search

fubarnetes / libjail-rs

Rust implementation of a FreeBSD jail library
https://crates.io/crates/jail
BSD 3-Clause "New" or "Revised" License
54 stars 12 forks source link

VNET Jails #10

Open fabianfreyer opened 6 years ago

fabianfreyer commented 6 years ago

Roadmap:

fabianfreyer commented 5 years ago

The CI for #33 failed on 12.0-RELEASE fails with the following error message:

failures:

---- src/running.rs - running::RunningJail::restart (line 356) stdout ----
thread 'src/running.rs - running::RunningJail::restart (line 356)' panicked at 'test executable failed:

thread 'main' panicked at 'failed to restart jail: JailSetError("vnet jails cannot have IP address restrictions")', libcore/result.rs:1009:5
note: Run with `RUST_BACKTRACE=1` for a backtrace.

', librustdoc/test.rs:367:17
note: Run with `RUST_BACKTRACE=1` for a backtrace.

failures:
    src/running.rs - running::RunningJail::restart (line 356)

test result: FAILED. 44 passed; 1 failed; 0 ignored; 0 measured; 0 filtered out

error: test failed, to rerun pass '--doc'

Exit status: 101

Probably this is related to VIMAGE being enabled by default on 12.0-RELEASE.

akhramov commented 4 years ago

The error has been addressed in #79.

Regarding

Handle adding epairs / vnets to the jail

Not only you need a programmatic way to create / manipulate interfaces, but also need to replicate some functionality from route(8).

The latter can be tricky, because the code in route(8) makes heavy use of functional C macros.

That said, I recently tackled both problems. Please see https://github.com/akhramov/werft/commit/4b46b1333f34e8d101951407dfcc6f48b6696989 for reference.

fabianfreyer commented 4 years ago

@akhramov thanks, this looks great! I'll go take a look at #79!