mrrl-containers

MRRL version of container scripts
git clone https://ccx.te2000.cz/git/mrrl-containers
Log | Files | Refs
commit f9086e00aaa2c7e74b0c9dcb5215ebe3679ba0a7
parent 779113e7d163e4f4e23ed27062bf772c81413408
Author: Jan Pobříslo <ccx@te2000.cz>
Date:   Tue, 28 Jun 2022 01:59:47 +0200

Rework containers_usersvc_simple to mount arbitrary subset of predefined directories to /mnt
Diffstat:

Mzsh-functions/confz_site_containers_init | 35+++++++++++++++++++++++++++++------


1 file changed, 29 insertions(+), 6 deletions(-)

diff --git a/zsh-functions/confz_site_containers_init b/zsh-functions/confz_site_containers_init
@@ -14,21 +14,44 @@ typeset -gA site_containers_mountpoints=(
 confz_site_containers_usersvc_simple_check() {
 	checkvars containers_dir svscan_dir user uid gid image_name
 	defvar container_name "$vars[image_name]"
+	defvar mount_ro init
+
+	local userdir bindroot flags mtp
+	local -a fstab mnt_dirs_extra
+	userdir=$vars[containers_dir]/user/$vars[user]
+	bindroot=$userdir/$vars[container_name]/root
+
+	if (($+vars[mount_ro])); then
+		flags=$'\tnone\tbind,ro,nosuid,nodev\t0 0'
+		for mtp in ${=vars[mount_ro]}; do
+			mnt_dirs_extra+=( $mtp )
+			fstab+=( $site_containers_mountpoints[$mtp]$'\t'$bindroot/mnt/$mtp$flags )
+		done
+	fi
+	if (($+vars[mount_rw])); then
+		flags=$'\tnone\tbind,rw,nosuid,nodev\t0 0'
+		for mtp in ${=vars[mount_rw]}; do
+			mnt_dirs_extra+=( $mtp )
+			fstab+=( $site_containers_mountpoints[$mtp]$'\t'$bindroot/mnt/$mtp$flags )
+		done
+	fi
+
+	if (($#mnt_dirs_extra)); then
+		unify mnt_dirs_extra "$mnt_dirs_extra"
+		unify fstab_extra ${(F)fstab}
+	fi
 
-	local userdir=$vars[containers_dir]/user/$vars[user]
-	local bindroot=$userdir/$vars[container_name]/root
-	local -a fstab
 	require container_service_generic \
 		:image_name :container_name :containers_dir :svscan_dir :user \
-		mnt_dirs_extra=init \
-		fstab_extra=/home/$vars[user]/bzr/container-user-init$'\t'$bindroot/mnt/init$'\tnone\tbind,ro,nosuid,nodev\t0 0'
+		\?mnt_dirs_extra \?fstab_extra
+
 	local chome=$userdir/$vars[container_name]/home/$vars[user]
 	if ! [[ -d $chome/run ]]; then
 		require fs_l filename=$chome/run  destination=/mnt/init
 		require fs_o filename=$chome/run  owner=$uid:$gid
 	fi
-
 }
+
 confz_site_containers_user_check() {
 	checkvars containers_dir svscan_dir user
 	local display container bind bind_dir bindroot chome uid gid