Scalable Kloud Komputing with bhyve
fubarnetes / libjail-rs Goto Github PK
View Code? Open in Web Editor NEWRust implementation of a FreeBSD jail library
Home Page: https://crates.io/crates/jail
License: BSD 3-Clause "New" or "Revised" License
Rust implementation of a FreeBSD jail library
Home Page: https://crates.io/crates/jail
License: BSD 3-Clause "New" or "Revised" License
At the moment we just exclude the following variables from the params
method, as we are unable to restore this:
Lines 805 to 807 in f7de11b
Attemting to set these results in a JailSetError("osrelease cannot be changed after creation")
.
We cannot set these, as we first start the jail, and then later on set all the parameters:
Lines 81 to 85 in f7de11b
Lines 110 to 116 in f7de11b
It would probably be a good idea to just create a big HashMap of values, and pass that into jail_create
.
Hi - Thanks for the library kind of cool that so many freebsd primatives are coming to Rust.
I was testing out building a readonly jail using an fstab definition on my system.
.param("mount.fstab", param::Value::String("/etc/fstab.rojail".to_string()))
I got
thread 'main' panicked at 'could not start jail: JailSetError("unknown parameter: mount.fstab")', src/libcore/result.rs:1009:5
Looking at jail(8)
I see it's a pseudo-parameter so I wasn't too surprised but thought I would raise this if you start to prioritize them.
It would be great to serialize the configuration of a StoppedJail into JSON, YAML, TOML, etc. in a as sane as possible way.
as soon as the TryFrom
and TryInto
traits are stabilized, implement:
impl TryFrom<StoppedJail> for RunningJail {
fn from(stopped) -> Result<RunningJail, JailError> {
stopped.start()
}
}
and vice versa:
impl TryFrom<RunningJail> for StoppedJail {
fn from(running) -> Result<StoppedJail, JailError> {
running.stop()
}
}
Import the rctl(8)
code from phyber/jail_exporter. I guess the API could be something along the lines of:
fn RunningJail::resource_usage(&self) -> Result<HashMap<String,i64>,JailError>
If RCTL
/RACCT
are unavailable or disabled, an appropriate JailError
should be returned.
Testing with nested Jails has brought up some bugs:
At the moment, BuildBot builds are failing because we seem to be handling nested jails things rather flakily - namely we're setting properties that we aren't allowed to in the tests.
RCTL doesn't work in Jails (#22):
At the moment the only way to get a parameter type is calling param
on a RunningJail
and then getting the type from that:
use jail::param::Type;
let param = running.param("osrelease").unwrap();
let param_type: Type = param.into();
assert_eq!(param_type, Type::String);
It would be great if we could get the type for a parameter without requiring a RunningJail
:
use jail::param::Type;
let param_type = Type::of_param("osrelease");
assert_eq!(param_type, Type::String);
This would allow refactoring the huge match
in param::get
to actually match on the param::Type
instead of the sysctl::CtlType
, and outsource the handling of the different CtlType::Struct
cases:
Lines 573 to 652 in f7de11b
term is looking for a new maintainer
Details | |
---|---|
Status | unmaintained |
Package | term |
Version | 0.5.2 |
URL | Stebalien/term#93 |
Date | 2018-11-19 |
The author of the term
crate does not have time to maintain it and is looking
for a new maintainer.
Some maintained alternatives you can potentially switch to instead, depending
on your needs:
See advisory page for additional details.
We should probably not filter parameters at this time:
Lines 833 to 844 in 1f1e1d9
Like you, I setup a Buildbot server for my Rust projects to test on FreeBSD. But that takes $$$ and ongoing maintenance effort. Recently, https://cirrus-ci.com added a free FreeBSD build option. libc, nix, xattr, mio-aio, and tokio-file are already using it. It runs in a full VM, which is handy when testing jail-related code. You should check it out.
Most CI providers don't have FreeBSD around. We could however evaluate the following options:
Advantages: have full control over image, are root, can build VIMAGE kernel, etc.
Disadvantages: PITA to maintain, and probably not the optimal performance.
Advantages: full control
Disadvantages: running costs, responsibility for running untrusted code as a privileged user
Advantages: least hassle
Disadvantages: Unclear if own kernel, root, can set RCTL rules, etc.
We could have Python bindings using rust-cpython
. This would probably make @gronke happy because it allows libiocage
to get rid of shelling out to jail(8)
and overcome some of its limitations (e.g. only a single VNET
device).
It would be great if we could someohow build an Iterator over all RunningJail
s that are present on the system.
dirs is unmaintained, use dirs-next instead
Details | |
---|---|
Status | unmaintained |
Package | dirs |
Version | 1.0.5 |
URL | https://github.com/dirs-dev/dirs-rs |
Date | 2020-10-16 |
The dirs
crate is not maintained any more;
use dirs-next
instead.
See advisory page for additional details.
At the moment the CI fails on the RCTL step, as RCTL isn't allowed in jails:
https://buildbot.bsd.builders/#/builders/2/builds/24/steps/4/logs/stdio
We should probably:
security.jail.jailed
) when probing for RCTL SupportDescribe the bug
Inability to set uid of a jailed process.
To Reproduce
Consider the following use-case: I'm trying to change uid of a process running inside the jail.
For that purpose I use std::os::unix::process::CommandExt.uid.
In code:
let stopped_jail = StoppedJail::new(&path)
.name("container 42")
.param("vnet", Value::Int(1))
.param("enforce_statfs", Value::Int(1))
.unwrap();
Command::new(command)
.jail(&jail)
.uid(uid)
.gid(gid)
.spawn()
.unwrap();
The spawn call returns EPERM error.
Expected behavior
The spawn call succeeds
Additional context
Underlying issue is jail_attach
call. Per man page
The jail_attach() and jail_remove() system calls will fail if:
[EPERM] A user other than the super-user attempted to attach
to or remove a jail.
stdlib calls setuid here, before calling pre-exec hooks here. Since the process uid set to a non-priveleged user, alas, we fail.
Possible workarounds
Either
exec.jail_user
. Well, not quite. It's not uid, not sure if it works for jail_attach
.WDYT?
Roadmap:
kern.features.vimage
sysctl exists and is set to 1 (c163a6a)
E,jailsys
tri-state parameters, and add handling for vnet
parameter
disable
) & verify it works with VIMAGE
disabledvnet
is not disable
.vnet
to lib(private)ifconfig
failure is officially deprecated/unmaintained
Details | |
---|---|
Status | unmaintained |
Package | failure |
Version | 0.1.8 |
URL | rust-lang-deprecated/failure#347 |
Date | 2020-05-02 |
The failure
crate is officially end-of-life: it has been marked as deprecated
by the former maintainer, who has announced that there will be no updates or
maintenance work on it going forward.
The following are some suggested actively developed alternatives to switch to:
See advisory page for additional details.
We should have some form of logging, probably using the log
crate.
Describe the bug
Rust 1.35.0 has broken some things via what is described in rust-lang/rust#58952, meaning libjail-rs no longer compiles.
To Reproduce
Attempt to compile under Rust 1.35.0
Expected behavior
The crate compiles.
Additional context
Iโm not sure if there is anything for libjail to do here, but I thought a tracking issue might be good.
At the moment we query a sysctl every time we read or write a property, to get the type and maximum size of the value. As these are unlikely to change during the lifetime of the library (should check whether they can be changed without rebooting), we can aggressively cache these.
JIDs can be set at start-time.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.