SW/device-mapping-manager
2
0
Fork 0
forked from Ivasoft/device-mapping-manager
Code Pull Requests Packages Releases Activity

fixed mounts

Browse Source
This commit is contained in:
ndouba
2022-11-16 22:31:08 -05:00
parent 9cc4b28a49
commit 13bbf8a8ef
3 changed files with 30 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
build.sh
View File

@@ -5,7 +5,7 @@ set -eux
ROOTFS=plugin/rootfs ROOTFS=plugin/rootfs
CONFIG=plugin/config.json CONFIG=plugin/config.json
tag=redcanari/device-volume-driver tag=redcanari/dvd
docker build -t "$tag" -f Dockerfile . docker build -t "$tag" -f Dockerfile .
id=$(docker create "$tag" true) id=$(docker create "$tag" true)
rm -Rf $ROOTFS rm -Rf $ROOTFS
@@ -15,6 +15,7 @@ docker rm -vf "$id"
docker rmi "$tag" docker rmi "$tag"
cp config.json $CONFIG cp config.json $CONFIG
docker plugin rm -f redcanari/device-volume-driver || echo docker plugin rm -f $tag || echo
docker plugin create redcanari/device-volume-driver ./plugin docker plugin create $tag ./plugin
docker plugin enable redcanari/device-volume-driver docker plugin push $tag
#docker plugin enable $tag

10
config.json
View File

@@ -35,13 +35,13 @@
}, },
"Mounts": [ "Mounts": [
{ {
"source": "/sys/fs/cgroup", "source": "/sys/fs/cgroup/devices",
"destination": "/sys/fs/cgroup", "destination": "/sys/fs/cgroup/devices",
"options": [ "options": [
"bind", "rw",
"rw" "rbind"
], ],
"type": "cgroup" "type": "rbind"
}, },
{ {
"destination": "/dev", "destination": "/dev",

51
main.go
View File

@@ -4,6 +4,7 @@ import (
"context" "context"
"errors" "errors"
"fmt" "fmt"
"github.com/containerd/cgroups/v3"
"github.com/docker/docker/api/types" "github.com/docker/docker/api/types"
"github.com/docker/docker/api/types/filters" "github.com/docker/docker/api/types/filters"
"github.com/docker/docker/client" "github.com/docker/docker/client"
@@ -120,14 +121,25 @@ func (d deviceVolumeDriver) Mount(request *volume.MountRequest) (*volume.MountRe
var stat unix.Stat_t var stat unix.Stat_t
if err := unix.Stat(mountPoint.device, &stat); err != nil { if err := unix.Lstat(mountPoint.device, &stat); err != nil {
//return nil, err //return nil, err
log.Println(err) log.Println(err)
return return
} }
dev := uint64(stat.Rdev) var deviceType string
input := fmt.Sprintf("c %d:%d rwm\n", unix.Major(dev), unix.Minor(dev))
switch stat.Mode & unix.S_IFMT {
case unix.S_IFBLK:
deviceType = "b"
case unix.S_IFCHR:
deviceType = "c"
default:
log.Println("aborting: device is neither a character or block device")
return
}
input := fmt.Sprintf("%s %d:%d rwm\n", deviceType, unix.Major(stat.Rdev), unix.Minor(stat.Rdev))
log.Println("Whitelisting `" + mountPoint.device + "` in `" + devicesAllowPath + "`") log.Println("Whitelisting `" + mountPoint.device + "` in `" + devicesAllowPath + "`")
@@ -149,39 +161,16 @@ func (d deviceVolumeDriver) Capabilities() *volume.CapabilitiesResponse {
return &volume.CapabilitiesResponse{Capabilities: volume.Capability{Scope: "local"}} return &volume.CapabilitiesResponse{Capabilities: volume.Capability{Scope: "local"}}
} }
type pointer64 *int64
func DeviceVolumeDriver() *deviceVolumeDriver { func DeviceVolumeDriver() *deviceVolumeDriver {
cli, err := client.NewClientWithOpts(client.FromEnv) cli, err := client.NewClientWithOpts(client.FromEnv)
if err != nil { if err != nil {
panic(err) log.Fatal(err)
}
if cgroups.Mode() == cgroups.Unified {
log.Fatal(errors.New("cgroupv2 is not supported"))
} }
//m, err := cgroup2.LoadSystemd("/system.slice", "docker-9ac190cfc7040ffb1a56315b0c4aba9a554e72aa43164c4b94e84ee5ae3d07d9.scope")
//
//if err != nil {
// log.Fatal(err)
//}
//
//major := int64(10)
//minor := int64(229)
//err = m.Update(&cgroup2.Resources{
// Devices: []specs.LinuxDeviceCgroup{
// {
// Allow: true,
// Type: "c",
// Major: &major,
// Minor: &minor,
// Access: "rwm",
// },
// },
//})
//
//if err != nil {
// log.Fatal(err)
//}
//
//os.Exit(0)
return &deviceVolumeDriver{cli} return &deviceVolumeDriver{cli}
} }