From 6667a2637f666b6dea1d8d5c7e9935366319bb4b Mon Sep 17 00:00:00 2001 From: Eric Zhu Date: Sat, 18 Nov 2023 15:48:25 -0500 Subject: [PATCH] feat(docker): overlayfs backend support --- try | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) diff --git a/try b/try index 8521b707..c569d682 100755 --- a/try +++ b/try @@ -99,6 +99,20 @@ make_overlay() { mount -t overlay overlay -o userxattr -o "lowerdir=$lowerdir,upperdir=$sandbox_dir/upperdir/$mountpoint,workdir=$sandbox_dir/workdir/$mountpoint" "$sandbox_dir/temproot/$mountpoint" } +make_overlay_docker() { + sandbox_dir="$1" + lowerdir="$2" + mountpoint="$3" + + # the directory that upperdir and workdir sits on has to be tmpfs in a overlayfs backed filesystem + mkdir "$sandbox_dir/overlay" + mount -t tmpfs tmpfs "$sandbox_dir/overlay" + mkdir -p "$sandbox_dir/overlay/upperdir/$mountpoint" + mkdir -p "$sandbox_dir/overlay/workdir/$mountpoint" + + mount -t overlay overlay -o userxattr -o "lowerdir=$lowerdir,upperdir=$sandbox_dir/overlay/upperdir/$mountpoint,workdir=$sandbox_dir/overlay/workdir/$mountpoint" "$sandbox_dir/temproot/$mountpoint" +} + devices_to_mount="tty null zero full random urandom" ## Mounts and unmounts a few select devices instead of the whole `/dev` @@ -155,7 +169,12 @@ do fi # Try mounting everything normally - make_overlay "$SANDBOX_DIR" "/$mountpoint" "$mountpoint" 2>>"$try_mount_log" + if [ -z "$DOCKER" ] + then + make_overlay_docker "$SANDBOX_DIR" "/$mountpoint" "$mountpoint" 2>>"$try_mount_log" + else + make_overlay "$SANDBOX_DIR" "/$mountpoint" "$mountpoint" 2>>"$try_mount_log" + fi # If mounting everything normally fails, we try using either using mergerfs or unionfs to mount them. if [ "$?" -ne 0 ] then @@ -482,6 +501,7 @@ Usage: $TRY_COMMAND [-nvhyx] [-i PATTERN] [-D DIR] [-U PATH] CMD [ARG ...] -n don't commit or prompt for commit (overrides -y) -y assume yes to all prompts (overrides -n) -x prevent network access (by unsharing the network namespace) + -d docker support -i PATTERN ignore paths that match PATTERN on summary and commit -D DIR work in DIR (implies -n) -U PATH path to unionfs helper (e.g., mergerfs, unionfs-fuse) @@ -510,7 +530,7 @@ NO_COMMIT="interactive" # Includes all patterns given using the `-i` flag; will be used with `grep -f` IGNORE_FILE="$(mktemp)" -while getopts ":yvnhxi:D:U:" opt +while getopts ":yvnhxdi:D:U:" opt do case "$opt" in (y) NO_COMMIT="commit";; @@ -531,6 +551,7 @@ do UNION_HELPER="$OPTARG" export UNION_HELPER;; (x) EXTRA_NS="--net";; + (d) DOCKER=1;; (h|*) usage exit 0;; esac