From 61e5e3b024664d2b2549562efd915cf8b165b8e1 Mon Sep 17 00:00:00 2001 From: Sean Whitton Date: Sat, 27 Feb 2021 14:52:25 -0700 Subject: add :CHROOT and :CHROOT.SHELL connection types Signed-off-by: Sean Whitton --- src/connection/chroot.lisp | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 src/connection/chroot.lisp (limited to 'src/connection/chroot.lisp') diff --git a/src/connection/chroot.lisp b/src/connection/chroot.lisp new file mode 100644 index 0000000..b597333 --- /dev/null +++ b/src/connection/chroot.lisp @@ -0,0 +1,42 @@ +;;; Consfigurator -- Lisp declarative configuration management system + +;;; Copyright (C) 2021 Sean Whitton + +;;; This file is free software; you can redistribute it and/or modify +;;; it under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3, or (at your option) +;;; any later version. + +;;; This file is distributed in the hope that it will be useful, +;;; but WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. + +;;; You should have received a copy of the GNU General Public License +;;; along with this program. If not, see . + +(in-package :consfigurator.connection.chroot) + +;; currently we only check whether we're root, but, for example, on Linux, we +;; might have a CAP_* which lets us chroot as non-root +(defun can-chroot () + (zerop (foreign-funcall "geteuid" :int))) + +(defun can-probably-fork () + "Return nil if we can detect other running threads, and the Lisp +implementation is known not to support forking when there are other threads. +A return value other than nil indicates only that we couldn't detect +circumstances in which it is known that we cannot fork, not that we are sure +we can fork -- a thread might be only partly initialised at the time we check, +for example, such that we don't see it." + (and + #+sbcl (not (sb-thread:list-all-threads)))) + +(defmethod establish-connection ((type (eql :chroot)) remaining &key into) + (establish-connection (if (and (lisp-connection-p) + (can-chroot) + (can-probably-fork)) + :chroot.fork + :chroot.shell) + remaining + :into into)) -- cgit v1.2.3