Mercurial > hgrepos > FreeBSD > ports > sysutils > local-bsdtools

comparison sbin/ftjail @ 647:b0e8b5cf5d33

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Implement "_check_no_open_files_on_filesystem()" as common function and use it in ftjail. It checks for open files and memory mapping on a given file system. It uses the standard command "fstat -m -f <PATH>".
author Franz Glasner <fzglas.hg@dom66.de>
date Fri, 27 Sep 2024 19:17:21 +0200
parents 0c7917469e04
children 5a367d44b480
comparison
equal deleted inserted replaced
646:1d5f87e68078 647:b0e8b5cf5d33
868 local _opt_keep _opt_old_origin 868 local _opt_keep _opt_old_origin
869 869
870 local _res _jailname _dir_mounts _dir_fn_fstab _dir_fn_fstab2 870 local _res _jailname _dir_mounts _dir_fn_fstab _dir_fn_fstab2
871 local _dir_basename _dir_fn_tldir 871 local _dir_basename _dir_fn_tldir
872 local _root_dataset _root_mountpoint _root_type _root_options 872 local _root_dataset _root_mountpoint _root_type _root_options
873 local _mnt_device _mnt_mountpoint _mnt_type _mnt_options
873 local _clone_extra_props _canmount_prop 874 local _clone_extra_props _canmount_prop
874 local _line _opt 875 local _line _opt
875 local _root_readonly _root_origin 876 local _root_readonly _root_origin
876 local _u_tmpdir 877 local _u_tmpdir
877 local _add_log_sock 878 local _add_log_sock
945 # Check that the first item/line is a read-only ZFS mount directly 946 # Check that the first item/line is a read-only ZFS mount directly
946 # at the given directory. This must also be its configured 947 # at the given directory. This must also be its configured
947 # mountpoint in ZFS. 948 # mountpoint in ZFS.
948 # Also check that it is a clone proper. 949 # Also check that it is a clone proper.
949 # 950 #
950 IFS=$'\t' read -r _root_dataset _root_mountpoint _root_type _root_options _line <<EOF4tHGCSS 951 IFS=$'\t' read -r _root_dataset _root_mountpoint _root_type _root_options _line <<EOF4tHGCSSf5d7d9cf
951 ${_dir_mounts} 952 ${_dir_mounts}
952 EOF4tHGCSS 953 EOF4tHGCSSf5d7d9cf
953 [ "${_root_mountpoint}" != "${_directory}" ] && { echo "ERROR: found root mountpoint does not match given directory" 1>&2; return 1; } 954 [ "${_root_mountpoint}" != "${_directory}" ] && { echo "ERROR: found root mountpoint does not match given directory" 1>&2; return 1; }
954 [ "${_root_type}" != "zfs" ] && { echo "ERROR: root mountpoint is not from a ZFS dataset" 1>&2; return 1; } 955 [ "${_root_type}" != "zfs" ] && { echo "ERROR: root mountpoint is not from a ZFS dataset" 1>&2; return 1; }
955 _root_readonly="$(zfs list -H -o readonly "${_root_dataset}")" 956 _root_readonly="$(zfs list -H -o readonly "${_root_dataset}")"
956 [ "${_root_readonly}" != "on" ] && { echo "ERROR: the root dataset is not mounted read-only" 1>&2; return 1; } 957 [ "${_root_readonly}" != "on" ] && { echo "ERROR: the root dataset is not mounted read-only" 1>&2; return 1; }
957 _root_origin="$(zfs list -H -o origin "${_root_dataset}")" 958 _root_origin="$(zfs list -H -o origin "${_root_dataset}")"
958 if [ -n "${_opt_old_origin}" ]; then 959 if [ -n "${_opt_old_origin}" ]; then
959 [ "${_opt_old_origin}" != "${_root_origin}" ] && { echo "ERROR: origin mismatch" 1>&2; return 1; } 960 [ "${_opt_old_origin}" != "${_root_origin}" ] && { echo "ERROR: origin mismatch" 1>&2; return 1; }
960 else 961 else
961 [ "${_root_origin}" = '-' ] && { echo "ERROR: the root dataset is not a ZFS clone" 1>&2; return 1; } 962 [ "${_root_origin}" = '-' ] && { echo "ERROR: the root dataset is not a ZFS clone" 1>&2; return 1; }
962 fi 963 fi
964 #
965 # Check for open files on all the mounted filesystems
966 #
967 while IFS=$'\t' read -r _mnt_device _mnt_mountpoint _mnt_type _mnt_options _line; do
968 if ! _check_no_open_files_on_filesystem "${_mnt_mountpoint}" ; then
969 err "There are open files or memory mapping on file system \`${_mnt_mountpoint}'"
970 return 1
971 fi
972 done <<EOF4tHGCAASLfafbf1b5
973 ${_dir_mounts}
974 EOF4tHGCAASLfafbf1b5
963 975
964 # Determine we need to clone with a custom (non inherited) "mountpoint" 976 # Determine we need to clone with a custom (non inherited) "mountpoint"
965 _clone_extra_props="$(_get_clone_extra_prop_for_mountpoint "${_root_dataset}") " 977 _clone_extra_props="$(_get_clone_extra_prop_for_mountpoint "${_root_dataset}") "
966 # Determine we need to clone with a custom (non inherited) "canmount" 978 # Determine we need to clone with a custom (non inherited) "canmount"
967 _canmount_prop="$(_get_canmount_setting_for_dataset "${_root_dataset}")" 979 _canmount_prop="$(_get_canmount_setting_for_dataset "${_root_dataset}")"