWTIME)
-    list.each do |name, flag, key|
+    namespaces.map{|_,v| [v[:file_to_bind], v[:flag], v[:key]]}.each do |name, flag, key|
       if (flags & flag).zero?.! && options[key]
         HrrRbMount.bind "/proc/#{pid}/ns/#{name}", options[key]
       end
@@ -258,7 +246,7 @@ module HrrRbLxns
   end
 
   def self.map_uid_gid? flags, options
-    const_defined?(:NEWUSER) && (flags & NEWUSER).zero?.! && (options.has_key?(:map_uid) || options.has_key?(:map_gid))
+    (flags & namespaces.fetch("user", {}).fetch(:flag, 0)).zero?.! && (options.has_key?(:map_uid) || options.has_key?(:map_gid))
   end
 
   # This method calls fork and the child process writes into /proc/PID/uid_map, /proc/PID/gid_map, and /proc/PID/setgroups.
@@ -337,7 +325,7 @@ module HrrRbLxns
   end
 
   def self.set_timens_offsets? flags, options
-    const_defined?(:NEWTIME) && (flags & NEWTIME).zero?.! && (options.has_key?(:monotonic) || options.has_key?(:boottime))
+    (flags & namespaces.fetch("time", {}).fetch(:flag, 0)).zero?.! && (options.has_key?(:monotonic) || options.has_key?(:boottime))
   end
 
   def self.set_timens_offsets(flags, options)
@@ -387,17 +375,8 @@ module HrrRbLxns
   end
 
   def self.get_nstype_file_h flags, pid, options
-    list = Array.new
-    list.push ["ipc",    NEWIPC,    :ipc    ] if const_defined?(:NEWIPC)
-    list.push ["mnt",    NEWNS,     :mount  ] if const_defined?(:NEWNS)
-    list.push ["net",    NEWNET,    :network] if const_defined?(:NEWNET)
-    list.push ["pid",    NEWPID,    :pid    ] if const_defined?(:NEWPID)
-    list.push ["uts",    NEWUTS,    :uts    ] if const_defined?(:NEWUTS)
-    list.push ["user",   NEWUSER,   :user   ] if const_defined?(:NEWUSER)
-    list.push ["cgroup", NEWCGROUP, :cgroup ] if const_defined?(:NEWCGROUP)
-    list.push ["time",   NEWTIME,   :time   ] if const_defined?(:NEWTIME)
     nstype_file_h = Hash.new
-    list.each do |name, flag, key|
+    namespaces.map{|k,v| [k, v[:flag], v[:key]]}.each do |name, flag, key|
       file = get_file name, (flags & flag), pid, key, options[key]
       nstype_file_h[flag] = file if file
     end

data/lib/hrr_rb_lxns/version.rb

@@ -1,3 +1,3 @@
 module HrrRbLxns
-  VERSION = "0.3.0"
+  VERSION = "0.3.1"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: hrr_rb_lxns
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.3.1
 platform: ruby
 authors:
 - hirura
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-05-10 00:00:00.000000000 Z
+date: 2020-05-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: hrr_rb_mount