feat(docker): overlayfs backend support

binpash · Nov 18, 2023 · 6667a26 · 6667a26
1 parent 5f15906
commit 6667a26
Showing 1 changed file with 23 additions and 2 deletions.
diff --git a/try b/try
@@ -99,6 +99,20 @@ make_overlay() {
     mount -t overlay overlay -o userxattr -o "lowerdir=$lowerdir,upperdir=$sandbox_dir/upperdir/$mountpoint,workdir=$sandbox_dir/workdir/$mountpoint" "$sandbox_dir/temproot/$mountpoint"
 }
 
+make_overlay_docker() {
+    sandbox_dir="$1"
+    lowerdir="$2"
+    mountpoint="$3"
+
+    # the directory that upperdir and workdir sits on has to be tmpfs in a overlayfs backed filesystem
+    mkdir "$sandbox_dir/overlay"
+    mount -t tmpfs tmpfs "$sandbox_dir/overlay"
+    mkdir -p "$sandbox_dir/overlay/upperdir/$mountpoint"
+    mkdir -p "$sandbox_dir/overlay/workdir/$mountpoint"
+
+    mount -t overlay overlay -o userxattr -o "lowerdir=$lowerdir,upperdir=$sandbox_dir/overlay/upperdir/$mountpoint,workdir=$sandbox_dir/overlay/workdir/$mountpoint" "$sandbox_dir/temproot/$mountpoint"
+}
+
 devices_to_mount="tty null zero full random urandom"
 
 ## Mounts and unmounts a few select devices instead of the whole `/dev`
@@ -155,7 +169,12 @@ do
     fi
 
     # Try mounting everything normally
-    make_overlay "$SANDBOX_DIR" "/$mountpoint" "$mountpoint" 2>>"$try_mount_log"
+    if [ -z "$DOCKER" ]
+    then
+        make_overlay_docker "$SANDBOX_DIR" "/$mountpoint" "$mountpoint" 2>>"$try_mount_log"
+    else
+        make_overlay "$SANDBOX_DIR" "/$mountpoint" "$mountpoint" 2>>"$try_mount_log"
+    fi
     # If mounting everything normally fails, we try using either using mergerfs or unionfs to mount them.
     if [ "$?" -ne 0 ]
     then
@@ -482,6 +501,7 @@ Usage: $TRY_COMMAND [-nvhyx] [-i PATTERN] [-D DIR] [-U PATH] CMD [ARG ...]
   -n                don't commit or prompt for commit (overrides -y)
   -y                assume yes to all prompts (overrides -n)
   -x                prevent network access (by unsharing the network namespace)
+  -d                docker support
   -i PATTERN        ignore paths that match PATTERN on summary and commit
   -D DIR            work in DIR (implies -n)
   -U PATH           path to unionfs helper (e.g., mergerfs, unionfs-fuse)
@@ -510,7 +530,7 @@ NO_COMMIT="interactive"
 # Includes all patterns given using the `-i` flag; will be used with `grep -f`
 IGNORE_FILE="$(mktemp)"
 
-while getopts ":yvnhxi:D:U:" opt
+while getopts ":yvnhxdi:D:U:" opt
 do
     case "$opt" in
         (y)   NO_COMMIT="commit";;
@@ -531,6 +551,7 @@ do
               UNION_HELPER="$OPTARG"
               export UNION_HELPER;;
         (x)   EXTRA_NS="--net";;
+        (d)   DOCKER=1;;
         (h|*) usage
               exit 0;;
     esac