diff options
author | Sam Thursfield <sam.thursfield@codethink.co.uk> | 2015-05-22 11:53:19 +0100 |
---|---|---|
committer | Sam Thursfield <sam.thursfield@codethink.co.uk> | 2015-05-22 11:55:29 +0100 |
commit | 6035cf559bea99ea26186ab49c8efaa1e579304c (patch) | |
tree | f978352e2f374369a12e9f70b8b0e231806cf400 | |
parent | a3bd1ea3de886ec5f88eaee6770bb29c953c32ef (diff) | |
download | sandboxlib-6035cf559bea99ea26186ab49c8efaa1e579304c.tar.gz |
Create a 'sandboxlib' package, rework 'chroot' module
Removed the App Container-specific stuff from 'chroot' module, and
added a copyright notice.
-rw-r--r-- | exec/chroot.py | 58 | ||||
-rw-r--r-- | sandboxlib/chroot.py | 27 |
2 files changed, 27 insertions, 58 deletions
diff --git a/exec/chroot.py b/exec/chroot.py deleted file mode 100644 index d393d50..0000000 --- a/exec/chroot.py +++ /dev/null @@ -1,58 +0,0 @@ -# Run a sandbox in a chroot. - - -import contextlib -import json -import os -import shutil -import subprocess -import tarfile -import tempfile - - -@contextlib.contextmanager -def unpack_app_container_image(image_file): - tempdir = tempfile.mkdtemp() - try: - # FIXME: you gotta be root, sorry. - with tarfile.open(image_file, 'r') as tf: - tf.extractall(path=tempdir) - - manifest_path = os.path.join(tempdir, 'manifest') - rootfs_path = os.path.join(tempdir, 'rootfs') - - with open(manifest_path, 'r') as f: - manifest_data = json.load(f) - - yield rootfs_path, manifest_data - finally: - shutil.rmtree(tempdir) - - -def _run_sandbox_real(rootfs_path, manifest, command=None): - # FIXME: you gotta be root. - print manifest - if command is None: - # Use the command from the image - command = manifest['app']['exec'] - if type(command) == str: - command = [command] - subprocess.call(['chroot', rootfs_path] + command) - - -def run_sandbox(app_container_image=None, - rootfs_path=None, - manifest=None, - command=None): - if app_container_image is not None: - assert rootfs_path is None and manifest is None, \ - "You cannot specify a rootfs_path or manifest when running an " \ - "App Container image." - with unpack_app_container_image(app_container_image) as (rootfs_path, manifest): - return _run_sandbox_real(rootfs_path, manifest, command=command) - else: - _run_sandbox_real(rootfs_path, manifest, command=command) - - -run_sandbox(app_container_image='/home/shared/baserock/baserock-minimal.aci', - command=['/bin/sh', '-c', 'echo foo && exit 1']) diff --git a/sandboxlib/chroot.py b/sandboxlib/chroot.py new file mode 100644 index 0000000..a20b6c8 --- /dev/null +++ b/sandboxlib/chroot.py @@ -0,0 +1,27 @@ +# Copyright (C) 2015 Codethink Limited +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program. If not, see <http://www.gnu.org/licenses/>. + + +'''Execute command in a sandbox, using 'chroot'.''' + + +import subprocess + + +def run_sandbox(rootfs_path, command): + if type(command) == str: + command = [command] + + # FIXME: you gotta be root for this one. + subprocess.call(['chroot', rootfs_path] + command) |