Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(net): add option -x to unshare network #130

Merged
merged 11 commits into from
Oct 31, 2023
Merged

feat(net): add option -x to unshare network #130

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
3c45817
feat(net): add option -x to unshare network
ezrizhu Oct 26, 2023
535fd32
feat(net): add test
ezrizhu Oct 26, 2023
7d6599e
feat(net): add docs and autocomplete
ezrizhu Oct 27, 2023
2da3064
fix(net): check if var is empty instead of matching strings
ezrizhu Oct 27, 2023
b03f854
fix(tests/net): fix docs for net tests
ezrizhu Oct 31, 2023
1c567c5
fix(tests/net): fix style for net tests
ezrizhu Oct 31, 2023
ce2e82a
docs(net): improve -x docs
ezrizhu Oct 31, 2023
19dac90
fix(net): use EXTRA_NS directly
ezrizhu Oct 31, 2023
57c11c3
fix(net): doc fix
ezrizhu Oct 31, 2023
f83e376
typo fix
mgree Oct 31, 2023
af546e0
typo fix
mgree Oct 31, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 16 additions & 0 deletions test/network.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
#!/bin/sh

TRY_TOP="${TRY_TOP:-$(git rev-parse --show-toplevel --show-superproject-working-tree)}"
TRY="$TRY_TOP/try"

# Test if network works normally
"$TRY" curl 1.1 || return 1

# Test if ping fails when network is unshared
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is curl 1.1 supposed to do? You say ping but run curl. Maybe use ping 8.8.8.8?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

curl 1.1 expands to curl 1.0.0.1, which gets you the frontpage of cloudflare's public dns resolver, ping doesn't work due to #131

# curl exit code 7 means Failed to connect to host.
"$TRY" -x curl 1.1
if [ $? -eq 7 ]; then
ezrizhu marked this conversation as resolved.
Show resolved Hide resolved
return 0;
else
return 1;
fi
12 changes: 9 additions & 3 deletions try
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -233,7 +233,11 @@ EOF
# --pid: create a new process namespace (needed fr procfs to work right)
# --fork: necessary if we do --pid
# "Creation of a persistent PID namespace will fail if the --fork option is not also specified."
unshare --mount --map-root-user --user --pid --fork "$mount_and_execute"
if [ "$EXTRA_NS" = "net" ]; then
unshare --mount --map-root-user --user --pid --fork --net "$mount_and_execute"
ezrizhu marked this conversation as resolved.
Show resolved Hide resolved
else
unshare --mount --map-root-user --user --pid --fork "$mount_and_execute"
fi
TRY_EXIT_STATUS=$?

################################################################################
Expand Down Expand Up @@ -476,10 +480,11 @@ error() {

usage() {
cat >&2 <<EOF
Usage: $TRY_COMMAND [-nvhy] [-i PATTERN] [-D DIR] [-U PATH] CMD [ARG ...]
Usage: $TRY_COMMAND [-nvhyx] [-i PATTERN] [-D DIR] [-U PATH] CMD [ARG ...]

-n don't commit or prompt for commit (overrides -y)
-y assume yes to all prompts (overrides -n)
-x unshare the network namespace
ezrizhu marked this conversation as resolved.
Show resolved Hide resolved
-i PATTERN ignore paths that match PATTERN on summary and commit
-D DIR work in DIR (implies -n)
-U PATH path to unionfs helper (e.g., mergerfs, unionfs-fuse)
Expand Down Expand Up @@ -508,7 +513,7 @@ NO_COMMIT="interactive"
# Includes all patterns given using the `-i` flag; will be used with `grep -f`
IGNORE_FILE="$(mktemp)"

while getopts ":yvnhi:D:U:" opt
while getopts ":yvnhxi:D:U:" opt
do
case "$opt" in
(y) NO_COMMIT="commit";;
Expand All @@ -528,6 +533,7 @@ do
fi
UNION_HELPER="$OPTARG"
export UNION_HELPER;;
(x) EXTRA_NS="net";;
(h|*) usage
exit 0;;
esac
Expand Down
Loading