#!/bin/sh - # # Copyright (c) 2020 The FreeBSD Foundation # # This software1 was developed by John-Mark Gurney under sponsorship # from the FreeBSD Foundation. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # set -e . $(dirname $0)/settings.conf cmd="$1" board="$2" user="$3" sshkey="$4" # standard globals jaildir="$userzfsmount/$user/$board" # XXX - instead, move to an allocated dir, makes cleaning up easier allocateresource() { resdir="$1" while :; do res="$(cd "$resdir" && ls | head -n 1)" if [ x"$res" = x"" ]; then echo "Resource allocation failure for: $resdir" exit 1 fi if rmdir "$resdir/$res" 2>/dev/null; then fsync "$resdir" break fi done echo "$res" } releaseresource() { resdir="$1" res="$2" mkdir "$resdir/$res" || exit 1 } if [ x"$cmd" = x"reserve" ]; then zfs clone -p "$basezfs" "$labuserzfs/$user/$board" if [ ! -z "$sshkey" ]; then mkdir -p $(dirname "$jaildir/$sshkeydest") echo "$sshkey" > "$jaildir/$sshkeydest" chown -R 1001:1001 $(dirname "$jaildir/$sshkeydest") chmod -R 0700 $(dirname "$jaildir/$sshkeydest") fi ip=$(allocateresource "$ipresourcedir") devfsrule=$(allocateresource "$devfsruleresourcedir") epair="$(ifconfig epair create)" iface="${epair%a}b" sed \ -e "s/@@BOARD@@/$board/g" \ -e "s/@@IP@@/$ip/g" \ -e "s/@@IFACE@@/$iface/g" \ < "$templatercconf" > "$jaildir/etc/rc.conf" ifconfig "$ifacebridge" addm "$epair" ifconfig "$epair" up # devfs ruleset needs work # allow.mount \ # allow.mount.devfs \ # enforce_statfs=1 \ # devfs_ruleset=10 \ # copy devfs rulesets from devfsdefaultruleset to devfsrule devfspath="$jaildir"/dev devfs rule -s "$devfsrule" delset devfs rule -s "$devfsdefaultruleset" show | devfs rule -s "$devfsrule" add - mount -t devfs -o ruleset="$devfsrule" devfs "$devfspath" jailstart=$(jail -c \ name="$board" \ path="$jaildir" \ vnet=new \ vnet.interface="$iface" \ exec.start="/bin/sh /etc/rc") # wait for ssh host keys and add them sshhostkeys="$(jexec "$board" cat /etc/ssh/ssh_host_*.pub)" # output additional attributes on reserve # NOTE: Make sure to update bitelab to pass these variables back. export ip export iface export jailstart export devfsrule export devfspath export sshhostkeys jq \ --arg allargs "$*" \ -n \ '{ allargs: $allargs, ip: $ENV.ip, iface: $ENV.iface, jailstart: $ENV.jailstart, devfsrule: $ENV.devfsrule, devfspath: $ENV.devfspath, sshhostkeys: $ENV.sshhostkeys }' elif [ x"$cmd" = x"release" ]; then jail -r "$board" umount "$devfspath" # epair doesn't immediate reappear, schedule it nohup sh -c 'for i in $(jot 5 1); do if ifconfig "$iface" destroy; then break; fi; sleep 1; done' > /dev/null 2>&1 & releaseresource "$ipresourcedir" "$ip" releaseresource "$devfsruleresourcedir" "$devfsrule" # for some reason not all jail processes are terminated, # need to retry sleep .5 for x in $(jot 5 1); do if zfs destroy "$labuserzfs/$user/$board"; then break fi sleep 1 done # no output on release fi