Skip to content

Commit

Permalink
rm sethostname. allow to rm node
Browse files Browse the repository at this point in the history
  • Loading branch information
@ple1n
ple1n committed Jan 7, 2024
1 parent 09a0b97 commit 551790f
Show file tree
Hide file tree
Showing 2 changed files with 57 additions and 15 deletions.
41 changes: 35 additions & 6 deletions src/graph.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ use netlink_ops::netlink::{nl_ctx, LinkAB, LinkKey, NLDriver, NLHandle};
use nsproxy_common::{NSSource, PidPath::Selfproc, UniqueFile, VaCache, ValidationErr};
use petgraph::visit::IntoNodeReferences;
use serde_json::{from_str, to_string_pretty};
use tracing::{debug, info};
use tracing::{debug, info, warn};

pub fn find_all_netns() -> Result<HashMap<UniqueFile, PathBuf>> {
let netk = OsStr::new("net");
Expand Down Expand Up @@ -100,10 +100,11 @@ pub async fn check_veths(
.map(|srcino| dstino.unique == ctxino || srcino.unique == ctxino)
});
if let Some(lk) = lke {
// keep
if match_ns {
links.insert(lk);
// but links found are inserted, for use as you may want to remove this node later
}
// keep
} else {
if match_ns {
// Veth not preset. Yet I am in one of the target and source NS.
Expand Down Expand Up @@ -181,17 +182,44 @@ impl Graphs {
}
Ok(())
}
pub async fn node_rm<'f, S>(
&mut self,
ctx: &NSGroup<ExactNS>,
nodes: &[NodeI],
va: &mut VaCache,
remove: &mut HashMap<NodeI, RM>,
nl: &mut NLDriver,
) -> Result<()>
where
for<'a, 'b> NodeWDeps<'a, 'b>: ItemRM<Serv = S>,
{
for ni in nodes {
if let Some(k) = self
.data
.node_weight(*ni)
.ok_or(anyhow!("specified node to rm doesnt exist"))?
{
let nodew = self.nodewdeps(*ni)?;
let rm = insert_rm_ref(remove, &ni);
check_veths(nl, &nodew, &ctx, &mut rm.links).await?;
rm.rm = true;
} else {
warn!("skipped {:?} for it's None", ni)
}
}
Ok(())
}
pub async fn prune<'f, S>(
&mut self,
ctx: &NSGroup<ExactNS>,
va: &mut VaCache,
serv: &S,
remove: &mut HashMap<NodeI, RM>,
nl: &mut NLDriver,
) -> Result<NSGroup>
) -> Result<()>
where
for<'a, 'b> NodeWDeps<'a, 'b>: ItemRM<Serv = S>,
{
let ctx = NSGroup::proc_path(Selfproc, None)?;
for (ni, node) in self.data.node_references() {
if let Some(k) = node {
let rx = k.main.net.validate(va, &ctx);
Expand Down Expand Up @@ -227,7 +255,7 @@ impl Graphs {
insert_rm(remove, &ni, ());
}
}
Ok(ctx)
Ok(())
}
pub async fn do_prune<'f, S>(
&mut self,
Expand All @@ -243,12 +271,13 @@ impl Graphs {
let nodew = self.nodewdeps(*ni)?;
if rm.rm {
for link in &rm.links {
info!("Remove {:?}", &link);
nl.remove_link(&link).await?;
}
nodew.remove(serv).await?;
self.map.remove(&nodew.0.item.main.key());
self.data.remove_node(*ni);
}
}
}
Ok(())
}
Expand Down
31 changes: 22 additions & 9 deletions src/main.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,7 @@ use tracing::{info, warn, Level};
use tracing_log::LogTracer;
use tracing_subscriber::FmtSubscriber;
use tun::{AsyncDevice, Configuration, Device, Layer};
use crate::PidPath::Selfproc;

#[derive(Parser)]
#[command(
Expand Down Expand Up @@ -174,7 +175,9 @@ enum NodeOps {
uid: Option<u32>,
},
Reboot,
Prune,
RM {
ids: Vec<Ix>,
},
}

fn main() -> Result<()> {
Expand Down Expand Up @@ -231,8 +234,10 @@ fn main() -> Result<()> {

rt.block_on(async {
let mut nl = NLDriver::new(NLHandle::new_self_proc_tokio()?);
let ctx = graphs
.prune(&mut va, &mut serv, &mut rmnode, &mut nl)
let ctx = NSGroup::proc_path(Selfproc, None)?;
nl.fill().await?;
graphs
.prune(&ctx, &mut va, &mut serv, &mut rmnode, &mut nl)
.await?;
graphs.do_prune(&ctx, &serv, rmnode, &mut nl).await?;
aok!()
Expand Down Expand Up @@ -280,8 +285,10 @@ fn main() -> Result<()> {
let mut rmnode = Default::default();
rt.block_on(async {
let mut nl = NLDriver::new(NLHandle::new_self_proc_tokio()?);
let ctx = graphs
.prune(&mut va, &mut serv, &mut rmnode, &mut nl)
let ctx = NSGroup::proc_path(Selfproc, None)?;
nl.fill().await?;
graphs
.prune(&ctx, &mut va, &mut serv, &mut rmnode, &mut nl)
.await?;
graphs.do_prune(&ctx, &serv, rmnode, &mut nl).await?;
aok!()
Expand All @@ -307,7 +314,7 @@ fn main() -> Result<()> {
prctl::set_pdeathsig(Some(SIGTERM))?;
unshare(CloneFlags::CLONE_NEWNET | CloneFlags::CLONE_NEWUTS)?;
sc.write_all(&[0])?;
sethostname("proxied")?;
// sethostname("proxied")?;
if depriv_userns {
enable_ping_gid(gid)?
} else {
Expand Down Expand Up @@ -714,7 +721,8 @@ fn main() -> Result<()> {
aok!()
})?;
}
NodeOps::Prune => {
NodeOps::RM { ids } => {
let ids: Vec<_> = ids.into_iter().map(NodeI::from).collect();
let rt = tokio::runtime::Builder::new_current_thread()
.enable_all()
.build()?;
Expand All @@ -724,8 +732,13 @@ fn main() -> Result<()> {
let mut rmnode = Default::default();
rt.block_on(async {
let mut nl = NLDriver::new(NLHandle::new_self_proc_tokio()?);
let ctx = graphs
.prune(&mut va, &mut serv, &mut rmnode, &mut nl)
nl.fill().await?;
let ctx = NSGroup::proc_path(PidPath::Selfproc, None)?;
graphs
.prune(&ctx, &mut va, &mut serv, &mut rmnode, &mut nl)
.await?;
graphs
.node_rm(&ctx, &ids[..], &mut va, &mut rmnode, &mut nl)
.await?;
graphs.do_prune(&ctx, &serv, rmnode, &mut nl).await?;
aok!()
Expand Down

0 comments on commit 551790f

Please sign in to comment.