Merge pull request #6279 from ChrisLundquist/clundquist/lxc-perms
[WIP] Unpriviliged LXC containers
This commit is contained in:
commit
5bbb6633cf
|
@ -1,7 +1,11 @@
|
|||
package lxc
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"fmt"
|
||||
"log"
|
||||
"os/exec"
|
||||
"strings"
|
||||
)
|
||||
|
||||
// CommandWrapper is a type that given a command, will possibly modify that
|
||||
|
@ -13,3 +17,25 @@ type CommandWrapper func(string) (string, error)
|
|||
func ShellCommand(command string) *exec.Cmd {
|
||||
return exec.Command("/bin/sh", "-c", command)
|
||||
}
|
||||
|
||||
func RunCommand(args ...string) error {
|
||||
var stdout, stderr bytes.Buffer
|
||||
|
||||
log.Printf("Executing args: %#v", args)
|
||||
cmd := exec.Command(args[0], args[1:]...)
|
||||
cmd.Stdout = &stdout
|
||||
cmd.Stderr = &stderr
|
||||
err := cmd.Run()
|
||||
|
||||
stdoutString := strings.TrimSpace(stdout.String())
|
||||
stderrString := strings.TrimSpace(stderr.String())
|
||||
|
||||
if _, ok := err.(*exec.ExitError); ok {
|
||||
err = fmt.Errorf("Command error: %s", stderrString)
|
||||
}
|
||||
|
||||
log.Printf("stdout: %s", stdoutString)
|
||||
log.Printf("stderr: %s", stderrString)
|
||||
|
||||
return err
|
||||
}
|
||||
|
|
|
@ -1,15 +1,11 @@
|
|||
package lxc
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"context"
|
||||
"fmt"
|
||||
"io"
|
||||
"log"
|
||||
"os"
|
||||
"os/exec"
|
||||
"path/filepath"
|
||||
"strings"
|
||||
|
||||
"github.com/hashicorp/packer/helper/multistep"
|
||||
"github.com/hashicorp/packer/packer"
|
||||
|
@ -47,7 +43,7 @@ func (s *stepExport) Run(_ context.Context, state multistep.StateBag) multistep.
|
|||
|
||||
_, err = io.Copy(configFile, originalConfigFile)
|
||||
|
||||
commands := make([][]string, 4)
|
||||
commands := make([][]string, 3)
|
||||
commands[0] = []string{
|
||||
"lxc-stop", "--name", name,
|
||||
}
|
||||
|
@ -57,13 +53,10 @@ func (s *stepExport) Run(_ context.Context, state multistep.StateBag) multistep.
|
|||
commands[2] = []string{
|
||||
"chmod", "+x", configFilePath,
|
||||
}
|
||||
commands[3] = []string{
|
||||
"sh", "-c", "chown $USER:`id -gn` " + filepath.Join(config.OutputDir, "*"),
|
||||
}
|
||||
|
||||
ui.Say("Exporting container...")
|
||||
for _, command := range commands {
|
||||
err := s.SudoCommand(command...)
|
||||
err := RunCommand(command...)
|
||||
if err != nil {
|
||||
err := fmt.Errorf("Error exporting container: %s", err)
|
||||
state.Put("error", err)
|
||||
|
@ -76,25 +69,3 @@ func (s *stepExport) Run(_ context.Context, state multistep.StateBag) multistep.
|
|||
}
|
||||
|
||||
func (s *stepExport) Cleanup(state multistep.StateBag) {}
|
||||
|
||||
func (s *stepExport) SudoCommand(args ...string) error {
|
||||
var stdout, stderr bytes.Buffer
|
||||
|
||||
log.Printf("Executing sudo command: %#v", args)
|
||||
cmd := exec.Command("sudo", args...)
|
||||
cmd.Stdout = &stdout
|
||||
cmd.Stderr = &stderr
|
||||
err := cmd.Run()
|
||||
|
||||
stdoutString := strings.TrimSpace(stdout.String())
|
||||
stderrString := strings.TrimSpace(stderr.String())
|
||||
|
||||
if _, ok := err.(*exec.ExitError); ok {
|
||||
err = fmt.Errorf("Sudo command error: %s", stderrString)
|
||||
}
|
||||
|
||||
log.Printf("stdout: %s", stdoutString)
|
||||
log.Printf("stderr: %s", stderrString)
|
||||
|
||||
return err
|
||||
}
|
||||
|
|
|
@ -1,13 +1,9 @@
|
|||
package lxc
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"context"
|
||||
"fmt"
|
||||
"log"
|
||||
"os/exec"
|
||||
"path/filepath"
|
||||
"strings"
|
||||
|
||||
"github.com/hashicorp/packer/helper/multistep"
|
||||
"github.com/hashicorp/packer/packer"
|
||||
|
@ -30,7 +26,9 @@ func (s *stepLxcCreate) Run(_ context.Context, state multistep.StateBag) multist
|
|||
}
|
||||
|
||||
commands := make([][]string, 3)
|
||||
commands[0] = append(config.EnvVars, "lxc-create")
|
||||
commands[0] = append(commands[0], "env")
|
||||
commands[0] = append(commands[0], config.EnvVars...)
|
||||
commands[0] = append(commands[0], "lxc-create")
|
||||
commands[0] = append(commands[0], config.CreateOptions...)
|
||||
commands[0] = append(commands[0], []string{"-n", name, "-t", config.Name, "--"}...)
|
||||
commands[0] = append(commands[0], config.Parameters...)
|
||||
|
@ -42,8 +40,7 @@ func (s *stepLxcCreate) Run(_ context.Context, state multistep.StateBag) multist
|
|||
|
||||
ui.Say("Creating container...")
|
||||
for _, command := range commands {
|
||||
log.Printf("Executing sudo command: %#v", command)
|
||||
err := s.SudoCommand(command...)
|
||||
err := RunCommand(command...)
|
||||
if err != nil {
|
||||
err := fmt.Errorf("Error creating container: %s", err)
|
||||
state.Put("error", err)
|
||||
|
@ -66,29 +63,7 @@ func (s *stepLxcCreate) Cleanup(state multistep.StateBag) {
|
|||
}
|
||||
|
||||
ui.Say("Unregistering and deleting virtual machine...")
|
||||
if err := s.SudoCommand(command...); err != nil {
|
||||
if err := RunCommand(command...); err != nil {
|
||||
ui.Error(fmt.Sprintf("Error deleting virtual machine: %s", err))
|
||||
}
|
||||
}
|
||||
|
||||
func (s *stepLxcCreate) SudoCommand(args ...string) error {
|
||||
var stdout, stderr bytes.Buffer
|
||||
|
||||
log.Printf("Executing sudo command: %#v", args)
|
||||
cmd := exec.Command("sudo", args...)
|
||||
cmd.Stdout = &stdout
|
||||
cmd.Stderr = &stderr
|
||||
err := cmd.Run()
|
||||
|
||||
stdoutString := strings.TrimSpace(stdout.String())
|
||||
stderrString := strings.TrimSpace(stderr.String())
|
||||
|
||||
if _, ok := err.(*exec.ExitError); ok {
|
||||
err = fmt.Errorf("Sudo command error: %s", stderrString)
|
||||
}
|
||||
|
||||
log.Printf("stdout: %s", stdoutString)
|
||||
log.Printf("stderr: %s", stderrString)
|
||||
|
||||
return err
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue