From 61fa27e79cbc1b482b4101024a34081fb3f52844 Mon Sep 17 00:00:00 2001 From: Moe-hacker Date: Thu, 21 Nov 2024 04:33:20 +0000 Subject: [PATCH] Rename symbols --- src/caplist.c | 16 +- src/cgroup.c | 76 ++++----- src/chroot.c | 114 ++++++------- src/config.c | 90 +++++----- src/easteregg/action.c | 284 +++++++++++++++---------------- src/easteregg/include/nekofeng.h | 26 +-- src/easteregg/layer.c | 28 +-- src/easteregg/nekofeng.c | 28 +-- src/easteregg/typewriter.c | 10 +- src/elf-magic.c | 134 +++++++-------- src/include/ruri.h | 86 +++++----- src/info.c | 8 +- src/mount.c | 20 +-- src/passwd.c | 30 ++-- src/ps.c | 28 +-- src/rootless.c | 20 +-- src/ruri.c | 132 +++++++------- src/rurienv.c | 30 ++-- src/seccomp.c | 22 +-- src/signal.c | 2 +- src/umount.c | 30 ++-- src/unshare.c | 70 ++++---- 22 files changed, 641 insertions(+), 643 deletions(-) diff --git a/src/caplist.c b/src/caplist.c index 7ac0a97..510dfeb 100644 --- a/src/caplist.c +++ b/src/caplist.c @@ -29,7 +29,7 @@ */ #include "include/ruri.h" // Add a cap to caplist. -void add_to_caplist(cap_value_t *_Nonnull list, cap_value_t cap) +void ruri_add_to_caplist(cap_value_t *_Nonnull list, cap_value_t cap) { /* * If cap is already in list, just do nothing and quit. @@ -39,7 +39,7 @@ void add_to_caplist(cap_value_t *_Nonnull list, cap_value_t cap) if (!CAP_IS_SUPPORTED(cap)) { return; } - if (!is_in_caplist(list, cap)) { + if (!ruri_is_in_caplist(list, cap)) { for (int k = 0; true; k++) { if (list[k] == INIT_VALUE) { list[k] = cap; @@ -50,7 +50,7 @@ void add_to_caplist(cap_value_t *_Nonnull list, cap_value_t cap) } } // Check if the cap is in the list. -bool is_in_caplist(const cap_value_t *_Nonnull list, cap_value_t cap) +bool ruri_is_in_caplist(const cap_value_t *_Nonnull list, cap_value_t cap) { /* * If cap is in list, return true, @@ -68,7 +68,7 @@ bool is_in_caplist(const cap_value_t *_Nonnull list, cap_value_t cap) return false; } // Del a cap from caplist. -void del_from_caplist(cap_value_t *_Nonnull list, cap_value_t cap) +void ruri_del_from_caplist(cap_value_t *_Nonnull list, cap_value_t cap) { /* * If the cap is not in list, just do nothing and quit. @@ -88,7 +88,7 @@ void del_from_caplist(cap_value_t *_Nonnull list, cap_value_t cap) } } } -void build_caplist(cap_value_t caplist[], bool privileged, cap_value_t drop_caplist_extra[], cap_value_t keep_caplist_extra[]) +void ruri_build_caplist(cap_value_t caplist[], bool privileged, cap_value_t drop_caplist_extra[], cap_value_t keep_caplist_extra[]) { /* * If privileged is true, we setup a full list of all capabilities, @@ -114,7 +114,7 @@ void build_caplist(cap_value_t caplist[], bool privileged, cap_value_t drop_capl if (keep_caplist_common[i] == INIT_VALUE) { break; } - del_from_caplist(caplist, keep_caplist_common[i]); + ruri_del_from_caplist(caplist, keep_caplist_common[i]); } } // Add drop_caplist_extra[] to caplist. @@ -123,7 +123,7 @@ void build_caplist(cap_value_t caplist[], bool privileged, cap_value_t drop_capl if (drop_caplist_extra[i] == INIT_VALUE) { break; } - add_to_caplist(caplist, drop_caplist_extra[i]); + ruri_add_to_caplist(caplist, drop_caplist_extra[i]); } } // Del keep_caplist_extra[] from caplist. @@ -132,7 +132,7 @@ void build_caplist(cap_value_t caplist[], bool privileged, cap_value_t drop_capl if (keep_caplist_extra[i] == INIT_VALUE) { break; } - del_from_caplist(caplist, keep_caplist_extra[i]); + ruri_del_from_caplist(caplist, keep_caplist_extra[i]); } } } diff --git a/src/cgroup.c b/src/cgroup.c index bda973d..6a4bebd 100644 --- a/src/cgroup.c +++ b/src/cgroup.c @@ -43,7 +43,7 @@ static void mount_cgroup_v1_memory(void) // Mount memory controller. mkdir("/sys/fs/cgroup/memory", S_IRUSR | S_IWUSR); mount("none", "/sys/fs/cgroup/memory", "cgroup", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_RELATIME, "memory"); - log("{base}Tried to mount cgroup v1 memory\n"); + ruri_log("{base}Tried to mount cgroup v1 memory\n"); } static void mount_cgroup_v1_cpu(void) { @@ -60,7 +60,7 @@ static void mount_cgroup_v1_cpu(void) // Mount cpu controller. mkdir("/sys/fs/cgroup/cpu", S_IRUSR | S_IWUSR); mount("none", "/sys/fs/cgroup/cpu", "cgroup", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_RELATIME, "cpu"); - log("{base}Tried to mount cgroup v1 cpu\n"); + ruri_log("{base}Tried to mount cgroup v1 cpu\n"); } static void mount_cgroup_v1_cpuset(void) { @@ -77,7 +77,7 @@ static void mount_cgroup_v1_cpuset(void) // Mount cpuset controller. mkdir("/sys/fs/cgroup/cpuset", S_IRUSR | S_IWUSR); mount("none", "/sys/fs/cgroup/cpuset", "cgroup", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_RELATIME, "cpuset"); - log("{base}Tried to mount cgroup v1 cpuset\n"); + ruri_log("{base}Tried to mount cgroup v1 cpuset\n"); } static bool is_cgroupv2_support(const char *_Nonnull type) { @@ -104,33 +104,33 @@ static bool is_cgroupv2_support(const char *_Nonnull type) int fd = open("/sys/fs/cgroup/cgroup.controllers", O_RDONLY | O_CLOEXEC); if (fd < 0) { umount2("/sys/fs/cgroup", MNT_DETACH | MNT_FORCE); - log("{base}Cgroup v2 does not support %s\n", type); - log("{base}cgroup.controllers does not exist\n"); + ruri_log("{base}Cgroup v2 does not support %s\n", type); + ruri_log("{base}cgroup.controllers does not exist\n"); return false; } char buf[256] = { '\0' }; ssize_t len = read(fd, buf, 255); if (len <= 0) { umount2("/sys/fs/cgroup", MNT_DETACH | MNT_FORCE); - log("{base}Cgroup v2 does not support %s\n", type); - log("{base}cgroup.controllers read failed\n"); + ruri_log("{base}Cgroup v2 does not support %s\n", type); + ruri_log("{base}cgroup.controllers read failed\n"); return false; } buf[len] = '\0'; char str_to_find[32] = { '\0' }; - log("{base}cgroup.controllers: %s\n", buf); + ruri_log("{base}cgroup.controllers: %s\n", buf); sprintf(str_to_find, "%s ", type); - log("{base}str_to_find: %s\n", str_to_find); + ruri_log("{base}str_to_find: %s\n", str_to_find); if (strstr(buf, str_to_find) != NULL) { umount2("/sys/fs/cgroup", MNT_DETACH | MNT_FORCE); - log("{base}Cgroup v2 supports %s\n", type); + ruri_log("{base}Cgroup v2 supports %s\n", type); return true; } umount2("/sys/fs/cgroup", MNT_DETACH | MNT_FORCE); - log("{base}Cgroup v2 does not support %s\n", type); + ruri_log("{base}Cgroup v2 does not support %s\n", type); return false; } -static void set_cgroup_v1_memory(const struct CONTAINER *_Nonnull container) +static void set_cgroup_v1_memory(const struct RURI_CONTAINER *_Nonnull container) { mount_cgroup_v1_memory(); pid_t pid = getpid(); @@ -146,13 +146,13 @@ static void set_cgroup_v1_memory(const struct CONTAINER *_Nonnull container) sprintf(memory_cgroup_limit_path, "/sys/fs/cgroup/memory/%d/memory.limit_in_bytes", container->container_id); fd = open(memory_cgroup_limit_path, O_RDWR | O_CLOEXEC); if (fd < 0 && !container->no_warnings) { - warning("{yellow}Set memory limit failed{clear}\n"); + ruri_warning("{yellow}Set memory limit failed{clear}\n"); umount2("/sys/fs/cgroup", MNT_DETACH | MNT_FORCE); return; } sprintf(buf, "%s\n", container->memory); if (write(fd, buf, strlen(buf)) < 0 && !container->no_warnings) { - warning("{yellow}Set memory limit failed{clear}\n"); + ruri_warning("{yellow}Set memory limit failed{clear}\n"); } close(fd); } @@ -169,7 +169,7 @@ static void set_cgroup_v1_memory(const struct CONTAINER *_Nonnull container) close(fd); umount2("/sys/fs/cgroup", MNT_DETACH | MNT_FORCE); } -static void set_cgroup_v1_cpu(const struct CONTAINER *_Nonnull container) +static void set_cgroup_v1_cpu(const struct RURI_CONTAINER *_Nonnull container) { mount_cgroup_v1_cpu(); char cpu_cgroup_path[PATH_MAX] = { '\0' }; @@ -185,26 +185,26 @@ static void set_cgroup_v1_cpu(const struct CONTAINER *_Nonnull container) sprintf(cpu_cgroup_quota_path, "/sys/fs/cgroup/cpu/%d/cpu.cfs_quota_us", container->container_id); fd = open(cpu_cgroup_quota_path, O_RDWR | O_CLOEXEC); if (fd < 0 && !container->no_warnings) { - warning("{yellow}Set memory limit failed{clear}\n"); + ruri_warning("{yellow}Set memory limit failed{clear}\n"); umount2("/sys/fs/cgroup", MNT_DETACH | MNT_FORCE); return; } sprintf(buf, "%d\n", container->cpupercent * 1000); if (write(fd, buf, strlen(buf)) < 0 && !container->no_warnings) { - warning("{yellow}Set cpupercent limit failed{clear}\n"); + ruri_warning("{yellow}Set cpupercent limit failed{clear}\n"); } close(fd); char cpu_cgroup_period_path[PATH_MAX] = { '\0' }; sprintf(cpu_cgroup_period_path, "/sys/fs/cgroup/cpu/%d/cpu.cfs_period_us", container->container_id); fd = open(cpu_cgroup_period_path, O_RDWR | O_CLOEXEC); if (fd < 0 && !container->no_warnings) { - warning("{yellow}Set cpupercent limit failed{clear}\n"); + ruri_warning("{yellow}Set cpupercent limit failed{clear}\n"); umount2("/sys/fs/cgroup", MNT_DETACH | MNT_FORCE); return; } sprintf(buf, "%d\n", 100000); if (write(fd, buf, strlen(buf)) < 0 && !container->no_warnings) { - warning("{yellow}Set cpupercent limit failed{clear}\n"); + ruri_warning("{yellow}Set cpupercent limit failed{clear}\n"); } close(fd); } @@ -221,7 +221,7 @@ static void set_cgroup_v1_cpu(const struct CONTAINER *_Nonnull container) close(fd); umount2("/sys/fs/cgroup", MNT_DETACH | MNT_FORCE); } -static void set_cgroup_v1_cpuset(const struct CONTAINER *_Nonnull container) +static void set_cgroup_v1_cpuset(const struct RURI_CONTAINER *_Nonnull container) { mount_cgroup_v1_cpuset(); char cpuset_cgroup_path[PATH_MAX] = { '\0' }; @@ -236,7 +236,7 @@ static void set_cgroup_v1_cpuset(const struct CONTAINER *_Nonnull container) sprintf(cpuset_cgroup_mems_path, "/sys/fs/cgroup/cpuset/%d/cpuset.mems", container->container_id); fd = open(cpuset_cgroup_mems_path, O_RDWR | O_CLOEXEC); if (fd < 0 && !container->no_warnings) { - warning("{yellow}Set cpuset limit failed{clear}\n"); + ruri_warning("{yellow}Set cpuset limit failed{clear}\n"); // Do not keep the apifs mounted. umount2("/sys/fs/cgroup", MNT_DETACH | MNT_FORCE); return; @@ -247,14 +247,14 @@ static void set_cgroup_v1_cpuset(const struct CONTAINER *_Nonnull container) sprintf(cpuset_cgroup_cpus_path, "/sys/fs/cgroup/cpuset/%d/cpuset.cpus", container->container_id); fd = open(cpuset_cgroup_cpus_path, O_RDWR | O_CLOEXEC); if (fd < 0 && !container->no_warnings) { - warning("{yellow}Set cpuset limit failed{clear}\n"); + ruri_warning("{yellow}Set cpuset limit failed{clear}\n"); // Do not keep the apifs mounted. umount2("/sys/fs/cgroup", MNT_DETACH | MNT_FORCE); return; } sprintf(buf, "%s\n", container->cpuset); if (write(fd, buf, strlen(buf)) < 0 && !container->no_warnings) { - warning("{yellow}Set cpu limit failed{clear}\n"); + ruri_warning("{yellow}Set cpu limit failed{clear}\n"); } close(fd); } @@ -273,7 +273,7 @@ static void set_cgroup_v1_cpuset(const struct CONTAINER *_Nonnull container) // Do not keep the apifs mounted. umount2("/sys/fs/cgroup", MNT_DETACH | MNT_FORCE); } -static void set_cgroup_v2_memory(const struct CONTAINER *_Nonnull container) +static void set_cgroup_v2_memory(const struct RURI_CONTAINER *_Nonnull container) { // Mount cgroup v2. mkdir("/sys/fs/cgroup", S_IRUSR | S_IWUSR); @@ -292,7 +292,7 @@ static void set_cgroup_v2_memory(const struct CONTAINER *_Nonnull container) // Add pid to container_id cgroup. int fd = open(cgroup_procs_path, O_RDWR | O_CLOEXEC); if (fd < 0 && !container->no_warnings) { - warning("{yellow}Set cgroup.procs failed{clear}\n"); + ruri_warning("{yellow}Set cgroup.procs failed{clear}\n"); // Do not keep the apifs mounted. umount2("/sys/fs/cgroup", MNT_DETACH | MNT_FORCE); return; @@ -306,20 +306,20 @@ static void set_cgroup_v2_memory(const struct CONTAINER *_Nonnull container) sprintf(cgroup_memlimit_path, "/sys/fs/cgroup/%d/memory.high", container->container_id); fd = open(cgroup_memlimit_path, O_RDWR | O_CLOEXEC); if (fd < 0 && !container->no_warnings) { - warning("{yellow}Set memory limit failed{clear}\n"); + ruri_warning("{yellow}Set memory limit failed{clear}\n"); // Do not keep the apifs mounted. umount2("/sys/fs/cgroup", MNT_DETACH | MNT_FORCE); return; } sprintf(buf, "%s\n", container->memory); if (write(fd, buf, strlen(buf)) < 0 && !container->no_warnings) { - warning("{yellow}Set memory limit failed{clear}\n"); + ruri_warning("{yellow}Set memory limit failed{clear}\n"); } close(fd); } umount2("/sys/fs/cgroup", MNT_DETACH | MNT_FORCE); } -static void set_cgroup_v2_cpuset(const struct CONTAINER *_Nonnull container) +static void set_cgroup_v2_cpuset(const struct RURI_CONTAINER *_Nonnull container) { // Mount cgroup v2. mkdir("/sys/fs/cgroup", S_IRUSR | S_IWUSR); @@ -338,14 +338,14 @@ static void set_cgroup_v2_cpuset(const struct CONTAINER *_Nonnull container) // Add pid to container_id cgroup. int fd = open(cgroup_procs_path, O_RDWR | O_CLOEXEC); if (fd < 0 && !container->no_warnings) { - warning("{yellow}Set cgroup.procs failed{clear}\n"); + ruri_warning("{yellow}Set cgroup.procs failed{clear}\n"); // Do not keep the apifs mounted. umount2("/sys/fs/cgroup", MNT_DETACH | MNT_FORCE); return; } sprintf(buf, "%d\n", pid); if (write(fd, buf, strlen(buf)) < 0 && !container->no_warnings) { - warning("{yellow}Set cgroup.procs failed{clear}\n"); + ruri_warning("{yellow}Set cgroup.procs failed{clear}\n"); } close(fd); if (container->cpuset != NULL) { @@ -354,21 +354,21 @@ static void set_cgroup_v2_cpuset(const struct CONTAINER *_Nonnull container) sprintf(cgroup_cpuset_path, "/sys/fs/cgroup/%d/cpuset.cpus", container->container_id); fd = open(cgroup_cpuset_path, O_RDWR | O_CLOEXEC); if (fd < 0 && !container->no_warnings) { - warning("{yellow}Set cpuset limit failed{clear}\n"); + ruri_warning("{yellow}Set cpuset limit failed{clear}\n"); // Do not keep the apifs mounted. umount2("/sys/fs/cgroup", MNT_DETACH | MNT_FORCE); return; } sprintf(buf, "%s\n", container->cpuset); if (write(fd, buf, strlen(buf)) < 0 && !container->no_warnings) { - warning("{yellow}Set cpuset limit failed{clear}\n"); + ruri_warning("{yellow}Set cpuset limit failed{clear}\n"); } close(fd); } // Do not keep the apifs mounted. umount2("/sys/fs/cgroup", MNT_DETACH | MNT_FORCE); } -static void set_cgroup_v2_cpu(const struct CONTAINER *_Nonnull container) +static void set_cgroup_v2_cpu(const struct RURI_CONTAINER *_Nonnull container) { // Mount cgroup v2. mkdir("/sys/fs/cgroup", S_IRUSR | S_IWUSR); @@ -387,14 +387,14 @@ static void set_cgroup_v2_cpu(const struct CONTAINER *_Nonnull container) // Add pid to container_id cgroup. int fd = open(cgroup_procs_path, O_RDWR | O_CLOEXEC); if (fd < 0 && !container->no_warnings) { - warning("{yellow}Set cgroup.procs failed{clear}\n"); + ruri_warning("{yellow}Set cgroup.procs failed{clear}\n"); // Do not keep the apifs mounted. umount2("/sys/fs/cgroup", MNT_DETACH | MNT_FORCE); return; } sprintf(buf, "%d\n", pid); if (write(fd, buf, strlen(buf)) < 0 && !container->no_warnings) { - warning("{yellow}Set cgroup.procs failed{clear}\n"); + ruri_warning("{yellow}Set cgroup.procs failed{clear}\n"); } close(fd); if (container->cpupercent > 0) { @@ -403,21 +403,21 @@ static void set_cgroup_v2_cpu(const struct CONTAINER *_Nonnull container) sprintf(cgroup_cpu_path, "/sys/fs/cgroup/%d/cpu.max", container->container_id); fd = open(cgroup_cpu_path, O_RDWR | O_CLOEXEC); if (fd < 0 && !container->no_warnings) { - warning("{yellow}Set cpupercent limit failed{clear}\n"); + ruri_warning("{yellow}Set cpupercent limit failed{clear}\n"); // Do not keep the apifs mounted. umount2("/sys/fs/cgroup", MNT_DETACH | MNT_FORCE); return; } sprintf(buf, "%d 100000\n", container->cpupercent * 1000); if (write(fd, buf, strlen(buf)) < 0 && !container->no_warnings) { - warning("{yellow}Set cpupercent limit failed{clear}\n"); + ruri_warning("{yellow}Set cpupercent limit failed{clear}\n"); } close(fd); } // Do not keep the apifs mounted. umount2("/sys/fs/cgroup", MNT_DETACH | MNT_FORCE); } -void set_limit(const struct CONTAINER *_Nonnull container) +void ruri_set_limit(const struct RURI_CONTAINER *_Nonnull container) { /* * Mount cgroup controller and set limit. diff --git a/src/chroot.c b/src/chroot.c index 1a764e5..404d5e2 100644 --- a/src/chroot.c +++ b/src/chroot.c @@ -43,7 +43,7 @@ static bool su_biany_exist(char *_Nonnull container_dir) close(fd); return true; } -static void check_binary(const struct CONTAINER *_Nonnull container) +static void check_binary(const struct RURI_CONTAINER *_Nonnull container) { /* * Check for binaries we need for starting the container. @@ -55,8 +55,8 @@ static void check_binary(const struct CONTAINER *_Nonnull container) // Check QEMU path. if (container->cross_arch != NULL) { if (container->qemu_path == NULL) { - umount_container(container->container_dir); - error("{red}Error: path of QEMU is not set QwQ\n"); + ruri_umount_container(container->container_dir); + ruri_error("{red}Error: path of QEMU is not set QwQ\n"); } // Check if QEMU binary exists and is not a directory. char qemu_binary[PATH_MAX]; @@ -65,13 +65,13 @@ static void check_binary(const struct CONTAINER *_Nonnull container) struct stat qemu_binary_stat; // lstat(3) will return -1 while the init_binary does not exist. if (lstat(qemu_binary, &qemu_binary_stat) != 0) { - umount_container(container->container_dir); - error("{red}Please check if path of QEMU is correct QwQ\n"); + ruri_umount_container(container->container_dir); + ruri_error("{red}Please check if path of QEMU is correct QwQ\n"); } } } -// Run after chroot(2), called by run_chroot_container(). -static void init_container(struct CONTAINER *_Nonnull container) +// Run after chroot(2), called by ruri_run_chroot_container(). +static void init_container(struct RURI_CONTAINER *_Nonnull container) { /* * It'll be run after chroot(2), so `/` is the root dir of container now. @@ -167,7 +167,7 @@ static void init_container(struct CONTAINER *_Nonnull container) } } // Run before chroot(2), so that init_container() will not take effect. -static void mount_host_runtime(const struct CONTAINER *_Nonnull container) +static void mount_host_runtime(const struct RURI_CONTAINER *_Nonnull container) { /* * It's unsafe to mount /dev, /proc and /sys from the host. @@ -214,7 +214,7 @@ static void mount_host_runtime(const struct CONTAINER *_Nonnull container) } // Drop capabilities. // Use libcap. -static void drop_caps(const struct CONTAINER *_Nonnull container) +static void drop_caps(const struct RURI_CONTAINER *_Nonnull container) { /* * Drop CapBnd and CapAmb as the config in container->drop_caplist[]. @@ -231,8 +231,8 @@ static void drop_caps(const struct CONTAINER *_Nonnull container) if (CAP_IS_SUPPORTED(container->drop_caplist[i])) { // Drop CapBnd. if (cap_drop_bound(container->drop_caplist[i]) != 0 && !container->no_warnings) { - warning("{yellow}Warning: Failed to drop cap `%s`\n", cap_to_name(container->drop_caplist[i])); - warning("{yellow}error reason: %s{clear}\n", strerror(errno)); + ruri_warning("{yellow}Warning: Failed to drop cap `%s`\n", cap_to_name(container->drop_caplist[i])); + ruri_warning("{yellow}error reason: %s{clear}\n", strerror(errno)); } // Drop CapAmb. prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_LOWER, container->drop_caplist[i], 0, 0); @@ -251,7 +251,7 @@ static void drop_caps(const struct CONTAINER *_Nonnull container) free(datap); } // Set envs. -static void set_envs(const struct CONTAINER *_Nonnull container) +static void set_envs(const struct RURI_CONTAINER *_Nonnull container) { /* * Set environment variables. @@ -273,19 +273,19 @@ static void set_envs(const struct CONTAINER *_Nonnull container) } } // Run after init_container(). -static void setup_binfmt_misc(const struct CONTAINER *_Nonnull container) +static void setup_binfmt_misc(const struct RURI_CONTAINER *_Nonnull container) { /* * For running multi-arch container. * It need the kernel support binfmt_misc. */ // Get elf magic header. - struct MAGIC *magic = get_magic(container->cross_arch); + struct RURI_ELF_MAGIC *magic = ruri_get_magic(container->cross_arch); // Umount container if we get an error. if (magic == NULL) { - warning("{red}Error: unknown architecture or same architecture as host: %s\n\nSupported architectures: aarch64, alpha, arm, armeb, cris, hexagon, hppa, i386, loongarch64, m68k, microblaze, mips, mips64, mips64el, mipsel, mipsn32, mipsn32el, ppc, ppc64, ppc64le, riscv32, riscv64, s390x, sh4, sh4eb, sparc, sparc32plus, sparc64, x86_64, xtensa, xtensaeb{clear}\n", container->cross_arch); - umount_container(container->container_dir); - error(" "); + ruri_warning("{red}Error: unknown architecture or same architecture as host: %s\n\nSupported architectures: aarch64, alpha, arm, armeb, cris, hexagon, hppa, i386, loongarch64, m68k, microblaze, mips, mips64, mips64el, mipsel, mipsn32, mipsn32el, ppc, ppc64, ppc64le, riscv32, riscv64, s390x, sh4, sh4eb, sparc, sparc32plus, sparc64, x86_64, xtensa, xtensaeb{clear}\n", container->cross_arch); + ruri_umount_container(container->container_dir); + ruri_error(" "); } char buf[1024] = { '\0' }; // Format: ":name:type:offset:magic:mask:interpreter:flags". @@ -295,7 +295,7 @@ static void setup_binfmt_misc(const struct CONTAINER *_Nonnull container) // This needs CONFIG_BINFMT_MISC enabled in your kernel. int register_fd = open("/proc/sys/fs/binfmt_misc/register", O_WRONLY | O_CLOEXEC); if (register_fd < 0) { - error("{red}Error: Failed to setup binfmt_misc, check your kernel config QwQ"); + ruri_error("{red}Error: Failed to setup binfmt_misc, check your kernel config QwQ"); } // Set binfmt_misc config. write(register_fd, buf, strlen(buf)); @@ -303,7 +303,7 @@ static void setup_binfmt_misc(const struct CONTAINER *_Nonnull container) // Umount the apifs. umount2("/proc/sys/fs/binfmt_misc", MNT_DETACH | MNT_FORCE); } -static void mount_rootfs(const struct CONTAINER *_Nonnull container) +static void mount_rootfs(const struct RURI_CONTAINER *_Nonnull container) { /* * Mount rootfs of container. @@ -312,14 +312,14 @@ static void mount_rootfs(const struct CONTAINER *_Nonnull container) */ // Mount rootfs. if (container->rootfs_source != NULL) { - if (trymount(container->rootfs_source, container->container_dir, 0) != 0) { - error("{red}Error: failed to mount rootfs QwQ\n"); + if (ruri_trymount(container->rootfs_source, container->container_dir, 0) != 0) { + ruri_error("{red}Error: failed to mount rootfs QwQ\n"); } } } // Mount other mountpoints. // Run before chroot(2). -static void mount_mountpoints(const struct CONTAINER *_Nonnull container) +static void mount_mountpoints(const struct RURI_CONTAINER *_Nonnull container) { /* * Mount extra_mountpoint and extra_ro_mountpoint. @@ -339,7 +339,7 @@ static void mount_mountpoints(const struct CONTAINER *_Nonnull container) mountpoint_dir = (char *)malloc(strlen(container->extra_mountpoint[i + 1]) + strlen(container->container_dir) + 2); strcpy(mountpoint_dir, container->container_dir); strcat(mountpoint_dir, container->extra_mountpoint[i + 1]); - trymount(container->extra_mountpoint[i], mountpoint_dir, 0); + ruri_trymount(container->extra_mountpoint[i], mountpoint_dir, 0); free(mountpoint_dir); } // Mount extra_ro_mountpoint as read-only. @@ -351,12 +351,12 @@ static void mount_mountpoints(const struct CONTAINER *_Nonnull container) mountpoint_dir = (char *)malloc(strlen(container->extra_ro_mountpoint[i + 1]) + strlen(container->container_dir) + 2); strcpy(mountpoint_dir, container->container_dir); strcat(mountpoint_dir, container->extra_ro_mountpoint[i + 1]); - trymount(container->extra_ro_mountpoint[i], mountpoint_dir, MS_RDONLY); + ruri_trymount(container->extra_ro_mountpoint[i], mountpoint_dir, MS_RDONLY); free(mountpoint_dir); } } // Copy qemu static binary. -static void copy_qemu_binary(struct CONTAINER *container) +static void copy_qemu_binary(struct RURI_CONTAINER *container) { /* * Copy qemu binary into container. @@ -376,11 +376,11 @@ static void copy_qemu_binary(struct CONTAINER *container) rmdir(target); int sourcefd = open(qemu_path, O_RDONLY | O_CLOEXEC); if (sourcefd < 0) { - error("{red}Error: failed to open qemu binary QwQ\n"); + ruri_error("{red}Error: failed to open qemu binary QwQ\n"); } int targetfd = open(target, O_WRONLY | O_CREAT | O_CLOEXEC, S_IRGRP | S_IXGRP | S_IWGRP | S_IWUSR | S_IRUSR | S_IXUSR | S_IWOTH | S_IXOTH | S_IROTH); if (targetfd < 0) { - error("{red}Error: failed to create qemu binary in container QwQ\nIf your / is mounted read-only, please copy qemu to /path/to/container/qemu-ruri and use -q /qemu-ruri to start!\n"); + ruri_error("{red}Error: failed to create qemu binary in container QwQ\nIf your / is mounted read-only, please copy qemu to /path/to/container/qemu-ruri and use -q /qemu-ruri to start!\n"); } struct stat stat_buf; fstat(sourcefd, &stat_buf); @@ -419,15 +419,15 @@ static bool pivot_root_succeed(const char *_Nonnull container_dir) return true; } // Try to use pivot_root(2). -static int try_pivot_root(const struct CONTAINER *_Nonnull container) +static int try_pivot_root(const struct RURI_CONTAINER *_Nonnull container) { /* * Try to use pivot_root(2) to change the root directory. * If pivot_root(2) is not available, return -1. */ - log("{base}ns pid: %d\n", container->ns_pid); + ruri_log("{base}ns pid: %d\n", container->ns_pid); if (container->ns_pid > 0 && pivot_root_succeed(container->container_dir)) { - log("{base}Using setns(2) to change root directory.\n"); + ruri_log("{base}Using setns(2) to change root directory.\n"); chdir("/"); return 0; } @@ -436,19 +436,19 @@ static int try_pivot_root(const struct CONTAINER *_Nonnull container) usleep(2000); chdir(container->container_dir); if (syscall(SYS_pivot_root, ".", ".") == -1) { - log("{base}pivot_root(2) failed, using chroot(2) instead.\n"); + ruri_log("{base}pivot_root(2) failed, using chroot(2) instead.\n"); if (!container->no_warnings) { - warning("{yellow}Warning: pivot_root(2) failed, using chroot(2) instead QwQ\n"); + ruri_warning("{yellow}Warning: pivot_root(2) failed, using chroot(2) instead QwQ\n"); } return -1; } chdir("/"); umount2(".", MNT_DETACH); - log("{base}pivot_root(2) success.\n"); + ruri_log("{base}pivot_root(2) success.\n"); return 0; } // Set uid and gid. -static void change_user(const struct CONTAINER *_Nonnull container) +static void change_user(const struct RURI_CONTAINER *_Nonnull container) { /* * Change uid and gid. @@ -459,16 +459,16 @@ static void change_user(const struct CONTAINER *_Nonnull container) setgid((gid_t)atoi(container->user)); setuid((uid_t)atoi(container->user)); } else { - if (!user_exist(container->user)) { - error("{red}Error: user `%s` does not exist QwQ\n", container->user); + if (!ruri_user_exist(container->user)) { + ruri_error("{red}Error: user `%s` does not exist QwQ\n", container->user); } else { - setgid(get_user_gid(container->user)); - setuid(get_user_uid(container->user)); + setgid(ruri_get_user_gid(container->user)); + setuid(ruri_get_user_uid(container->user)); } } } } -static void set_hostname(struct CONTAINER *_Nonnull container) +static void set_hostname(struct RURI_CONTAINER *_Nonnull container) { /* * Set hostname. @@ -477,17 +477,17 @@ static void set_hostname(struct CONTAINER *_Nonnull container) if (container->enable_unshare) { size_t len = strlen(container->hostname); if (len > HOST_NAME_MAX) { - error("{red}Error: hostname is too long QwQ\n"); + ruri_error("{red}Error: hostname is too long QwQ\n"); } syscall(SYS_sethostname, container->hostname, len); } } } // Run chroot container. -void run_chroot_container(struct CONTAINER *_Nonnull container) +void ruri_run_chroot_container(struct RURI_CONTAINER *_Nonnull container) { /* - * It's called by main() and run_unshare_container(). + * It's called by main() and ruri_run_unshare_container(). * It will run container as the config in CONTAINER struct. */ // Set hostname. @@ -502,7 +502,7 @@ void run_chroot_container(struct CONTAINER *_Nonnull container) sigprocmask(SIG_BLOCK, &sigs, 0); // Check if system runtime files are already created. // container_dir shoud bind-mount before chroot(2), - // mount_host_runtime() and store_info() will be called here. + // mount_host_runtime() and ruri_store_info() will be called here. char buf[PATH_MAX] = { '\0' }; // I used to check /sys/class/input, but in WSL1, /sys/class/input is not exist. sprintf(buf, "%s/proc/1", container->container_dir); @@ -515,7 +515,7 @@ void run_chroot_container(struct CONTAINER *_Nonnull container) copy_qemu_binary(container); // Store container info. if (!container->enable_unshare && !container->just_chroot && container->use_rurienv) { - store_info(container); + ruri_store_info(container); } // If `-S` option is set, bind-mount /dev/, /sys/ and /proc/ from host. if (container->mount_host_runtime && !container->just_chroot) { @@ -531,7 +531,7 @@ void run_chroot_container(struct CONTAINER *_Nonnull container) free(test); // Read container info. if (container->use_rurienv) { - read_info(container, container->container_dir); + ruri_read_info(container, container->container_dir); } } // Set default command for exec(). @@ -562,7 +562,7 @@ void run_chroot_container(struct CONTAINER *_Nonnull container) // Change to the work dir. if (container->work_dir != NULL) { if (chdir(container->work_dir) == -1 && !container->no_warnings) { - warning("{yellow}Warning: Failed to change to work dir `%s`\n", container->work_dir); + ruri_warning("{yellow}Warning: Failed to change to work dir `%s`\n", container->work_dir); } } // Mount/create system runtime dir/files. @@ -581,11 +581,11 @@ void run_chroot_container(struct CONTAINER *_Nonnull container) umount2("/proc/sys/fs/binfmt_misc", MNT_DETACH | MNT_FORCE); // Set up cgroup limit. if (!container->just_chroot) { - set_limit(container); + ruri_set_limit(container); } // Set up Seccomp BPF. if (container->enable_seccomp) { - setup_seccomp(container); + ruri_setup_seccomp(container); } // Drop caps. drop_caps(container); @@ -615,17 +615,17 @@ void run_chroot_container(struct CONTAINER *_Nonnull container) // Use exec(3) function because system(3) may be unavailable now. if (execvp(container->command[0], container->command) == -1) { // Catch exceptions. - error("{red}Failed to execute `%s`\nexecv() returned: %d\nerror reason: %s\nNote: unset $LD_PRELOAD before running ruri might fix this{clear}\n", container->command[0], errno, strerror(errno)); + ruri_error("{red}Failed to execute `%s`\nexecv() returned: %d\nerror reason: %s\nNote: unset $LD_PRELOAD before running ruri might fix this{clear}\n", container->command[0], errno, strerror(errno)); } } // Run chroot container. -void run_rootless_chroot_container(struct CONTAINER *_Nonnull container) +void ruri_run_rootless_chroot_container(struct RURI_CONTAINER *_Nonnull container) { /* - * It's called by run_rootless_container(). - * It will run container as the config in CONTAINER struct. + * It's called by ruri_run_rootless_container(). + * It will run container as the config in RURI_CONTAINER struct. * - * This function is modified from run_chroot_container(). + * This function is modified from ruri_run_chroot_container(). */ // Ignore SIGTTIN, if we are running in the background, SIGTTIN may kill this process. sigset_t sigs; @@ -640,7 +640,7 @@ void run_rootless_chroot_container(struct CONTAINER *_Nonnull container) copy_qemu_binary(container); // Store container info. if (container->use_rurienv) { - store_info(container); + ruri_store_info(container); } // If `-R` option is set, make / read-only. if (container->ro_root) { @@ -668,7 +668,7 @@ void run_rootless_chroot_container(struct CONTAINER *_Nonnull container) // Change to the work dir. if (container->work_dir != NULL) { if (chdir(container->work_dir) == -1 && !container->no_warnings) { - warning("{yellow}Warning: Failed to change to work dir `%s`\n", container->work_dir); + ruri_warning("{yellow}Warning: Failed to change to work dir `%s`\n", container->work_dir); } } // Fix /etc/mtab. @@ -681,7 +681,7 @@ void run_rootless_chroot_container(struct CONTAINER *_Nonnull container) } // Set up Seccomp BPF. if (container->enable_seccomp) { - setup_seccomp(container); + ruri_setup_seccomp(container); } // Drop caps. drop_caps(container); @@ -710,6 +710,6 @@ void run_rootless_chroot_container(struct CONTAINER *_Nonnull container) // Use exec(3) function because system(3) may be unavailable now. if (execvp(container->command[0], container->command) == -1) { // Catch exceptions. - error("{red}Failed to execute `%s`\nexecv() returned: %d\nerror reason: %s\nNote: unset $LD_PRELOAD before running ruri might fix this{clear}\n", container->command[0], errno, strerror(errno)); + ruri_error("{red}Failed to execute `%s`\nexecv() returned: %d\nerror reason: %s\nNote: unset $LD_PRELOAD before running ruri might fix this{clear}\n", container->command[0], errno, strerror(errno)); } } diff --git a/src/config.c b/src/config.c index 4b019ca..02c5dae 100644 --- a/src/config.c +++ b/src/config.c @@ -28,7 +28,7 @@ * */ #include "include/ruri.h" -char *container_info_to_k2v(const struct CONTAINER *_Nonnull container) +char *ruri_container_info_to_k2v(const struct RURI_CONTAINER *_Nonnull container) { /* * Format container info to k2v format. @@ -235,7 +235,7 @@ char *container_info_to_k2v(const struct CONTAINER *_Nonnull container) ret = k2v_add_newline(ret); return ret; } -void read_config(struct CONTAINER *_Nonnull container, const char *_Nonnull path) +void ruri_read_config(struct RURI_CONTAINER *_Nonnull container, const char *_Nonnull path) { /* * Read k2v format config file, @@ -243,7 +243,7 @@ void read_config(struct CONTAINER *_Nonnull container, const char *_Nonnull path */ int fd = open(path, O_RDONLY | O_CLOEXEC); if (fd < 0) { - error("{red}No such file or directory:%s\n{clear}", path); + ruri_error("{red}No such file or directory:%s\n{clear}", path); } struct stat filestat; fstat(fd, &filestat); @@ -254,7 +254,7 @@ void read_config(struct CONTAINER *_Nonnull container, const char *_Nonnull path char *key_list[] = { "no_network", "container_dir", "user", "drop_caplist", "no_new_privs", "enable_seccomp", "rootless", "no_warnings", "cross_arch", "qemu_path", "use_rurienv", "cpuset", "memory", "cpupercent", "just_chroot", "unmask_dirs", "mount_host_runtime", "work_dir", "rootfs_source", "ro_root", "extra_mountpoint", "extra_ro_mountpoint", "env", "command", "hostname", NULL }; for (int i = 0; key_list[i] != NULL; i++) { if (!have_key(key_list[i], buf)) { - error("{red}Invalid config file, there is no key:%s\nHint:\n You can try to use `ruri -C config` to fix the config file{clear}", key_list[i]); + ruri_error("{red}Invalid config file, there is no key:%s\nHint:\n You can try to use `ruri -C config` to fix the config file{clear}", key_list[i]); } } // Get drop_caplist. @@ -269,7 +269,7 @@ void read_config(struct CONTAINER *_Nonnull container, const char *_Nonnull path container->drop_caplist[i] = atoi(drop_caplist[i]); } else { if (cap_from_name(drop_caplist[i], &(container->drop_caplist[i])) < 0) { - error("{red}Invalid capability:%s\n{clear}", drop_caplist[i]); + ruri_error("{red}Invalid capability:%s\n{clear}", drop_caplist[i]); } } free(drop_caplist[i]); @@ -320,37 +320,37 @@ void read_config(struct CONTAINER *_Nonnull container, const char *_Nonnull path // Get env. int envlen = k2v_get_key(char_array, "env", buf, container->env, MAX_ENVS); if (envlen % 2 != 0) { - error("{red}Invalid env format\n{clear}"); + ruri_error("{red}Invalid env format\n{clear}"); } container->env[envlen] = NULL; container->env[envlen + 1] = NULL; // Get extra_mountpoint. int mlen = k2v_get_key(char_array, "extra_mountpoint", buf, container->extra_mountpoint, MAX_MOUNTPOINTS); if (mlen % 2 != 0) { - error("{red}Invalid extra_mountpoint format\n{clear}"); + ruri_error("{red}Invalid extra_mountpoint format\n{clear}"); } container->extra_mountpoint[mlen] = NULL; container->extra_mountpoint[mlen + 1] = NULL; // Get extra_ro_mountpoint. mlen = k2v_get_key(char_array, "extra_ro_mountpoint", buf, container->extra_ro_mountpoint, MAX_MOUNTPOINTS); if (mlen % 2 != 0) { - error("{red}Invalid extra_ro_mountpoint format\n{clear}"); + ruri_error("{red}Invalid extra_ro_mountpoint format\n{clear}"); } container->extra_ro_mountpoint[mlen] = NULL; container->extra_ro_mountpoint[mlen + 1] = NULL; free(buf); - buf = container_info_to_k2v(container); - log("{base}Container config in %s:{cyan}\n%s", path, buf); + buf = ruri_container_info_to_k2v(container); + ruri_log("{base}Container config in %s:{cyan}\n%s", path, buf); free(buf); } -void correct_config(const char *_Nonnull path) +void ruri_correct_config(const char *_Nonnull path) { // Disable strict mode for libk2v. k2v_show_warning = false; k2v_stop_at_warning = false; int fd = open(path, O_RDONLY | O_CLOEXEC); if (fd < 0) { - error("{red}No such file or directory:%s\n{clear}", path); + ruri_error("{red}No such file or directory:%s\n{clear}", path); } struct stat filestat; fstat(fd, &filestat); @@ -358,14 +358,14 @@ void correct_config(const char *_Nonnull path) close(fd); char *buf = k2v_open_file(path, (size_t)size); if (!have_key("container_dir", buf)) { - error("{red}Invalid config file, there is no key:container_dir\n{clear}"); + ruri_error("{red}Invalid config file, there is no key:container_dir\n{clear}"); } - struct CONTAINER container; + struct RURI_CONTAINER container; container.container_dir = k2v_get_key(char, "container_dir", buf); if (!have_key("drop_caplist", buf)) { - warning("{green}No key drop_caplist, we build a default one\n{clear}"); + ruri_warning("{green}No key drop_caplist, we build a default one\n{clear}"); cap_value_t nullcaplist[2] = { INIT_VALUE }; - build_caplist(container.drop_caplist, false, nullcaplist, nullcaplist); + ruri_build_caplist(container.drop_caplist, false, nullcaplist, nullcaplist); } else { char *drop_caplist[CAP_LAST_CAP + 1] = { NULL }; int caplen = k2v_get_key(char_array, "drop_caplist", buf, drop_caplist, CAP_LAST_CAP); @@ -378,7 +378,7 @@ void correct_config(const char *_Nonnull path) container.drop_caplist[i] = atoi(drop_caplist[i]); } else { if (cap_from_name(drop_caplist[i], &(container.drop_caplist[i])) < 0) { - error("{red}Invalid capability:%s\n{clear}", drop_caplist[i]); + ruri_error("{red}Invalid capability:%s\n{clear}", drop_caplist[i]); } } free(drop_caplist[i]); @@ -386,152 +386,152 @@ void correct_config(const char *_Nonnull path) } } if (!have_key("command", buf)) { - warning("{green}No key command found, set to {NULL}\n{clear}"); + ruri_warning("{green}No key command found, set to {NULL}\n{clear}"); container.command[0] = NULL; } else { int comlen = k2v_get_key(char_array, "command", buf, container.command, MAX_COMMANDS); container.command[comlen] = NULL; } if (!have_key("env", buf)) { - warning("{green}No key env found, set to {NULL}\n{clear}"); + ruri_warning("{green}No key env found, set to {NULL}\n{clear}"); container.env[0] = NULL; } else { int envlen = k2v_get_key(char_array, "env", buf, container.env, MAX_ENVS); if (envlen % 2 != 0) { - warning("{red}Invalid env format\n{clear}"); + ruri_warning("{red}Invalid env format\n{clear}"); container.env[0] = NULL; } container.env[envlen] = NULL; container.env[envlen + 1] = NULL; } if (!have_key("extra_mountpoint", buf)) { - warning("{green}No key extra_mountpoint found, set to {NULL}\n{clear}"); + ruri_warning("{green}No key extra_mountpoint found, set to {NULL}\n{clear}"); container.extra_mountpoint[0] = NULL; } else { int mlen = k2v_get_key(char_array, "extra_mountpoint", buf, container.extra_mountpoint, MAX_MOUNTPOINTS); if (mlen % 2 != 0) { - warning("{red}Invalid extra_mountpoint format\n{clear}"); + ruri_warning("{red}Invalid extra_mountpoint format\n{clear}"); container.extra_mountpoint[0] = NULL; } container.extra_mountpoint[mlen] = NULL; container.extra_mountpoint[mlen + 1] = NULL; } if (!have_key("extra_ro_mountpoint", buf)) { - warning("{green}No key extra_ro_mountpoint found, set to {NULL}\n{clear}"); + ruri_warning("{green}No key extra_ro_mountpoint found, set to {NULL}\n{clear}"); container.extra_ro_mountpoint[0] = NULL; } else { int mrlen = k2v_get_key(char_array, "extra_ro_mountpoint", buf, container.extra_ro_mountpoint, MAX_MOUNTPOINTS); if (mrlen % 2 != 0) { - warning("{red}Invalid extra_ro_mountpoint format\n{clear}"); + ruri_warning("{red}Invalid extra_ro_mountpoint format\n{clear}"); container.extra_ro_mountpoint[0] = NULL; } container.extra_ro_mountpoint[mrlen] = NULL; container.extra_ro_mountpoint[mrlen + 1] = NULL; } if (!have_key("no_new_privs", buf)) { - warning("{green}No key no_new_privs found, set to false\n{clear}"); + ruri_warning("{green}No key no_new_privs found, set to false\n{clear}"); container.no_new_privs = false; } else { container.no_new_privs = k2v_get_key(bool, "no_new_privs", buf); } if (!have_key("enable_seccomp", buf)) { - warning("{green}No key enable_seccomp found, set to false\n{clear}"); + ruri_warning("{green}No key enable_seccomp found, set to false\n{clear}"); container.enable_seccomp = false; } else { container.enable_seccomp = k2v_get_key(bool, "enable_seccomp", buf); } if (!have_key("no_warnings", buf)) { - warning("{green}No key no_warnings found, set to false\n{clear}"); + ruri_warning("{green}No key no_warnings found, set to false\n{clear}"); container.no_warnings = false; } else { container.no_warnings = k2v_get_key(bool, "no_warnings", buf); } if (!have_key("enable_unshare", buf)) { - warning("{green}No key enable_unshare found, set to false\n{clear}"); + ruri_warning("{green}No key enable_unshare found, set to false\n{clear}"); container.enable_unshare = false; } else { container.enable_unshare = k2v_get_key(bool, "enable_unshare", buf); } if (!have_key("rootless", buf)) { - warning("{green}No key rootless found, set to false\n{clear}"); + ruri_warning("{green}No key rootless found, set to false\n{clear}"); container.rootless = false; } else { container.rootless = k2v_get_key(bool, "rootless", buf); } if (!have_key("mount_host_runtime", buf)) { - warning("{green}No key mount_host_runtime found, set to false\n{clear}"); + ruri_warning("{green}No key mount_host_runtime found, set to false\n{clear}"); container.mount_host_runtime = false; } else { container.mount_host_runtime = k2v_get_key(bool, "mount_host_runtime", buf); } if (!have_key("qemu_path", buf)) { - warning("{green}No key qemu_path found, set to NULL\n{clear}"); + ruri_warning("{green}No key qemu_path found, set to NULL\n{clear}"); container.qemu_path = NULL; } else { container.qemu_path = k2v_get_key(char, "qemu_path", buf); } if (!have_key("cross_arch", buf)) { - warning("{green}No key cross_arch found, set to NULL\n{clear}"); + ruri_warning("{green}No key cross_arch found, set to NULL\n{clear}"); container.cross_arch = NULL; } else { container.cross_arch = k2v_get_key(char, "cross_arch", buf); } if (!have_key("use_rurienv", buf)) { - warning("{green}No key use_rurienv found, set to true\n{clear}"); + ruri_warning("{green}No key use_rurienv found, set to true\n{clear}"); container.use_rurienv = true; } else { container.use_rurienv = k2v_get_key(bool, "use_rurienv", buf); } if (!have_key("ro_root", buf)) { - warning("{green}No key ro_root found, set to false\n{clear}"); + ruri_warning("{green}No key ro_root found, set to false\n{clear}"); container.ro_root = false; } else { container.ro_root = k2v_get_key(bool, "ro_root", buf); } if (!have_key("cpuset", buf)) { - warning("{green}No key cpuset found, set to NULL\n{clear}"); + ruri_warning("{green}No key cpuset found, set to NULL\n{clear}"); container.cpuset = NULL; } else { container.cpuset = k2v_get_key(char, "cpuset", buf); } if (!have_key("memory", buf)) { - warning("{green}No key memory found, set to NULL\n{clear}"); + ruri_warning("{green}No key memory found, set to NULL\n{clear}"); container.memory = NULL; } else { container.memory = k2v_get_key(char, "memory", buf); } if (!have_key("cpupercent", buf)) { - warning("{green}No key cpupercent found, set to -114\n{clear}"); + ruri_warning("{green}No key cpupercent found, set to -114\n{clear}"); container.cpupercent = INIT_VALUE; } else { container.cpupercent = k2v_get_key(int, "cpupercent", buf); } if (!have_key("just_chroot", buf)) { - warning("{green}No key just_chroot found, set to false\n{clear}"); + ruri_warning("{green}No key just_chroot found, set to false\n{clear}"); container.just_chroot = false; } else { container.just_chroot = k2v_get_key(bool, "just_chroot", buf); } if (!have_key("unmask_dirs", buf)) { - warning("{green}No key unmask_dirs found, set to false\n{clear}"); + ruri_warning("{green}No key unmask_dirs found, set to false\n{clear}"); container.unmask_dirs = false; } else { container.unmask_dirs = k2v_get_key(bool, "unmask_dirs", buf); } if (!have_key("work_dir", buf)) { - warning("{green}No key work_dir found, set to NULL\n{clear}"); + ruri_warning("{green}No key work_dir found, set to NULL\n{clear}"); container.work_dir = NULL; } else { container.work_dir = k2v_get_key(char, "work_dir", buf); } if (!have_key("rootfs_source", buf)) { - warning("{green}No key rootfs_source found, set to NULL\n{clear}"); + ruri_warning("{green}No key rootfs_source found, set to NULL\n{clear}"); container.rootfs_source = NULL; } else { container.rootfs_source = k2v_get_key(char, "rootfs_source", buf); } if (!have_key("no_network", buf)) { - warning("{green}No key no_network found, set to false\n{clear}"); + ruri_warning("{green}No key no_network found, set to false\n{clear}"); container.no_network = false; } else { container.no_network = k2v_get_key(bool, "no_network", buf); @@ -540,7 +540,7 @@ void correct_config(const char *_Nonnull path) } } if (!have_key("hostname", buf)) { - warning("{green}No key hostname found, set to NULL\n{clear}"); + ruri_warning("{green}No key hostname found, set to NULL\n{clear}"); container.hostname = NULL; } else { container.hostname = k2v_get_key(char, "hostname", buf); @@ -550,9 +550,9 @@ void correct_config(const char *_Nonnull path) remove(path); fd = open(path, O_CREAT | O_CLOEXEC | O_RDWR, S_IRUSR | S_IRGRP | S_IROTH | S_IWGRP | S_IWUSR | S_IWOTH); if (fd < 0) { - error("{red}Error: failed to open output file QwQ\n"); + ruri_error("{red}Error: failed to open output file QwQ\n"); } - char *config = container_info_to_k2v(&container); + char *config = ruri_container_info_to_k2v(&container); write(fd, config, strlen(config)); close(fd); free(config); diff --git a/src/easteregg/action.c b/src/easteregg/action.c index bb33f4c..ac13e71 100644 --- a/src/easteregg/action.c +++ b/src/easteregg/action.c @@ -32,160 +32,160 @@ * This file defines the actions of the animation. * All the functions have the same arguments. */ -void face(useconds_t inr, unsigned int keep) +void nekofeng_face(useconds_t inr, unsigned int keep) { struct ACTION *action = NULL; - action = add_action(action, -17, -9, - "\033[0m ██ ██\n" - "\033[0m ██ ██ ██ ██\n" - "\033[0m ██ ████ ██ ██\n" - "\033[0m ██ ██ ████ ██\n" - "\033[0m ██ ██████████████████ ██\n" - "\033[0m ██ ██ ██ ██\n" - "\033[0m ██ ██ ████ ██\n" - "\033[0m ████████ ██ ██ ████ ██\n" - "\033[0m ██ ██ ██ ██ ██ ██ ██ ██\n" - "\033[0m ████ ██ ██ ████ ██ ██ ██ ██████\n" - "\033[0m ██ ██ ██ ██ ████ ██ ██ ████████\n" - "\033[0m ██ ██ ██ ████\n" - "\033[0m ██ ██ ██\n" - "\033[0m ████ ██ ██\n" - "\033[0m ██ ██ ██\n" - "\033[0m ██ ██ ██\n" - "\033[0m ██ ██ ██\n" - "\033[0m ████ ██ ██ ██\n" - "\033[0m ████ ██████ ██\n" - "\033[0m ██████ ████ ████\n" - "\033[0m ████ ████\n" - "\033[0m ████████████████████\n"); - play_action(action, inr, keep); - free_action(action); + action = nekofeng_add_action(action, -17, -9, + "\033[0m ██ ██\n" + "\033[0m ██ ██ ██ ██\n" + "\033[0m ██ ████ ██ ██\n" + "\033[0m ██ ██ ████ ██\n" + "\033[0m ██ ██████████████████ ██\n" + "\033[0m ██ ██ ██ ██\n" + "\033[0m ██ ██ ████ ██\n" + "\033[0m ████████ ██ ██ ████ ██\n" + "\033[0m ██ ██ ██ ██ ██ ██ ██ ██\n" + "\033[0m ████ ██ ██ ████ ██ ██ ██ ██████\n" + "\033[0m ██ ██ ██ ██ ████ ██ ██ ████████\n" + "\033[0m ██ ██ ██ ████\n" + "\033[0m ██ ██ ██\n" + "\033[0m ████ ██ ██\n" + "\033[0m ██ ██ ██\n" + "\033[0m ██ ██ ██\n" + "\033[0m ██ ██ ██\n" + "\033[0m ████ ██ ██ ██\n" + "\033[0m ████ ██████ ██\n" + "\033[0m ██████ ████ ████\n" + "\033[0m ████ ████\n" + "\033[0m ████████████████████\n"); + nekofeng_play_action(action, inr, keep); + nekofeng_free_action(action); } -void mouth(useconds_t inr, unsigned int keep) +void nekofeng_mouth(useconds_t inr, unsigned int keep) { struct ACTION *action = NULL; - action = add_action(action, 10, 8, - "\n" - "\n" - " ███\n"); - action = add_action(action, 10, 8, - "\n" - "\n" - " ████\n"); - action = add_action(action, 10, 8, - "\n" - "\n" - " ██████\n"); - action = add_action(action, 10, 8, - "\n" - "██ ██\n" - " ████\n"); - play_action(action, inr, keep); - free_action(action); + action = nekofeng_add_action(action, 10, 8, + "\n" + "\n" + " ███\n"); + action = nekofeng_add_action(action, 10, 8, + "\n" + "\n" + " ████\n"); + action = nekofeng_add_action(action, 10, 8, + "\n" + "\n" + " ██████\n"); + action = nekofeng_add_action(action, 10, 8, + "\n" + "██ ██\n" + " ████\n"); + nekofeng_play_action(action, inr, keep); + nekofeng_free_action(action); } -void ahoge(useconds_t inr, unsigned int keep) +void nekofeng_ahoge(useconds_t inr, unsigned int keep) { struct ACTION *action = NULL; - action = add_action(action, 6, -8, - " ██\n" - " ██\n" - " ██\n"); - action = add_action(action, 6, -8, - " ██\n" - " ██\n" - " ██\n"); - action = add_action(action, 6, -8, - " ██\n" - " ██\n" - " ██\n"); - action = add_action(action, 6, -8, - " ██\n" - " ██\n" - " ██\n"); - action = add_action(action, 6, -8, - "██\n" - " ██\n" - " ██\n"); - action = add_action(action, 6, -8, - " ██\n" - " ██\n" - " ██\n"); - play_action(action, inr, keep); - free_action(action); + action = nekofeng_add_action(action, 6, -8, + " ██\n" + " ██\n" + " ██\n"); + action = nekofeng_add_action(action, 6, -8, + " ██\n" + " ██\n" + " ██\n"); + action = nekofeng_add_action(action, 6, -8, + " ██\n" + " ██\n" + " ██\n"); + action = nekofeng_add_action(action, 6, -8, + " ██\n" + " ██\n" + " ██\n"); + action = nekofeng_add_action(action, 6, -8, + "██\n" + " ██\n" + " ██\n"); + action = nekofeng_add_action(action, 6, -8, + " ██\n" + " ██\n" + " ██\n"); + nekofeng_play_action(action, inr, keep); + nekofeng_free_action(action); } -void blink_lefteye(useconds_t inr, unsigned int keep) +void nekofeng_blink_lefteye(useconds_t inr, unsigned int keep) { struct ACTION *action = NULL; - action = add_action(action, 1, 2, - " ██████ \n" - "██ ██\n" - " ██████\n" - " ██ ██\n" - " ██████\n"); - action = add_action(action, 1, 2, - "\n" - " ██████ \n" - "██ ██\n" - " ██ ██\n" - " ██████\n"); - action = add_action(action, 1, 2, - "\n\n" - " ██████ \n" - "██ ██\n" - " ██████\n"); - action = add_action(action, 1, 2, - "\n\n\n" - " ██████ \n" - "██████████\n"); - action = add_action(action, 1, 2, - "\n\n" - " ████\n" - " ██\n" - " █████\n"); - action = add_action(action, 1, 2, - "\n" - " ████\n" - " ██\n" - " ██\n" - " ██████\n"); - play_action(action, inr, keep); - free_action(action); + action = nekofeng_add_action(action, 1, 2, + " ██████ \n" + "██ ██\n" + " ██████\n" + " ██ ██\n" + " ██████\n"); + action = nekofeng_add_action(action, 1, 2, + "\n" + " ██████ \n" + "██ ██\n" + " ██ ██\n" + " ██████\n"); + action = nekofeng_add_action(action, 1, 2, + "\n\n" + " ██████ \n" + "██ ██\n" + " ██████\n"); + action = nekofeng_add_action(action, 1, 2, + "\n\n\n" + " ██████ \n" + "██████████\n"); + action = nekofeng_add_action(action, 1, 2, + "\n\n" + " ████\n" + " ██\n" + " █████\n"); + action = nekofeng_add_action(action, 1, 2, + "\n" + " ████\n" + " ██\n" + " ██\n" + " ██████\n"); + nekofeng_play_action(action, inr, keep); + nekofeng_free_action(action); } -void blink_righteye(useconds_t inr, unsigned int keep) +void nekofeng_blink_righteye(useconds_t inr, unsigned int keep) { struct ACTION *action = NULL; - action = add_action(action, 16, 2, - " ██████ \n" - "██ ██\n" - " \033[31m██ ██\n" - " ██ \n" - " ██ ██\n"); - action = add_action(action, 16, 2, - "\n" - " ██████ \n" - "██\033[31m██ ██\033[0m██\n" - " \033[31m██\n" - " ██ ██\n"); - action = add_action(action, 16, 2, - "\n\n" - " ██████ \n" - "██ \033[31m██\033[0m ██\n" - " \033[31m██ ██\n"); - action = add_action(action, 16, 2, - "\n\n\n" - " ██████ \n" - "██\033[31m██ ██\033[0m██ \n"); - action = add_action(action, 16, 2, - "\n\n" - " ████\n" - "██\n" - " █████\n"); - action = add_action(action, 16, 2, - "\n" - " ████\n" - " ██\n" - "██\n" - " ██████\n"); - play_action(action, inr, keep); - free_action(action); + action = nekofeng_add_action(action, 16, 2, + " ██████ \n" + "██ ██\n" + " \033[31m██ ██\n" + " ██ \n" + " ██ ██\n"); + action = nekofeng_add_action(action, 16, 2, + "\n" + " ██████ \n" + "██\033[31m██ ██\033[0m██\n" + " \033[31m██\n" + " ██ ██\n"); + action = nekofeng_add_action(action, 16, 2, + "\n\n" + " ██████ \n" + "██ \033[31m██\033[0m ██\n" + " \033[31m██ ██\n"); + action = nekofeng_add_action(action, 16, 2, + "\n\n\n" + " ██████ \n" + "██\033[31m██ ██\033[0m██ \n"); + action = nekofeng_add_action(action, 16, 2, + "\n\n" + " ████\n" + "██\n" + " █████\n"); + action = nekofeng_add_action(action, 16, 2, + "\n" + " ████\n" + " ██\n" + "██\n" + " ██████\n"); + nekofeng_play_action(action, inr, keep); + nekofeng_free_action(action); } \ No newline at end of file diff --git a/src/easteregg/include/nekofeng.h b/src/easteregg/include/nekofeng.h index 0ac121a..f6306e0 100644 --- a/src/easteregg/include/nekofeng.h +++ b/src/easteregg/include/nekofeng.h @@ -85,16 +85,16 @@ extern int y; // This lock is used for print_layer() and clear_layer(). extern atomic_flag lock; // Function list. -void spin_lock(atomic_flag *_Nonnull lock); -void spin_unlock(atomic_flag *_Nonnull lock); -void play_action(struct ACTION *_Nonnull action, useconds_t inr, unsigned int keep); -void playback_action(struct ACTION *_Nonnull action, useconds_t inr, unsigned int keep); -void free_action(struct ACTION *_Nonnull action); -struct ACTION *add_action(struct ACTION *_Nonnull action, int x_offset, int y_offset, char *_Nonnull layer); -void face(useconds_t inr, unsigned int keep); -void mouth(useconds_t inr, unsigned int keep); -void ahoge(useconds_t inr, unsigned int keep); -void blink_lefteye(useconds_t inr, unsigned int keep); -void blink_righteye(useconds_t inr, unsigned int keep); -void typewrite_layer(struct LAYER *_Nonnull layer, useconds_t inr, bool blink); -void clear_typewrite_layer(struct LAYER *_Nonnull layer, useconds_t inr); +void nekofeng_spin_lock(atomic_flag *_Nonnull lock); +void nekofeng_spin_unlock(atomic_flag *_Nonnull lock); +void nekofeng_play_action(struct ACTION *_Nonnull action, useconds_t inr, unsigned int keep); +void nekofeng_playback_action(struct ACTION *_Nonnull action, useconds_t inr, unsigned int keep); +void nekofeng_free_action(struct ACTION *_Nonnull action); +struct ACTION *nekofeng_add_action(struct ACTION *_Nonnull action, int x_offset, int y_offset, char *_Nonnull layer); +void nekofeng_face(useconds_t inr, unsigned int keep); +void nekofeng_mouth(useconds_t inr, unsigned int keep); +void nekofeng_ahoge(useconds_t inr, unsigned int keep); +void nekofeng_blink_lefteye(useconds_t inr, unsigned int keep); +void nekofeng_blink_righteye(useconds_t inr, unsigned int keep); +void nekofeng_typewrite_layer(struct LAYER *_Nonnull layer, useconds_t inr, bool blink); +void nekofeng_clear_typewrite_layer(struct LAYER *_Nonnull layer, useconds_t inr); diff --git a/src/easteregg/layer.c b/src/easteregg/layer.c index 1a78387..4a6f59c 100644 --- a/src/easteregg/layer.c +++ b/src/easteregg/layer.c @@ -30,18 +30,18 @@ #include "include/nekofeng.h" /* * This file provides the function - * add_action(), play_action(), playback_action(), and free_action(). + * nekofeng_add_action(), nekofeng_play_action(), nekofeng_playback_action(), and nekofeng_free_action(). * * Usage: * * struct ACTION *action = NULL; - * action = add_action(action, 11, 4, + * action = nekofeng_add_action(action, 11, 4, * "\n\033[0m vedvhfkhbfuweh \n\n"); - * action = add_action(action, 11, 4, + * action = nekofeng_add_action(action, 11, 4, * "\n\033[0m vedvhfkhbfuweh \n\n"); - * play_action(action, inr, keep); - * playback_action(action, inr, keep); - * free_action(action); + * nekofeng_play_action(action, inr, keep); + * nekofeng_playback_action(action, inr, keep); + * nekofeng_free_action(action); * * Do not care how it works, because I forgot, * and I am too lazy to read the code. @@ -49,7 +49,7 @@ */ static void clear_layer(struct LAYER *_Nonnull layer) { - spin_lock(&lock); + nekofeng_spin_lock(&lock); int y_offset = 0; int x_offset = 0; printf("\033[%dH", y + layer->y_offset); @@ -85,12 +85,12 @@ static void clear_layer(struct LAYER *_Nonnull layer) x_offset++; } fflush(stdout); - spin_unlock(&lock); + nekofeng_spin_unlock(&lock); usleep(10000); } static void print_layer(struct LAYER *_Nonnull layer) { - spin_lock(&lock); + nekofeng_spin_lock(&lock); int y_offset = 0; printf("\033[%dH", y + layer->y_offset); printf("\033[%dG", x + layer->x_offset); @@ -114,10 +114,10 @@ static void print_layer(struct LAYER *_Nonnull layer) } printf("\033[0m"); fflush(stdout); - spin_unlock(&lock); + nekofeng_spin_unlock(&lock); usleep(10000); } -void play_action(struct ACTION *_Nonnull action, useconds_t inr, unsigned int keep) +void nekofeng_play_action(struct ACTION *_Nonnull action, useconds_t inr, unsigned int keep) { struct ACTION **p = &action; while ((*p) != NULL) { @@ -130,7 +130,7 @@ void play_action(struct ACTION *_Nonnull action, useconds_t inr, unsigned int ke p = &((*p)->next); } } -void playback_action(struct ACTION *_Nonnull action, useconds_t inr, unsigned int keep) +void nekofeng_playback_action(struct ACTION *_Nonnull action, useconds_t inr, unsigned int keep) { struct ACTION **p = &action; while ((*p)->next != NULL) { @@ -146,7 +146,7 @@ void playback_action(struct ACTION *_Nonnull action, useconds_t inr, unsigned in p = &((*p)->prior); } } -void free_action(struct ACTION *_Nonnull action) +void nekofeng_free_action(struct ACTION *_Nonnull action) { struct ACTION *p = action; while (p != NULL) { @@ -157,7 +157,7 @@ void free_action(struct ACTION *_Nonnull action) free(t); } } -struct ACTION *add_action(struct ACTION *_Nonnull action, int x_offset, int y_offset, char *_Nonnull layer) +struct ACTION *nekofeng_add_action(struct ACTION *_Nonnull action, int x_offset, int y_offset, char *_Nonnull layer) { struct ACTION **p = &action; struct ACTION *prior = action; diff --git a/src/easteregg/nekofeng.c b/src/easteregg/nekofeng.c index 3f1c64d..9e8bb24 100644 --- a/src/easteregg/nekofeng.c +++ b/src/easteregg/nekofeng.c @@ -30,7 +30,7 @@ #include "include/nekofeng.h" /* * This file was the main.c in nekofeng project. - * Now, it provides the function AwA() as the easteregg of ruri. + * Now, it provides the function ruri_AwA() as the easteregg of ruri. */ // The global variables are defined here. int x; @@ -38,13 +38,13 @@ int y; atomic_flag lock = ATOMIC_FLAG_INIT; atomic_flag lock2 = ATOMIC_FLAG_INIT; // The spin lock. -void spin_lock(atomic_flag *_Nonnull l) +void nekofeng_spin_lock(atomic_flag *_Nonnull l) { while (atomic_flag_test_and_set(l)) { } } // The spin unlock. -void spin_unlock(atomic_flag *_Nonnull l) +void nekofeng_spin_unlock(atomic_flag *_Nonnull l) { atomic_flag_clear(l); } @@ -66,12 +66,12 @@ static long tids[6] = { -114 }; static void update_tids(void) { long tid = syscall(SYS_gettid); - spin_lock(&lock2); + nekofeng_spin_lock(&lock2); for (int i = 0; i < 6; i++) { if (tids[i] < 0) { tids[i] = tid; tids[i + 1] = -114; - spin_unlock(&lock2); + nekofeng_spin_unlock(&lock2); return; } } @@ -79,36 +79,36 @@ static void update_tids(void) void *test0(void *arg) { update_tids(); - face(100000, 7); + nekofeng_face(100000, 7); return arg; } void *test1(void *arg) { update_tids(); - blink_lefteye(200000, 7); + nekofeng_blink_lefteye(200000, 7); return arg; } void *test2(void *arg) { update_tids(); - blink_righteye(200000, 7); + nekofeng_blink_righteye(200000, 7); return arg; } void *test3(void *arg) { update_tids(); - mouth(200000, 7); + nekofeng_mouth(200000, 7); return arg; } void *test4(void *arg) { update_tids(); for (int i = 0; i < 11; i++) { - ahoge(300000, 0); + nekofeng_ahoge(300000, 0); } return arg; } -void AwA() +void ruri_AwA() { printf("\033[?25l"); init(); @@ -122,9 +122,9 @@ void AwA() " Show me the code.\n"; layer.x_offset = 3; layer.y_offset = -2; - typewrite_layer(&layer, 50000, true); + nekofeng_typewrite_layer(&layer, 50000, true); sleep(2); - clear_typewrite_layer(&layer, 50000); + nekofeng_clear_typewrite_layer(&layer, 50000); pid_t pid = fork(); if (pid > 0) { wait(NULL); @@ -154,7 +154,7 @@ void AwA() "● ● ●●● ●●●●● ● ● ● ● ●●● ●●●●● ● ● \n"; layer.x_offset = -10; layer.y_offset = -2; - typewrite_layer(&layer, 5000, false); + nekofeng_typewrite_layer(&layer, 5000, false); sleep(4); printf("\033c"); printf("\n\033[?25h"); diff --git a/src/easteregg/typewriter.c b/src/easteregg/typewriter.c index 6565190..ea14470 100644 --- a/src/easteregg/typewriter.c +++ b/src/easteregg/typewriter.c @@ -30,7 +30,7 @@ #include "include/nekofeng.h" /* * This file provides the function - * typewrite_layer() and clear_typewrite_layer(). + * nekofeng_typewrite_layer() and nekofeng_clear_typewrite_layer(). * * Usage: * @@ -38,9 +38,9 @@ * layer.layer = "\033[1;38;2;254;228;208mxxxxxxxxxxxx\n"; * layer.x_offset = 1; * layer.y_offset = 14; - * typewrite_layer(&layer, 50000, true); + * nekofeng_typewrite_layer(&layer, 50000, true); * sleep(2); - * clear_typewrite_layer(&layer, 50000); + * nekofeng_clear_typewrite_layer(&layer, 50000); * * Do not care how it works, because I forgot, * and I am too lazy to read the code. @@ -100,7 +100,7 @@ static int get_lines(char *_Nonnull buf) } return j; } -void typewrite_layer(struct LAYER *_Nonnull layer, useconds_t inr, bool blink) +void nekofeng_typewrite_layer(struct LAYER *_Nonnull layer, useconds_t inr, bool blink) { int y_offset = 0; printf("\033[%dH", y + layer->y_offset); @@ -159,7 +159,7 @@ void typewrite_layer(struct LAYER *_Nonnull layer, useconds_t inr, bool blink) } } } -void clear_typewrite_layer(struct LAYER *_Nonnull layer, useconds_t inr) +void nekofeng_clear_typewrite_layer(struct LAYER *_Nonnull layer, useconds_t inr) { int y_offset = get_lines(layer->layer); char *buf = strdup(layer->layer); diff --git a/src/elf-magic.c b/src/elf-magic.c index c582d2e..01ba2c9 100644 --- a/src/elf-magic.c +++ b/src/elf-magic.c @@ -29,14 +29,14 @@ */ #include "include/ruri.h" // Get ELF magic number and mask for cross_arch specified. -struct MAGIC *get_magic(const char *_Nonnull cross_arch) +struct RURI_ELF_MAGIC *ruri_get_magic(const char *_Nonnull cross_arch) { /* * I know that this seems to be a little bit stupid, * but we have no other ways to match the architecture to its ELF magic. * TODO: Support more architecture aliases. */ - struct MAGIC *ret = (struct MAGIC *)malloc(sizeof(struct MAGIC)); + struct RURI_ELF_MAGIC *ret = (struct RURI_ELF_MAGIC *)malloc(sizeof(struct RURI_ELF_MAGIC)); // Avoid to simulate the same architecture as host. #if defined(__aarch64__) if (strcmp(cross_arch, "aarch64") == 0 || strcmp(cross_arch, "arm64") == 0) { @@ -225,104 +225,104 @@ struct MAGIC *get_magic(const char *_Nonnull cross_arch) } #endif if (strcmp(cross_arch, "aarch64") == 0 || strcmp(cross_arch, "arm64") == 0 || strcmp(cross_arch, "armv8") == 0) { - ret->magic = magicof(aarch64); - ret->mask = maskof(aarch64); + ret->magic = ruri_magicof(aarch64); + ret->mask = ruri_maskof(aarch64); } else if (strcmp(cross_arch, "alpha") == 0) { - ret->magic = magicof(alpha); - ret->mask = maskof(alpha); + ret->magic = ruri_magicof(alpha); + ret->mask = ruri_maskof(alpha); } else if (strcmp(cross_arch, "arm") == 0 || strcmp(cross_arch, "armhf") == 0 || strcmp(cross_arch, "arm32") == 0 || strcmp(cross_arch, "armel") == 0 || strcmp(cross_arch, "armv7") == 0) { - ret->magic = magicof(arm); - ret->mask = maskof(arm); + ret->magic = ruri_magicof(arm); + ret->mask = ruri_maskof(arm); } else if (strcmp(cross_arch, "armeb") == 0) { - ret->magic = magicof(armeb); - ret->mask = maskof(armeb); + ret->magic = ruri_magicof(armeb); + ret->mask = ruri_maskof(armeb); } else if (strcmp(cross_arch, "cris") == 0) { - ret->magic = magicof(cris); - ret->mask = maskof(cris); + ret->magic = ruri_magicof(cris); + ret->mask = ruri_maskof(cris); } else if (strcmp(cross_arch, "hexagon") == 0) { - ret->magic = magicof(hexagon); - ret->mask = maskof(hexagon); + ret->magic = ruri_magicof(hexagon); + ret->mask = ruri_maskof(hexagon); } else if (strcmp(cross_arch, "hppa") == 0) { - ret->magic = magicof(hppa); - ret->mask = maskof(hppa); + ret->magic = ruri_magicof(hppa); + ret->mask = ruri_maskof(hppa); } else if (strcmp(cross_arch, "i386") == 0 || strcmp(cross_arch, "x86") == 0) { - ret->magic = magicof(i386); - ret->mask = maskof(i386); + ret->magic = ruri_magicof(i386); + ret->mask = ruri_maskof(i386); } else if (strcmp(cross_arch, "loongarch64") == 0 || strcmp(cross_arch, "loong64") == 0 || strcmp(cross_arch, "loongarch") == 0) { - ret->magic = magicof(loongarch64); - ret->mask = maskof(loongarch64); + ret->magic = ruri_magicof(loongarch64); + ret->mask = ruri_maskof(loongarch64); } else if (strcmp(cross_arch, "m68k") == 0) { - ret->magic = magicof(m68k); - ret->mask = maskof(m68k); + ret->magic = ruri_magicof(m68k); + ret->mask = ruri_maskof(m68k); } else if (strcmp(cross_arch, "microblaze") == 0) { - ret->magic = magicof(microblaze); - ret->mask = maskof(microblaze); + ret->magic = ruri_magicof(microblaze); + ret->mask = ruri_maskof(microblaze); } else if (strcmp(cross_arch, "mips") == 0) { - ret->magic = magicof(mips); - ret->mask = maskof(mips); + ret->magic = ruri_magicof(mips); + ret->mask = ruri_maskof(mips); } else if (strcmp(cross_arch, "mips64") == 0) { - ret->magic = magicof(mips64); - ret->mask = maskof(mips64); + ret->magic = ruri_magicof(mips64); + ret->mask = ruri_maskof(mips64); } else if (strcmp(cross_arch, "mips64el") == 0) { - ret->magic = magicof(mips64el); - ret->mask = maskof(mips64el); + ret->magic = ruri_magicof(mips64el); + ret->mask = ruri_maskof(mips64el); } else if (strcmp(cross_arch, "mipsel") == 0) { - ret->magic = magicof(mipsel); - ret->mask = maskof(mipsel); + ret->magic = ruri_magicof(mipsel); + ret->mask = ruri_maskof(mipsel); } else if (strcmp(cross_arch, "mipsn32") == 0) { - ret->magic = magicof(mipsn32); - ret->mask = maskof(mipsn32); + ret->magic = ruri_magicof(mipsn32); + ret->mask = ruri_maskof(mipsn32); } else if (strcmp(cross_arch, "mipsn32el") == 0) { - ret->magic = magicof(mipsn32el); - ret->mask = maskof(mipsn32el); + ret->magic = ruri_magicof(mipsn32el); + ret->mask = ruri_maskof(mipsn32el); } else if (strcmp(cross_arch, "ppc") == 0) { - ret->magic = magicof(ppc); - ret->mask = maskof(ppc); + ret->magic = ruri_magicof(ppc); + ret->mask = ruri_maskof(ppc); } else if (strcmp(cross_arch, "ppc64") == 0) { - ret->magic = magicof(ppc64); - ret->mask = maskof(ppc64); + ret->magic = ruri_magicof(ppc64); + ret->mask = ruri_maskof(ppc64); } else if (strcmp(cross_arch, "ppc64le") == 0) { - ret->magic = magicof(ppc64le); - ret->mask = maskof(ppc64le); + ret->magic = ruri_magicof(ppc64le); + ret->mask = ruri_maskof(ppc64le); } else if (strcmp(cross_arch, "riscv32") == 0) { - ret->magic = magicof(riscv32); - ret->mask = maskof(riscv32); + ret->magic = ruri_magicof(riscv32); + ret->mask = ruri_maskof(riscv32); } else if (strcmp(cross_arch, "riscv64") == 0) { - ret->magic = magicof(riscv64); - ret->mask = maskof(riscv64); + ret->magic = ruri_magicof(riscv64); + ret->mask = ruri_maskof(riscv64); } else if (strcmp(cross_arch, "s390x") == 0) { - ret->magic = magicof(s390x); - ret->mask = maskof(s390x); + ret->magic = ruri_magicof(s390x); + ret->mask = ruri_maskof(s390x); } else if (strcmp(cross_arch, "sh4") == 0) { - ret->magic = magicof(sh4); - ret->mask = maskof(sh4); + ret->magic = ruri_magicof(sh4); + ret->mask = ruri_maskof(sh4); } else if (strcmp(cross_arch, "sh4eb") == 0) { - ret->magic = magicof(sh4eb); - ret->mask = maskof(sh4eb); + ret->magic = ruri_magicof(sh4eb); + ret->mask = ruri_maskof(sh4eb); } else if (strcmp(cross_arch, "sparc") == 0) { - ret->magic = magicof(sparc); - ret->mask = maskof(sparc); + ret->magic = ruri_magicof(sparc); + ret->mask = ruri_maskof(sparc); } else if (strcmp(cross_arch, "sparc32plus") == 0) { - ret->magic = magicof(sparc32plus); - ret->mask = maskof(sparc32plus); + ret->magic = ruri_magicof(sparc32plus); + ret->mask = ruri_maskof(sparc32plus); } else if (strcmp(cross_arch, "sparc64") == 0) { - ret->magic = magicof(sparc64); - ret->mask = maskof(sparc64); + ret->magic = ruri_magicof(sparc64); + ret->mask = ruri_maskof(sparc64); } else if (strcmp(cross_arch, "x86_64") == 0 || strcmp(cross_arch, "amd64") == 0) { - ret->magic = magicof(x86_64); - ret->mask = maskof(x86_64); + ret->magic = ruri_magicof(x86_64); + ret->mask = ruri_maskof(x86_64); } else if (strcmp(cross_arch, "xtensa") == 0) { - ret->magic = magicof(xtensa); - ret->mask = maskof(xtensa); + ret->magic = ruri_magicof(xtensa); + ret->mask = ruri_maskof(xtensa); } else if (strcmp(cross_arch, "xtensaeb") == 0) { - ret->magic = magicof(xtensaeb); - ret->mask = maskof(xtensaeb); + ret->magic = ruri_magicof(xtensaeb); + ret->mask = ruri_maskof(xtensaeb); } else { free(ret); return NULL; } - log("Cross architecture: {cyan}%s\n", cross_arch); - log("ELF magic: {cyan}%s\n", ret->magic); - log("ELF mask: {cyan}%s\n", ret->mask); + ruri_log("Cross architecture: {cyan}%s\n", cross_arch); + ruri_log("ELF magic: {cyan}%s\n", ret->magic); + ruri_log("ELF mask: {cyan}%s\n", ret->mask); return ret; } diff --git a/src/include/ruri.h b/src/include/ruri.h index 166bb8c..d495062 100644 --- a/src/include/ruri.h +++ b/src/include/ruri.h @@ -108,7 +108,7 @@ #include "k2v.h" #include "cprintf.h" // Info of a container to create. -struct __attribute__((aligned(128))) CONTAINER { +struct __attribute__((aligned(128))) RURI_CONTAINER { // Container directory. char *_Nonnull container_dir; // Capabilities to drop. @@ -166,15 +166,15 @@ struct __attribute__((aligned(128))) CONTAINER { // No network. bool no_network; }; -// For get_magic(). -#define magicof(x) (x##_magic) -#define maskof(x) (x##_mask) -struct __attribute__((aligned(16))) MAGIC { +// For ruri_get_magic(). +#define ruri_magicof(x) (x##_magic) +#define ruri_maskof(x) (x##_mask) +struct __attribute__((aligned(16))) RURI_ELF_MAGIC { char *_Nonnull magic; char *_Nonnull mask; }; -// For get_idmap(). -struct __attribute__((aligned(32))) ID_MAP { +// For ruri_get_idmap(). +struct __attribute__((aligned(32))) RURI_ID_MAP { uid_t uid; uid_t uid_lower; uid_t uid_count; @@ -183,9 +183,9 @@ struct __attribute__((aligned(32))) ID_MAP { gid_t gid_count; }; // Warnings. -#define warning(...) cfprintf(stderr, ##__VA_ARGS__) +#define ruri_warning(...) cfprintf(stderr, ##__VA_ARGS__) // Show error msg and exit. -#define error(...) \ +#define ruri_error(...) \ { \ cfprintf(stderr, "{red}In %s() in %s line %d:\n", __func__, __FILE__, __LINE__); \ cfprintf(stderr, ##__VA_ARGS__); \ @@ -202,7 +202,7 @@ struct __attribute__((aligned(32))) ID_MAP { } // Log system. #if defined(RURI_DEBUG) -#define log(...) \ +#define ruri_log(...) \ { \ struct timeval tv; \ gettimeofday(&tv, NULL); \ @@ -210,43 +210,41 @@ struct __attribute__((aligned(32))) ID_MAP { cfprintf(stdout, ##__VA_ARGS__) \ } #else -#define log(...) \ - { \ - } +#define ruri_log(...) #endif // Shared functions. -void register_signal(void); -void setup_seccomp(const struct CONTAINER *_Nonnull container); -void show_version_info(void); -void show_version_code(void); -void AwA(void); -void show_helps(void); -void show_examples(void); -void store_info(const struct CONTAINER *_Nonnull container); -struct CONTAINER *read_info(struct CONTAINER *_Nullable container, const char *_Nonnull container_dir); -void add_to_caplist(cap_value_t *_Nonnull list, cap_value_t cap); -bool is_in_caplist(const cap_value_t *_Nonnull list, cap_value_t cap); -void del_from_caplist(cap_value_t *_Nonnull list, cap_value_t cap); -void build_caplist(cap_value_t caplist[], bool privileged, cap_value_t drop_caplist_extra[], cap_value_t keep_caplist_extra[]); -struct MAGIC *get_magic(const char *_Nonnull cross_arch); -void run_unshare_container(struct CONTAINER *_Nonnull container); -char *container_info_to_k2v(const struct CONTAINER *_Nonnull container); -void run_chroot_container(struct CONTAINER *_Nonnull container); -void run_rootless_container(struct CONTAINER *_Nonnull container); -void run_rootless_chroot_container(struct CONTAINER *_Nonnull container); -int trymount(const char *_Nonnull source, const char *_Nonnull target, unsigned int mountflags); -void umount_container(const char *_Nonnull container_dir); -void read_config(struct CONTAINER *_Nonnull container, const char *_Nonnull path); -void set_limit(const struct CONTAINER *_Nonnull container); -struct ID_MAP get_idmap(uid_t uid, gid_t gid); -void container_ps(char *_Nonnull container_dir); -void kill_container(const char *_Nonnull container_dir); -bool user_exist(const char *_Nonnull username); -uid_t get_user_uid(const char *_Nonnull username); -gid_t get_user_gid(const char *_Nonnull username); -pid_t get_ns_pid(const char *_Nonnull container_dir); +void ruri_register_signal(void); +void ruri_setup_seccomp(const struct RURI_CONTAINER *_Nonnull container); +void ruri_show_version_info(void); +void ruri_show_version_code(void); +void ruri_AwA(void); +void ruri_show_helps(void); +void ruri_show_examples(void); +void ruri_store_info(const struct RURI_CONTAINER *_Nonnull container); +struct RURI_CONTAINER *ruri_read_info(struct RURI_CONTAINER *_Nullable container, const char *_Nonnull container_dir); +void ruri_add_to_caplist(cap_value_t *_Nonnull list, cap_value_t cap); +bool ruri_is_in_caplist(const cap_value_t *_Nonnull list, cap_value_t cap); +void ruri_del_from_caplist(cap_value_t *_Nonnull list, cap_value_t cap); +void ruri_build_caplist(cap_value_t caplist[], bool privileged, cap_value_t drop_caplist_extra[], cap_value_t keep_caplist_extra[]); +struct RURI_ELF_MAGIC *ruri_get_magic(const char *_Nonnull cross_arch); +void ruri_run_unshare_container(struct RURI_CONTAINER *_Nonnull container); +char *ruri_container_info_to_k2v(const struct RURI_CONTAINER *_Nonnull container); +void ruri_run_chroot_container(struct RURI_CONTAINER *_Nonnull container); +void ruri_run_rootless_container(struct RURI_CONTAINER *_Nonnull container); +void ruri_run_rootless_chroot_container(struct RURI_CONTAINER *_Nonnull container); +int ruri_trymount(const char *_Nonnull source, const char *_Nonnull target, unsigned int mountflags); +void ruri_umount_container(const char *_Nonnull container_dir); +void ruri_read_config(struct RURI_CONTAINER *_Nonnull container, const char *_Nonnull path); +void ruri_set_limit(const struct RURI_CONTAINER *_Nonnull container); +struct RURI_ID_MAP ruri_get_idmap(uid_t uid, gid_t gid); +void ruri_container_ps(char *_Nonnull container_dir); +void ruri_kill_container(const char *_Nonnull container_dir); +bool ruri_user_exist(const char *_Nonnull username); +uid_t ruri_get_user_uid(const char *_Nonnull username); +gid_t ruri_get_user_gid(const char *_Nonnull username); +pid_t ruri_get_ns_pid(const char *_Nonnull container_dir); void ruri_fetch(void); -void correct_config(const char *_Nonnull path); +void ruri_correct_config(const char *_Nonnull path); int ruri(int argc, char **argv); // ██╗ ██╗ ███████╗ ████╗ ███████╗ // ████████╗ ██╔════╝ ██╔═══██╗ ██╔════╝ diff --git a/src/info.c b/src/info.c index 3581483..d852958 100644 --- a/src/info.c +++ b/src/info.c @@ -28,7 +28,7 @@ * */ #include "include/ruri.h" -void show_version_info(void) +void ruri_show_version_info(void) { /* * Just show version info and license. @@ -63,7 +63,7 @@ void show_version_info(void) cprintf("{clear}\n"); } // For `ruri -V`. -void show_version_code(void) +void ruri_show_version_code(void) { /* * The version code is not standard now, @@ -73,7 +73,7 @@ void show_version_code(void) cprintf("%s\n", RURI_VERSION); } // For `ruri -h`. -void show_helps(void) +void ruri_show_helps(void) { /* * Help page of ruri. @@ -139,7 +139,7 @@ void show_helps(void) cprintf("{base}{clear}\n"); } // For `ruri -H`. -void show_examples(void) +void ruri_show_examples(void) { /* * Command line examples. diff --git a/src/mount.c b/src/mount.c index e341f5b..39bdb70 100644 --- a/src/mount.c +++ b/src/mount.c @@ -160,7 +160,7 @@ static char *losetup(const char *_Nonnull img) ioctl(loopfd, LOOP_SET_FD, imgfd); close(loopfd); close(imgfd); - log("{base}losetup {cyan}%s{base} ==> {cyan}%s{base}\n", img, loopfile); + ruri_log("{base}losetup {cyan}%s{base} ==> {cyan}%s{base}\n", img, loopfile); return loopfile; } static int mk_mountpoint_dir(const char *_Nonnull target) @@ -207,7 +207,7 @@ static int touch_mountpoint_file(const char *_Nonnull target) return 0; } // Mount dev/dir/img to target. -int trymount(const char *_Nonnull source, const char *_Nonnull target, unsigned int mountflags) +int ruri_trymount(const char *_Nonnull source, const char *_Nonnull target, unsigned int mountflags) { /* * This function is designed to mount a device/dir/image/file to target. @@ -224,16 +224,16 @@ int trymount(const char *_Nonnull source, const char *_Nonnull target, unsigned // umount target before mount(2), to avoid `device or resource busy`. umount2(target, MNT_DETACH | MNT_FORCE); int ret = 0; - log("{base}Mounting {cyan}%s{base} to {cyan}%s{base} with flags {cyan}%d{base}\n", source, target, mountflags); + ruri_log("{base}Mounting {cyan}%s{base} to {cyan}%s{base} with flags {cyan}%d{base}\n", source, target, mountflags); struct stat dev_stat; // If source does not exist, just return -1 as error. if (lstat(source, &dev_stat) != 0) { - log("{red}Error: {base}Source {cyan}%s{base} does not exist.\n", source); + ruri_log("{red}Error: {base}Source {cyan}%s{base} does not exist.\n", source); return -1; } // Bind-mount dir. if (S_ISDIR(dev_stat.st_mode)) { - log("{base}Bind-mounting {cyan}%s{base} to {cyan}%s{base}\n", source, target); + ruri_log("{base}Bind-mounting {cyan}%s{base} to {cyan}%s{base}\n", source, target); if (mk_mountpoint_dir(target) != 0) { return -1; } @@ -243,7 +243,7 @@ int trymount(const char *_Nonnull source, const char *_Nonnull target, unsigned } // Block device. else if (S_ISBLK(dev_stat.st_mode)) { - log("{base}Mounting block device {cyan}%s{base} to {cyan}%s{base}\n", source, target); + ruri_log("{base}Mounting block device {cyan}%s{base} to {cyan}%s{base}\n", source, target); if (mk_mountpoint_dir(target) != 0) { return -1; } @@ -258,14 +258,14 @@ int trymount(const char *_Nonnull source, const char *_Nonnull target, unsigned if (mk_mountpoint_dir(target) != 0) { return -1; } - log("{base}Mounting as image file {cyan}%s{base} to {cyan}%s{base}\n", source, target); + ruri_log("{base}Mounting as image file {cyan}%s{base} to {cyan}%s{base}\n", source, target); ret = mount_device(losetup(source), target, mountflags); // Common file. if (ret != 0) { if (touch_mountpoint_file(target) != 0) { return -1; } - log("{base}Bind-mounting as common file {cyan}%s{base} to {cyan}%s{base}\n", source, target); + ruri_log("{base}Bind-mounting as common file {cyan}%s{base} to {cyan}%s{base}\n", source, target); mount(source, target, NULL, mountflags | MS_BIND, NULL); ret = mount(source, target, NULL, mountflags | MS_BIND | MS_REMOUNT, NULL); } @@ -275,13 +275,13 @@ int trymount(const char *_Nonnull source, const char *_Nonnull target, unsigned if (touch_mountpoint_file(target) != 0) { return -1; } - log("{base}Bind-mounting {cyan}%s{base} to {cyan}%s{base}\n", source, target); + ruri_log("{base}Bind-mounting {cyan}%s{base} to {cyan}%s{base}\n", source, target); mount(source, target, NULL, mountflags | MS_BIND, NULL); ret = mount(source, target, NULL, mountflags | MS_BIND | MS_REMOUNT, NULL); } // We do not support to mount other type of files. else { - log("{red}Error: {base}Unsupported file type.\n"); + ruri_log("{red}Error: {base}Unsupported file type.\n"); ret = -1; } return ret; diff --git a/src/passwd.c b/src/passwd.c index 5629dc7..d92a88a 100644 --- a/src/passwd.c +++ b/src/passwd.c @@ -191,7 +191,7 @@ static uid_t line_get_uid_count(const char *_Nonnull p) } return ret; } -static void get_uid_map(char *_Nonnull user, struct ID_MAP *_Nonnull id_map) +static void get_uid_map(char *_Nonnull user, struct RURI_ID_MAP *_Nonnull id_map) { /* * Get uid_map. @@ -269,7 +269,7 @@ static gid_t line_get_gid_count(const char *_Nonnull p) } return ret; } -static void get_gid_map(const char *_Nonnull user, struct ID_MAP *_Nonnull id_map) +static void get_gid_map(const char *_Nonnull user, struct RURI_ID_MAP *_Nonnull id_map) { /* * Get gid_map. @@ -301,18 +301,18 @@ static void get_gid_map(const char *_Nonnull user, struct ID_MAP *_Nonnull id_ma id_map->gid_count = line_get_gid_count(map); free(buf); } -struct ID_MAP get_idmap(uid_t uid, gid_t gid) +struct RURI_ID_MAP ruri_get_idmap(uid_t uid, gid_t gid) { /* * Get uid_map and gid_map. - * This function will return a ID_MAP struct for `newuidmap` and `newgidmap`. + * This function will return a RURI_ID_MAP struct for `newuidmap` and `newgidmap`. * If there is any error, all the id_map will be 0. */ - struct ID_MAP ret; + struct RURI_ID_MAP ret; ret.uid = uid; ret.gid = gid; char *username = get_username(uid); - log("{base}Username: {cyan}%s\n", username); + ruri_log("{base}Username: {cyan}%s\n", username); if (username == NULL) { ret.uid_lower = 0; ret.uid_count = 0; @@ -322,16 +322,16 @@ struct ID_MAP get_idmap(uid_t uid, gid_t gid) } get_uid_map(username, &ret); get_gid_map(username, &ret); - log("{base}uid: {cyan}%d\n", ret.uid); - log("{base}gid: {cyan}%d\n", ret.gid); - log("{base}uid_lower: {cyan}%d\n", ret.uid_lower); - log("{base}uid_count: {cyan}%d\n", ret.uid_count); - log("{base}gid_lower: {cyan}%d\n", ret.gid_lower); - log("{base}gid_count: {cyan}%d\n", ret.gid_count); + ruri_log("{base}uid: {cyan}%d\n", ret.uid); + ruri_log("{base}gid: {cyan}%d\n", ret.gid); + ruri_log("{base}uid_lower: {cyan}%d\n", ret.uid_lower); + ruri_log("{base}uid_count: {cyan}%d\n", ret.uid_count); + ruri_log("{base}gid_lower: {cyan}%d\n", ret.gid_lower); + ruri_log("{base}gid_count: {cyan}%d\n", ret.gid_count); free(username); return ret; } -bool user_exist(const char *_Nonnull username) +bool ruri_user_exist(const char *_Nonnull username) { /* * Check if the user exists. @@ -366,7 +366,7 @@ bool user_exist(const char *_Nonnull username) free(buf); return false; } -uid_t get_user_uid(const char *_Nonnull username) +uid_t ruri_get_user_uid(const char *_Nonnull username) { /* * Get uid by username. @@ -403,7 +403,7 @@ uid_t get_user_uid(const char *_Nonnull username) free(buf); return 0; } -gid_t get_user_gid(const char *_Nonnull username) +gid_t ruri_get_user_gid(const char *_Nonnull username) { /* * Get gid by username. diff --git a/src/ps.c b/src/ps.c index ce308ff..7b0f7f2 100644 --- a/src/ps.c +++ b/src/ps.c @@ -99,8 +99,8 @@ static void test_and_print_pid(pid_t pid, char *_Nonnull container_dir, bool in_ sprintf(path, "%s%d%s", "/proc/", pid, "/root"); char buf[PATH_MAX]; realpath(path, buf); - log("{base}Pid: {cyan}%d\n", pid); - log("{base}Root: {cyan}%s\n", buf); + ruri_log("{base}Pid: {cyan}%d\n", pid); + ruri_log("{base}Root: {cyan}%s\n", buf); if (strcmp(buf, container_dir) == 0) { char *name = getpid_name(pid); char *stat = getpid_stat(pid); @@ -119,7 +119,7 @@ static void __container_ps(char *_Nonnull container_dir, bool in_pid_ns) { /* * Show the processes in the container. - * This is the core function of container_ps(). + * This is the core function of ruri_container_ps(). */ DIR *proc_dir = opendir("/proc"); struct dirent *file = NULL; @@ -145,7 +145,7 @@ static void __container_ps(char *_Nonnull container_dir, bool in_pid_ns) } for (int j = 0; j < len; j++) { if (pids[j] != INIT_VALUE) { - log("{base}Checking pid: {cyan}%d\n", pids[j]); + ruri_log("{base}Checking pid: {cyan}%d\n", pids[j]); test_and_print_pid(pids[j], container_dir, in_pid_ns); } else { break; @@ -160,7 +160,7 @@ static int join_ns(pid_t ns_pid) * If failed, return -1. */ if (geteuid() != 0) { - error("{red}Error: Please run `ruri -P` with sudo.\n"); + ruri_error("{red}Error: Please run `ruri -P` with sudo.\n"); } char path[PATH_MAX]; sprintf(path, "%s%d%s", "/proc/", ns_pid, "/ns/pid"); @@ -170,7 +170,7 @@ static int join_ns(pid_t ns_pid) } setns(fd, 0); close(fd); - log("{base}Joined pid namespace\n"); + ruri_log("{base}Joined pid namespace\n"); sprintf(path, "%s%d%s", "/proc/", ns_pid, "/ns/mnt"); fd = open(path, O_RDONLY | O_CLOEXEC); if (fd < 0) { @@ -179,10 +179,10 @@ static int join_ns(pid_t ns_pid) setns(fd, 0); close(fd); chdir("/"); - log("{base}Joined mount namespace\n"); + ruri_log("{base}Joined mount namespace\n"); return 0; } -void container_ps(char *_Nonnull container_dir) +void ruri_container_ps(char *_Nonnull container_dir) { /* * Show the processes in the container. @@ -190,11 +190,11 @@ void container_ps(char *_Nonnull container_dir) * if this is an unshare container, join the pid and mount namespace, so root is "/" now. * if pid namespace is not supported, fallback to the behavior with common container. */ - log("{base}Container directory: {cyan}%s\n", container_dir); + ruri_log("{base}Container directory: {cyan}%s\n", container_dir); if (geteuid() != 0) { - warning("{yellow}Warning: Please run `ruri -P` with sudo.\n"); + ruri_warning("{yellow}Warning: Please run `ruri -P` with sudo.\n"); } - struct CONTAINER *container = read_info(NULL, container_dir); + struct RURI_CONTAINER *container = ruri_read_info(NULL, container_dir); bool in_pid_ns = false; if (container->ns_pid > 0) { // We need to get the info of ns_pid before joining the namespace. @@ -231,7 +231,7 @@ static bool is_container_process(pid_t pid, const char *_Nonnull container_dir) } return false; } -void kill_container(const char *_Nonnull container_dir) +void ruri_kill_container(const char *_Nonnull container_dir) { /* * Check all the processes in /proc, @@ -263,9 +263,9 @@ void kill_container(const char *_Nonnull container_dir) } for (int j = 0; j < len; j++) { if (pids[j] != INIT_VALUE) { - log("{base}Checking pid: {cyan}%d\n", pids[j]); + ruri_log("{base}Checking pid: {cyan}%d\n", pids[j]); if (is_container_process(pids[j], container_dir)) { - log("{base}Killing pid: {cyan}%d\n", pids[j]); + ruri_log("{base}Killing pid: {cyan}%d\n", pids[j]); kill(pids[j], SIGKILL); } } else { diff --git a/src/rootless.c b/src/rootless.c index ee2c16b..6d62282 100644 --- a/src/rootless.c +++ b/src/rootless.c @@ -50,7 +50,7 @@ static int try_setup_idmap(pid_t ppid, uid_t uid, gid_t gid) * Try to use `uidmap` suid binary to setup uid and gid map. * If this function failed, we will use set_id_map() to setup the id map. */ - struct ID_MAP id_map = get_idmap(uid, gid); + struct RURI_ID_MAP id_map = ruri_get_idmap(uid, gid); // Failed to get /etc/subuid or /etc/subgid config for current user. if (id_map.gid_lower == 0 || id_map.uid_lower == 0) { return -1; @@ -89,10 +89,10 @@ static void try_unshare(int flags) * if failed, we just error() and exit. */ if (unshare(flags) == -1) { - error("{red}Your device does not support some namespaces needed!\n"); + ruri_error("{red}Your device does not support some namespaces needed!\n"); } } -static void init_rootless_container(struct CONTAINER *_Nonnull container) +static void init_rootless_container(struct RURI_CONTAINER *_Nonnull container) { /* * For rootless container, the way to create/mount runtime dir/files is different. @@ -181,14 +181,14 @@ static void set_id_map(uid_t uid, gid_t gid) sprintf(uid_map, "0 %d 1\n", uid); int uidmap_fd = open("/proc/self/uid_map", O_RDWR | O_CLOEXEC); if (uidmap_fd < 0) { - error("{red}Failed to open /proc/self/uid_map\n"); + ruri_error("{red}Failed to open /proc/self/uid_map\n"); } write(uidmap_fd, uid_map, strlen(uid_map)); close(uidmap_fd); // Set gid map. int setgroups_fd = open("/proc/self/setgroups", O_RDWR | O_CLOEXEC); if (setgroups_fd < 0) { - error("{red}Failed to open /proc/self/setgroups\n"); + ruri_error("{red}Failed to open /proc/self/setgroups\n"); } write(setgroups_fd, "deny", 5); close(setgroups_fd); @@ -196,7 +196,7 @@ static void set_id_map(uid_t uid, gid_t gid) sprintf(gid_map, "0 %d 1\n", gid); int gidmap_fd = open("/proc/self/gid_map", O_RDWR | O_CLOEXEC); if (gidmap_fd < 0) { - error("{red}Failed to open /proc/self/gid_map\n"); + ruri_error("{red}Failed to open /proc/self/gid_map\n"); } write(gidmap_fd, gid_map, strlen(gid_map)); close(gidmap_fd); @@ -207,7 +207,7 @@ static void set_id_map(uid_t uid, gid_t gid) write(setgroups_fd, "allow", 5); close(setgroups_fd); } -void run_rootless_container(struct CONTAINER *_Nonnull container) +void ruri_run_rootless_container(struct RURI_CONTAINER *_Nonnull container) { /* * Setup namespaces and run rootless container. @@ -243,19 +243,19 @@ void run_rootless_container(struct CONTAINER *_Nonnull container) pid_t pid = fork(); if (pid > 0) { if (!set_id_map_succeed && !container->no_warnings) { - warning("{yellow}Check if uidmap is installed on your host, command like su will run failed without uidmap.\n"); + ruri_warning("{yellow}Check if uidmap is installed on your host, command like su will run failed without uidmap.\n"); set_id_map(uid, gid); } int stat = 0; waitpid(pid, &stat, 0); exit(stat); } else if (pid < 0) { - error("{red}Fork error QwQ?\n"); + ruri_error("{red}Fork error QwQ?\n"); } else { // Init rootless container. if (!container->just_chroot) { init_rootless_container(container); } - run_rootless_chroot_container(container); + ruri_run_rootless_chroot_container(container); } } diff --git a/src/ruri.c b/src/ruri.c index b5f8a75..2eaae23 100644 --- a/src/ruri.c +++ b/src/ruri.c @@ -29,7 +29,7 @@ */ #include "include/ruri.h" // Do some checks before chroot(2),called by main(). -static void check_container(const struct CONTAINER *_Nonnull container) +static void check_container(const struct RURI_CONTAINER *_Nonnull container) { /* * It's called by main() to check if container config is correct. @@ -39,22 +39,22 @@ static void check_container(const struct CONTAINER *_Nonnull container) */ // Check if container directory is given. if (container->container_dir == NULL) { - error("{red}Error: container directory is not set or does not exist QwQ\n"); + ruri_error("{red}Error: container directory is not set or does not exist QwQ\n"); } // Refuse to use `/` for container directory. if (strcmp(container->container_dir, "/") == 0) { - error("{red}Error: `/` is not allowed to use as a container directory QwQ\n"); + ruri_error("{red}Error: `/` is not allowed to use as a container directory QwQ\n"); } // Check if we are running with root privileges. if (getuid() != 0 && !(container->rootless)) { - error("{red}Error: this program should be run with root privileges QwQ\n"); + ruri_error("{red}Error: this program should be run with root privileges QwQ\n"); } // `--arch` and `--qemu-path` should be set at the same time. if ((container->cross_arch == NULL) != (container->qemu_path == NULL)) { - error("{red}Error: --arch and --qemu-path should be set at the same time QwQ\n"); + ruri_error("{red}Error: --arch and --qemu-path should be set at the same time QwQ\n"); } } -static void parse_cgroup_settings(const char *_Nonnull str, struct CONTAINER *_Nonnull container) +static void parse_cgroup_settings(const char *_Nonnull str, struct RURI_CONTAINER *_Nonnull container) { /* * Parse and set cgroup limit. @@ -77,7 +77,7 @@ static void parse_cgroup_settings(const char *_Nonnull str, struct CONTAINER *_N buf[i + 1] = '\0'; } if (limit == NULL) { - error("{red}Error: cgroup limit should be like `cpuset=1` or `memory=1M`\n"); + ruri_error("{red}Error: cgroup limit should be like `cpuset=1` or `memory=1M`\n"); } if (strcmp("cpuset", buf) == 0) { container->cpuset = limit; @@ -86,13 +86,13 @@ static void parse_cgroup_settings(const char *_Nonnull str, struct CONTAINER *_N } else if (strcmp("cpupercent", buf) == 0) { container->cpupercent = atoi(limit); if (container->cpupercent < 1 || container->cpupercent > 100) { - error("{red}Error: cpupercent should be in range 1-100\n"); + ruri_error("{red}Error: cpupercent should be in range 1-100\n"); } } else { - error("{red}Unknown cgroup option %s\n", str); + ruri_error("{red}Unknown cgroup option %s\n", str); } } -static void parse_args(int argc, char **_Nonnull argv, struct CONTAINER *_Nonnull container) +static void parse_args(int argc, char **_Nonnull argv, struct RURI_CONTAINER *_Nonnull container) { /* * 100% shit-code here. @@ -104,7 +104,7 @@ static void parse_args(int argc, char **_Nonnull argv, struct CONTAINER *_Nonnul // Check if arguments are given. if (argc <= 1) { cfprintf(stderr, "{red}Error: too few arguments QwQ{clear}\n"); - show_helps(); + ruri_show_helps(); exit(114); } // Init configs. @@ -159,27 +159,27 @@ static void parse_args(int argc, char **_Nonnull argv, struct CONTAINER *_Nonnul /**** For other options ****/ // As an easter egg. if (strcmp(argv[index], "AwA") == 0) { - AwA(); + ruri_AwA(); exit(EXIT_SUCCESS); } // Show version info. if (strcmp(argv[index], "-v") == 0 || strcmp(argv[index], "--version") == 0) { - show_version_info(); + ruri_show_version_info(); exit(EXIT_SUCCESS); } // Show version code, very useless right now. if (strcmp(argv[index], "-V") == 0 || strcmp(argv[index], "--version-code") == 0) { - show_version_code(); + ruri_show_version_code(); exit(EXIT_SUCCESS); } // Show help page. if (strcmp(argv[index], "-h") == 0 || strcmp(argv[index], "--help") == 0) { - show_helps(); + ruri_show_helps(); exit(EXIT_SUCCESS); } // Show help page and example usage. if (strcmp(argv[index], "-H") == 0 || strcmp(argv[index], "--show-examples") == 0) { - show_examples(); + ruri_show_examples(); exit(EXIT_SUCCESS); } // Show neofeth-like ruri version info. @@ -193,9 +193,9 @@ static void parse_args(int argc, char **_Nonnull argv, struct CONTAINER *_Nonnul if (argv[index] != NULL) { char *container_dir = realpath(argv[index], NULL); if (container_dir == NULL) { - error("{red}Container directory does not exist QwQ\n"); + ruri_error("{red}Container directory does not exist QwQ\n"); } - umount_container(container_dir); + ruri_umount_container(container_dir); exit(EXIT_SUCCESS); } exit(114); @@ -206,9 +206,9 @@ static void parse_args(int argc, char **_Nonnull argv, struct CONTAINER *_Nonnul if (argv[index] != NULL) { char *container_dir = realpath(argv[index], NULL); if (container_dir == NULL) { - error("{red}Container directory does not exist QwQ\n"); + ruri_error("{red}Container directory does not exist QwQ\n"); } - container_ps(container_dir); + ruri_container_ps(container_dir); exit(EXIT_SUCCESS); } exit(114); @@ -217,7 +217,7 @@ static void parse_args(int argc, char **_Nonnull argv, struct CONTAINER *_Nonnul if (strcmp(argv[index], "-C") == 0 || strcmp(argv[index], "--correct-config") == 0) { index += 1; if (argv[index] != NULL) { - correct_config(argv[index]); + ruri_correct_config(argv[index]); exit(EXIT_SUCCESS); } exit(114); @@ -225,15 +225,15 @@ static void parse_args(int argc, char **_Nonnull argv, struct CONTAINER *_Nonnul /**** For running a container ****/ // Just make clang-tidy happy. if (argv[index] == NULL) { - error("{red}Failed to parse arguments.\n"); + ruri_error("{red}Failed to parse arguments.\n"); } // Use config file. if (strcmp(argv[index], "-c") == 0 || strcmp(argv[index], "--config") == 0) { if (index == argc - 1) { - error("{red}Please specify a config file !\n{clear}"); + ruri_error("{red}Please specify a config file !\n{clear}"); } index++; - read_config(container, argv[index]); + ruri_read_config(container, argv[index]); break; } // Dump config. @@ -244,7 +244,7 @@ static void parse_args(int argc, char **_Nonnull argv, struct CONTAINER *_Nonnul else if (strcmp(argv[index], "-o") == 0 || strcmp(argv[index], "--output") == 0) { index++; if (index == argc - 1) { - error("{red}Please specify the output file\n{clear}"); + ruri_error("{red}Please specify the output file\n{clear}"); } output_path = argv[index]; } @@ -255,7 +255,7 @@ static void parse_args(int argc, char **_Nonnull argv, struct CONTAINER *_Nonnul // Set hostname. else if (strcmp(argv[index], "-t") == 0 || strcmp(argv[index], "--hostname") == 0) { if (index == argc - 1) { - error("{red}Please specify the hostname !\n{clear}"); + ruri_error("{red}Please specify the hostname !\n{clear}"); } index++; container->hostname = strdup(argv[index]); @@ -275,7 +275,7 @@ static void parse_args(int argc, char **_Nonnull argv, struct CONTAINER *_Nonnul // User. else if (strcmp(argv[index], "-E") == 0 || strcmp(argv[index], "--user") == 0) { if (index == argc - 1) { - error("{red}Please specify the user\n{clear}"); + ruri_error("{red}Please specify the user\n{clear}"); } index++; container->user = strdup(argv[index]); @@ -283,7 +283,7 @@ static void parse_args(int argc, char **_Nonnull argv, struct CONTAINER *_Nonnul // Simulate architecture. else if (strcmp(argv[index], "-a") == 0 || strcmp(argv[index], "--arch") == 0) { if (index == argc - 1) { - error("{red}Please specify the arch\n{clear}"); + ruri_error("{red}Please specify the arch\n{clear}"); } index++; container->cross_arch = strdup(argv[index]); @@ -292,7 +292,7 @@ static void parse_args(int argc, char **_Nonnull argv, struct CONTAINER *_Nonnul else if (strcmp(argv[index], "-q") == 0 || strcmp(argv[index], "--qemu-path") == 0) { index++; if (index == argc - 1) { - error("{red}Please specify the path of qemu binary\n{clear}"); + ruri_error("{red}Please specify the path of qemu binary\n{clear}"); } container->qemu_path = strdup(argv[index]); } @@ -339,7 +339,7 @@ static void parse_args(int argc, char **_Nonnull argv, struct CONTAINER *_Nonnul if ((argv[index] != NULL)) { parse_cgroup_settings(argv[index], container); } else { - error("{red}Unknown cgroup option\n"); + ruri_error("{red}Unknown cgroup option\n"); } } // Work dir. @@ -348,7 +348,7 @@ static void parse_args(int argc, char **_Nonnull argv, struct CONTAINER *_Nonnul if (index < argc) { container->work_dir = strdup(argv[index]); } else { - error("{red}Unknown work directory\n"); + ruri_error("{red}Unknown work directory\n"); } } // Set extra env. @@ -365,11 +365,11 @@ static void parse_args(int argc, char **_Nonnull argv, struct CONTAINER *_Nonnul } // Max 512 envs. if (i == (MAX_ENVS - 1)) { - error("{red}Too many envs QwQ\n"); + ruri_error("{red}Too many envs QwQ\n"); } } } else { - error("{red}Error: unknown env QwQ\n"); + ruri_error("{red}Error: unknown env QwQ\n"); } } // Set extra mountpoints. @@ -377,13 +377,13 @@ static void parse_args(int argc, char **_Nonnull argv, struct CONTAINER *_Nonnul index++; if ((argv[index] != NULL) && (argv[index + 1] != NULL)) { if (strcmp(argv[index], "/") == 0) { - error("{red}/ is not allowed to use as a mountpoint QwQ\n"); + ruri_error("{red}/ is not allowed to use as a mountpoint QwQ\n"); } for (int i = 0; i < MAX_MOUNTPOINTS; i++) { if (container->extra_mountpoint[i] == NULL) { container->extra_mountpoint[i] = realpath(argv[index], NULL); if (container->extra_mountpoint[i] == NULL) { - error("{red}mountpoint does not exist QwQ\n"); + ruri_error("{red}mountpoint does not exist QwQ\n"); } index++; container->extra_mountpoint[i + 1] = strdup(argv[index]); @@ -395,7 +395,7 @@ static void parse_args(int argc, char **_Nonnull argv, struct CONTAINER *_Nonnul if (container->rootfs_source == NULL) { container->rootfs_source = strdup(argv[index]); } else { - error("{red}You can only mount one source to / QwQ\n"); + ruri_error("{red}You can only mount one source to / QwQ\n"); } } container->extra_mountpoint[i + 2] = NULL; @@ -403,11 +403,11 @@ static void parse_args(int argc, char **_Nonnull argv, struct CONTAINER *_Nonnul } // Max 512 mountpoints. if (i == (MAX_MOUNTPOINTS - 1)) { - error("{red}Too many mountpoints QwQ\n"); + ruri_error("{red}Too many mountpoints QwQ\n"); } } } else { - error("{red}Error: unknown mountpoint QwQ\n"); + ruri_error("{red}Error: unknown mountpoint QwQ\n"); } } // Set extra read-only mountpoints. @@ -418,7 +418,7 @@ static void parse_args(int argc, char **_Nonnull argv, struct CONTAINER *_Nonnul if (container->extra_ro_mountpoint[i] == NULL) { container->extra_ro_mountpoint[i] = realpath(argv[index], NULL); if (container->extra_ro_mountpoint[i] == NULL) { - error("{red}mountpoint does not exist QwQ\n"); + ruri_error("{red}mountpoint does not exist QwQ\n"); } index++; container->extra_ro_mountpoint[i + 1] = strdup(argv[index]); @@ -432,18 +432,18 @@ static void parse_args(int argc, char **_Nonnull argv, struct CONTAINER *_Nonnul container->rootfs_source = strdup(argv[index]); container->ro_root = true; } else { - error("{red}You can only mount one source to / QwQ\n"); + ruri_error("{red}You can only mount one source to / QwQ\n"); } } break; } // Max 512 mountpoints. if (i == (MAX_MOUNTPOINTS - 1)) { - error("{red}Too many mountpoints QwQ\n"); + ruri_error("{red}Too many mountpoints QwQ\n"); } } } else { - error("{red}Error: unknown mountpoint QwQ\n"); + ruri_error("{red}Error: unknown mountpoint QwQ\n"); } } // Extra capabilities to keep. @@ -454,15 +454,15 @@ static void parse_args(int argc, char **_Nonnull argv, struct CONTAINER *_Nonnul // because in the fulture, there might be new capabilities that // we can not use the name to match it in current libcap. if (atoi(argv[index]) != 0) { - add_to_caplist(keep_caplist_extra, atoi(argv[index])); + ruri_add_to_caplist(keep_caplist_extra, atoi(argv[index])); } else if (cap_from_name(argv[index], &cap) == 0) { - add_to_caplist(keep_caplist_extra, cap); - log("{base}Keep capability: %s\n", argv[index]); + ruri_add_to_caplist(keep_caplist_extra, cap); + ruri_log("{base}Keep capability: %s\n", argv[index]); } else { - error("{red}or: unknown capability `%s`\nQwQ{clear}\n", argv[index]); + ruri_error("{red}or: unknown capability `%s`\nQwQ{clear}\n", argv[index]); } } else { - error("{red}Missing argument\n"); + ruri_error("{red}Missing argument\n"); } } // Extra capabilities to drop. @@ -470,14 +470,14 @@ static void parse_args(int argc, char **_Nonnull argv, struct CONTAINER *_Nonnul index++; if (argv[index] != NULL) { if (atoi(argv[index]) != 0) { - add_to_caplist(drop_caplist_extra, atoi(argv[index])); + ruri_add_to_caplist(drop_caplist_extra, atoi(argv[index])); } else if (cap_from_name(argv[index], &cap) == 0) { - add_to_caplist(drop_caplist_extra, cap); + ruri_add_to_caplist(drop_caplist_extra, cap); } else { - error("{red}Error: unknown capability `%s`\nQwQ{clear}\n", argv[index]); + ruri_error("{red}Error: unknown capability `%s`\nQwQ{clear}\n", argv[index]); } } else { - error("{red}Missing argument\n"); + ruri_error("{red}Missing argument\n"); } } // If this argument is CONTAINER_DIR. @@ -504,23 +504,23 @@ static void parse_args(int argc, char **_Nonnull argv, struct CONTAINER *_Nonnul } // For unknown arguments, yeah I didn't forgot it... else { - show_helps(); - error("{red}Error: unknown option `%s`\nNote that only existing directory can be detected as CONTAINER_DIR\n", argv[index]); + ruri_show_helps(); + ruri_error("{red}Error: unknown option `%s`\nNote that only existing directory can be detected as CONTAINER_DIR\n", argv[index]); } } // Build the caplist to drop. - build_caplist(container->drop_caplist, privileged, drop_caplist_extra, keep_caplist_extra); + ruri_build_caplist(container->drop_caplist, privileged, drop_caplist_extra, keep_caplist_extra); // Dump config. if (dump_config) { // Check if container directory is given. if (container->container_dir == NULL) { - error("{red}Error: container directory is not set or does not exist QwQ\n"); + ruri_error("{red}Error: container directory is not set or does not exist QwQ\n"); } // Refuse to use `/` for container directory. if (strcmp(container->container_dir, "/") == 0) { - error("{red}Error: `/` is not allowed to use as a container directory QwQ\n"); + ruri_error("{red}Error: `/` is not allowed to use as a container directory QwQ\n"); } - char *config = container_info_to_k2v(container); + char *config = ruri_container_info_to_k2v(container); if (output_path == NULL) { cprintf("%s", config); exit(EXIT_SUCCESS); @@ -529,7 +529,7 @@ static void parse_args(int argc, char **_Nonnull argv, struct CONTAINER *_Nonnul remove(output_path); int fd = open(output_path, O_CREAT | O_CLOEXEC | O_RDWR, S_IRUSR | S_IRGRP | S_IROTH | S_IWGRP | S_IWUSR | S_IWOTH); if (fd < 0) { - error("{red}Error: failed to open output file QwQ\n"); + ruri_error("{red}Error: failed to open output file QwQ\n"); } write(fd, config, strlen(config)); free(config); @@ -537,7 +537,7 @@ static void parse_args(int argc, char **_Nonnull argv, struct CONTAINER *_Nonnul exit(EXIT_SUCCESS); } // Enable unshare automatically if we got a ns_pid. - pid_t ns_pid = get_ns_pid(container->container_dir); + pid_t ns_pid = ruri_get_ns_pid(container->container_dir); if (ns_pid > 0) { container->enable_unshare = true; } @@ -559,7 +559,7 @@ int ruri(int argc, char **argv) // Set process name. prctl(PR_SET_NAME, "ruri"); // Catch coredump signal. - register_signal(); + ruri_register_signal(); // Try to create a new session. setsid(); // Warning for dev/debug build. @@ -567,7 +567,7 @@ int ruri(int argc, char **argv) cprintf("{red}Warning: this is a dev/debug build, do not use it in production{clear}\n"); #endif // Info of container to run. - struct CONTAINER *container = (struct CONTAINER *)malloc(sizeof(struct CONTAINER)); + struct RURI_CONTAINER *container = (struct RURI_CONTAINER *)malloc(sizeof(struct RURI_CONTAINER)); // Parse arguments. parse_args(argc, argv, container); // Check container and the running environment. @@ -575,19 +575,19 @@ int ruri(int argc, char **argv) // unset $LD_PRELOAD. unsetenv("LD_PRELOAD"); // Log. - char *info = container_info_to_k2v(container); - log("{base}Container config:{cyan}\n%s", info); + char *info = ruri_container_info_to_k2v(container); + ruri_log("{base}Container config:{cyan}\n%s", info); free(info); // Run container. if ((container->enable_unshare) && !(container->rootless)) { // Unshare container. - run_unshare_container(container); + ruri_run_unshare_container(container); } else if ((container->rootless)) { // Rootless container. - run_rootless_container(container); + ruri_run_rootless_container(container); } else { // Common chroot container. - run_chroot_container(container); + ruri_run_chroot_container(container); } return 0; } diff --git a/src/rurienv.c b/src/rurienv.c index 53dc5f8..49c936a 100644 --- a/src/rurienv.c +++ b/src/rurienv.c @@ -64,7 +64,7 @@ static bool is_ruri_pid(pid_t pid) return true; } // Get ns_pid. -pid_t get_ns_pid(const char *_Nonnull container_dir) +pid_t ruri_get_ns_pid(const char *_Nonnull container_dir) { /* * Read .rurienv, @@ -98,7 +98,7 @@ pid_t get_ns_pid(const char *_Nonnull container_dir) return INIT_VALUE; } // Format container info as k2v. -static char *build_container_info(const struct CONTAINER *_Nonnull container) +static char *build_container_info(const struct RURI_CONTAINER *_Nonnull container) { /* * Format container runtime info to k2v format, @@ -181,11 +181,11 @@ static char *build_container_info(const struct CONTAINER *_Nonnull container) } ret = k2v_add_comment(ret, "Environment variable."); ret = k2v_add_config(char_array, ret, "env", container->env, len); - log("{base}Container config in /.rurienv:{cyan}\n%s", ret); + ruri_log("{base}Container config in /.rurienv:{cyan}\n%s", ret); return ret; } // Store container info. -void store_info(const struct CONTAINER *_Nonnull container) +void ruri_store_info(const struct RURI_CONTAINER *_Nonnull container) { /* * Format the runtime info of container to k2v format. @@ -239,12 +239,12 @@ void store_info(const struct CONTAINER *_Nonnull container) free(info); } // Read .rurienv file. -struct CONTAINER *read_info(struct CONTAINER *_Nullable container, const char *_Nonnull container_dir) +struct RURI_CONTAINER *ruri_read_info(struct RURI_CONTAINER *_Nullable container, const char *_Nonnull container_dir) { /* * Get runtime info of container. * And return the container struct back. - * For umount_container() and container_ps(), it will accept a NULL struct, + * For ruri_umount_container() and ruri_container_ps(), it will accept a NULL struct, * and return a struct with malloced memory. */ char file[PATH_MAX] = { '\0' }; @@ -252,9 +252,9 @@ struct CONTAINER *read_info(struct CONTAINER *_Nullable container, const char *_ int fd = open(file, O_RDONLY | O_CLOEXEC); // If .rurienv file does not exist. if (fd < 0) { - // Return a malloced struct for umount_container() and container_ps(). + // Return a malloced struct for ruri_umount_container() and ruri_container_ps(). if (container == NULL) { - container = (struct CONTAINER *)malloc(sizeof(struct CONTAINER)); + container = (struct RURI_CONTAINER *)malloc(sizeof(struct RURI_CONTAINER)); container->extra_mountpoint[0] = NULL; container->extra_ro_mountpoint[0] = NULL; container->ns_pid = INIT_VALUE; @@ -267,18 +267,18 @@ struct CONTAINER *read_info(struct CONTAINER *_Nullable container, const char *_ close(fd); // Read .rurienv file. char *buf = k2v_open_file(file, (size_t)size); - log("{base}Container config in /.rurienv:{cyan}\n%s", buf); + ruri_log("{base}Container config in /.rurienv:{cyan}\n%s", buf); // We only need to get part of container info when container is NULL. if (container == NULL) { - // For umount_container(). - container = (struct CONTAINER *)malloc(sizeof(struct CONTAINER)); + // For ruri_umount_container(). + container = (struct RURI_CONTAINER *)malloc(sizeof(struct RURI_CONTAINER)); int mlen = k2v_get_key(char_array, "extra_mountpoint", buf, container->extra_mountpoint, MAX_MOUNTPOINTS); container->extra_mountpoint[mlen] = NULL; container->extra_mountpoint[mlen + 1] = NULL; mlen = k2v_get_key(char_array, "extra_ro_mountpoint", buf, container->extra_ro_mountpoint, MAX_MOUNTPOINTS); container->extra_ro_mountpoint[mlen] = NULL; container->extra_ro_mountpoint[mlen + 1] = NULL; - // For container_ps() and umount_container(). + // For ruri_container_ps() and ruri_umount_container(). if (is_ruri_pid(k2v_get_key(int, "ns_pid", buf))) { container->ns_pid = k2v_get_key(int, "ns_pid", buf); } else { @@ -295,11 +295,11 @@ struct CONTAINER *read_info(struct CONTAINER *_Nullable container, const char *_ // Check if ns_pid is a ruri process. // If not, that means the container is not running. if (container->enable_unshare && !is_ruri_pid(k2v_get_key(int, "ns_pid", buf))) { - log("{base}pid %d is not a ruri process.\n", k2v_get_key(int, "ns_pid", buf)); + ruri_log("{base}pid %d is not a ruri process.\n", k2v_get_key(int, "ns_pid", buf)); // Unset immutable flag of .rurienv. fd = open(file, O_RDONLY | O_CLOEXEC); if (fd < 0 && !container->no_warnings) { - warning("{yellow}Open .rurienv failed{clear}\n"); + ruri_warning("{yellow}Open .rurienv failed{clear}\n"); } int attr = 0; ioctl(fd, FS_IOC_GETFLAGS, &attr); @@ -333,7 +333,7 @@ struct CONTAINER *read_info(struct CONTAINER *_Nullable container, const char *_ container->enable_seccomp = k2v_get_key(bool, "enable_seccomp", buf); // Get ns_pid. container->ns_pid = k2v_get_key(int, "ns_pid", buf); - log("{base}ns_pid: %d\n", container->ns_pid); + ruri_log("{base}ns_pid: %d\n", container->ns_pid); // Get container_id. container->container_id = k2v_get_key(int, "container_id", buf); // Get work_dir. diff --git a/src/seccomp.c b/src/seccomp.c index 77fedde..9e009ab 100644 --- a/src/seccomp.c +++ b/src/seccomp.c @@ -29,7 +29,7 @@ */ #include "include/ruri.h" // Setup seccomp filter rule, with libseccomp. -void setup_seccomp(const struct CONTAINER *_Nonnull container) +void ruri_setup_seccomp(const struct RURI_CONTAINER *_Nonnull container) { /* * Based on docker's default seccomp profile. @@ -37,11 +37,11 @@ void setup_seccomp(const struct CONTAINER *_Nonnull container) */ scmp_filter_ctx ctx = seccomp_init(SCMP_ACT_ALLOW); // I hope this is the right way to write the seccomp rule... - if (is_in_caplist(container->drop_caplist, CAP_SYS_PACCT)) { + if (ruri_is_in_caplist(container->drop_caplist, CAP_SYS_PACCT)) { seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(acct), 0); } seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(add_key), 0); - if (is_in_caplist(container->drop_caplist, CAP_SYS_ADMIN)) { + if (ruri_is_in_caplist(container->drop_caplist, CAP_SYS_ADMIN)) { seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(bpf), 0); seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(lookup_dcookie), 0); seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(mount), 0); @@ -55,35 +55,35 @@ void setup_seccomp(const struct CONTAINER *_Nonnull container) seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(vm86), 0); seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(vm86old), 0); } - if (is_in_caplist(container->drop_caplist, CAP_SYS_TIME)) { + if (ruri_is_in_caplist(container->drop_caplist, CAP_SYS_TIME)) { seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(clock_adjtime), 0); seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(clock_settime), 0); seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(settimeofday), 0); seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(stime), 0); } - if (is_in_caplist(container->drop_caplist, CAP_SYS_MODULE)) { + if (ruri_is_in_caplist(container->drop_caplist, CAP_SYS_MODULE)) { seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(create_module), 0); seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(delete_module), 0); seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(finit_module), 0); seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(init_module), 0); } seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(get_kernel_syms), 0); - if (is_in_caplist(container->drop_caplist, CAP_SYS_NICE)) { + if (ruri_is_in_caplist(container->drop_caplist, CAP_SYS_NICE)) { seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(get_mempolicy), 0); seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(mbind), 0); seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(set_mempolicy), 0); } - if (is_in_caplist(container->drop_caplist, CAP_SYS_RAWIO)) { + if (ruri_is_in_caplist(container->drop_caplist, CAP_SYS_RAWIO)) { seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(ioperm), 0); seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(iopl), 0); } - if (is_in_caplist(container->drop_caplist, CAP_SYS_PTRACE)) { + if (ruri_is_in_caplist(container->drop_caplist, CAP_SYS_PTRACE)) { seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(kcmp), 0); seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(process_vm_readv), 0); seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(process_vm_writev), 0); seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(ptrace), 0); } - if (is_in_caplist(container->drop_caplist, CAP_SYS_BOOT)) { + if (ruri_is_in_caplist(container->drop_caplist, CAP_SYS_BOOT)) { seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(kexec_file_load), 0); seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(kexec_load), 0); seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(reboot), 0); @@ -91,7 +91,7 @@ void setup_seccomp(const struct CONTAINER *_Nonnull container) seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(keyctl), 0); seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(move_pages), 0); seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(nfsservctl), 0); - if (is_in_caplist(container->drop_caplist, CAP_DAC_READ_SEARCH)) { + if (ruri_is_in_caplist(container->drop_caplist, CAP_DAC_READ_SEARCH)) { seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(open_by_handle_at), 0); } seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(perf_event_open), 0); @@ -108,5 +108,5 @@ void setup_seccomp(const struct CONTAINER *_Nonnull container) seccomp_attr_set(ctx, SCMP_FLTATR_CTL_NNP, 0); // Load seccomp rules. seccomp_load(ctx); - log("{base}Seccomp filter loaded\n"); + ruri_log("{base}Seccomp filter loaded\n"); } diff --git a/src/signal.c b/src/signal.c index 06da018..a449eca 100644 --- a/src/signal.c +++ b/src/signal.c @@ -68,7 +68,7 @@ static void panic(int sig) exit(114); } // Catch coredump signal. -void register_signal(void) +void ruri_register_signal(void) { /* * Only SIGSEGV means segmentation fault, diff --git a/src/umount.c b/src/umount.c index ef29ffe..203cfc5 100644 --- a/src/umount.c +++ b/src/umount.c @@ -29,7 +29,7 @@ */ #include "include/ruri.h" // Umount container. -void umount_container(const char *_Nonnull container_dir) +void ruri_umount_container(const char *_Nonnull container_dir) { /* * Read /.rurienv file and umount all mountpoints, @@ -37,20 +37,20 @@ void umount_container(const char *_Nonnull container_dir) * and umount system runtime directories. */ if (container_dir == NULL) { - error("{red}Error: container directory does not exist QwQ\n"); + ruri_error("{red}Error: container directory does not exist QwQ\n"); } // Do not use '/' for container_dir. if (strcmp(container_dir, "/") == 0) { - error("{red}Error: `/` is not allowed to use as a container directory QwQ\n"); + ruri_error("{red}Error: `/` is not allowed to use as a container directory QwQ\n"); } // Check if container_dir exist. char *test = realpath(container_dir, NULL); if (test == NULL) { - error("{red}Error: container directory does not exist QwQ\n"); + ruri_error("{red}Error: container directory does not exist QwQ\n"); } free(test); - struct CONTAINER *container = read_info(NULL, container_dir); - log("{base}Umounting container...\n"); + struct RURI_CONTAINER *container = ruri_read_info(NULL, container_dir); + ruri_log("{base}Umounting container...\n"); char infofile[PATH_MAX] = { '\0' }; sprintf(infofile, "%s/.rurienv", container_dir); int fd = open(infofile, O_RDONLY | O_CLOEXEC); @@ -63,7 +63,7 @@ void umount_container(const char *_Nonnull container_dir) remove(infofile); close(fd); } else { - warning("{yellow}Warning: .rurienv does not exist\n"); + ruri_warning("{yellow}Warning: .rurienv does not exist\n"); } // Get path to umount. char sys_dir[PATH_MAX]; @@ -83,7 +83,7 @@ void umount_container(const char *_Nonnull container_dir) if (container->extra_mountpoint[i] != NULL) { strcpy(to_umountpoint, container_dir); strcat(to_umountpoint, container->extra_mountpoint[i]); - log("{base}Umounting %s\n", to_umountpoint); + ruri_log("{base}Umounting %s\n", to_umountpoint); for (int j = 0; j < 10; j++) { umount2(to_umountpoint, MNT_DETACH); umount(to_umountpoint); @@ -104,7 +104,7 @@ void umount_container(const char *_Nonnull container_dir) strcpy(to_umountpoint, container_dir); strcat(to_umountpoint, container->extra_ro_mountpoint[i]); for (int j = 0; j < 10; j++) { - log("{base}Umounting %s\n", to_umountpoint); + ruri_log("{base}Umounting %s\n", to_umountpoint); umount2(to_umountpoint, MNT_DETACH); umount(to_umountpoint); usleep(20000); @@ -121,10 +121,10 @@ void umount_container(const char *_Nonnull container_dir) } // Force umount system runtime directories for 10 times. // Not necessary, but I think it's more secure. - log("{base}Umounting %s\n", sys_dir); - log("{base}Umounting %s\n", proc_dir); - log("{base}Umounting %s\n", dev_dir); - log("{base}Umounting %s\n", container_dir); + ruri_log("{base}Umounting %s\n", sys_dir); + ruri_log("{base}Umounting %s\n", proc_dir); + ruri_log("{base}Umounting %s\n", dev_dir); + ruri_log("{base}Umounting %s\n", container_dir); for (int i = 1; i < 10; i++) { umount2(sys_dir, MNT_DETACH | MNT_FORCE); usleep(2000); @@ -137,11 +137,11 @@ void umount_container(const char *_Nonnull container_dir) } // Kill ns_pid. if (container->ns_pid > 0) { - log("Kill ns pid: %d\n", container->ns_pid); + ruri_log("Kill ns pid: %d\n", container->ns_pid); kill(container->ns_pid, SIGKILL); } // Kill all processes in container. - kill_container(container_dir); + ruri_kill_container(container_dir); // Make Asan happy. free(container); } diff --git a/src/unshare.c b/src/unshare.c index 84d69eb..4d55587 100644 --- a/src/unshare.c +++ b/src/unshare.c @@ -28,8 +28,8 @@ * */ #include "include/ruri.h" -// For run_unshare_container(). -static pid_t init_unshare_container(struct CONTAINER *_Nonnull container) +// For ruri_run_unshare_container(). +static pid_t init_unshare_container(struct RURI_CONTAINER *_Nonnull container) { /* * Use unshare(2) to create new namespaces and fork(2) to join them. @@ -41,36 +41,36 @@ static pid_t init_unshare_container(struct CONTAINER *_Nonnull container) pid_t unshare_pid = INIT_VALUE; // Create namespaces. if (unshare(CLONE_NEWNS) == -1 && !container->no_warnings) { - warning("{yellow}Warning: seems that mount namespace is not supported on this device QwQ{clear}\n"); + ruri_warning("{yellow}Warning: seems that mount namespace is not supported on this device QwQ{clear}\n"); } if (unshare(CLONE_NEWUTS) == -1 && !container->no_warnings) { - warning("{yellow}Warning: seems that uts namespace is not supported on this device QwQ{clear}\n"); + ruri_warning("{yellow}Warning: seems that uts namespace is not supported on this device QwQ{clear}\n"); } if (unshare(CLONE_NEWIPC) == -1 && !container->no_warnings) { - warning("{yellow}Warning: seems that ipc namespace is not supported on this device QwQ{clear}\n"); + ruri_warning("{yellow}Warning: seems that ipc namespace is not supported on this device QwQ{clear}\n"); } if (unshare(CLONE_NEWPID) == -1 && !container->no_warnings) { - warning("{yellow}Warning: seems that pid namespace is not supported on this device QwQ{clear}\n"); + ruri_warning("{yellow}Warning: seems that pid namespace is not supported on this device QwQ{clear}\n"); } if (unshare(CLONE_NEWCGROUP) == -1 && !container->no_warnings) { - warning("{yellow}Warning: seems that cgroup namespace is not supported on this device QwQ{clear}\n"); + ruri_warning("{yellow}Warning: seems that cgroup namespace is not supported on this device QwQ{clear}\n"); } if (unshare(CLONE_NEWTIME) == -1 && !container->no_warnings) { - warning("{yellow}Warning: seems that time namespace is not supported on this device QwQ{clear}\n"); + ruri_warning("{yellow}Warning: seems that time namespace is not supported on this device QwQ{clear}\n"); } if (unshare(CLONE_SYSVSEM) == -1 && !container->no_warnings) { - warning("{yellow}Warning: seems that semaphore namespace is not supported on this device QwQ{clear}\n"); + ruri_warning("{yellow}Warning: seems that semaphore namespace is not supported on this device QwQ{clear}\n"); } if (unshare(CLONE_FILES) == -1 && !container->no_warnings) { - warning("{yellow}Warning: seems that we could not unshare file descriptors with child process QwQ{clear}\n"); + ruri_warning("{yellow}Warning: seems that we could not unshare file descriptors with child process QwQ{clear}\n"); } if (unshare(CLONE_FS) == -1 && !container->no_warnings) { - warning("{yellow}Warning: seems that we could not unshare filesystem information with child process QwQ{clear}\n"); + ruri_warning("{yellow}Warning: seems that we could not unshare filesystem information with child process QwQ{clear}\n"); } // Disable network. if (container->no_network) { if (unshare(CLONE_NEWNET) == -1) { - error("{red}Failed to unshare network namespace, --no-network cannot be enabled QwQ\n"); + ruri_error("{red}Failed to unshare network namespace, --no-network cannot be enabled QwQ\n"); } } // Fork itself into namespace. @@ -80,19 +80,19 @@ static pid_t init_unshare_container(struct CONTAINER *_Nonnull container) // Store container info. if (container->use_rurienv) { container->ns_pid = unshare_pid; - store_info(container); + ruri_store_info(container); } // Fix `can't access tty` issue. int stat = 0; waitpid(unshare_pid, &stat, 0); exit(stat); } else if (unshare_pid < 0) { - error("{red}Fork error, QwQ?\n"); + ruri_error("{red}Fork error, QwQ?\n"); } return unshare_pid; } -// For run_unshare_container(). -static pid_t join_ns(struct CONTAINER *_Nonnull container) +// For ruri_run_unshare_container(). +static pid_t join_ns(struct RURI_CONTAINER *_Nonnull container) { /* * Use setns(2) to enter existing namespaces. @@ -115,61 +115,61 @@ static pid_t join_ns(struct CONTAINER *_Nonnull container) int ns_fd = INIT_VALUE; ns_fd = open(pid_ns_file, O_RDONLY | O_CLOEXEC); if (ns_fd < 0 && !container->no_warnings) { - warning("{yellow}Warning: seems that pid namespace is not supported on this device QwQ{clear}\n"); + ruri_warning("{yellow}Warning: seems that pid namespace is not supported on this device QwQ{clear}\n"); } else { usleep(1000); if (setns(ns_fd, CLONE_NEWPID) == -1) { - error("{red}Failed to setns pid namespace QwQ\n"); + ruri_error("{red}Failed to setns pid namespace QwQ\n"); } close(ns_fd); } ns_fd = open(time_ns_file, O_RDONLY | O_CLOEXEC); if (ns_fd < 0 && !container->no_warnings) { - warning("{yellow}Warning: seems that time namespace is not supported on this device QwQ{clear}\n"); + ruri_warning("{yellow}Warning: seems that time namespace is not supported on this device QwQ{clear}\n"); } else { usleep(1000); if (setns(ns_fd, CLONE_NEWTIME) == -1) { - error("{red}Failed to setns time namespace QwQ\n"); + ruri_error("{red}Failed to setns time namespace QwQ\n"); } close(ns_fd); } ns_fd = open(uts_ns_file, O_RDONLY | O_CLOEXEC); if (ns_fd < 0 && !container->no_warnings) { - warning("{yellow}Warning: seems that uts namespace is not supported on this device QwQ{clear}\n"); + ruri_warning("{yellow}Warning: seems that uts namespace is not supported on this device QwQ{clear}\n"); } else { usleep(1000); if (setns(ns_fd, CLONE_NEWUTS) == -1) { - error("{red}Failed to setns uts namespace QwQ\n"); + ruri_error("{red}Failed to setns uts namespace QwQ\n"); } close(ns_fd); } ns_fd = open(cgroup_ns_file, O_RDONLY | O_CLOEXEC); if (ns_fd < 0 && !container->no_warnings) { - warning("{yellow}Warning: seems that cgroup namespace is not supported on this device QwQ{clear}\n"); + ruri_warning("{yellow}Warning: seems that cgroup namespace is not supported on this device QwQ{clear}\n"); } else { usleep(1000); if (setns(ns_fd, CLONE_NEWCGROUP) == -1) { - error("{red}Failed to setns cgroup namespace QwQ\n"); + ruri_error("{red}Failed to setns cgroup namespace QwQ\n"); } close(ns_fd); } ns_fd = open(ipc_ns_file, O_RDONLY | O_CLOEXEC); if (ns_fd < 0 && !container->no_warnings) { - warning("{yellow}Warning: seems that ipc namespace is not supported on this device QwQ{clear}\n"); + ruri_warning("{yellow}Warning: seems that ipc namespace is not supported on this device QwQ{clear}\n"); } else { usleep(1000); if (setns(ns_fd, CLONE_NEWIPC) == -1) { - error("{red}Failed to setns ipc namespace QwQ\n"); + ruri_error("{red}Failed to setns ipc namespace QwQ\n"); } close(ns_fd); } ns_fd = open(mount_ns_file, O_RDONLY | O_CLOEXEC); if (ns_fd < 0 && !container->no_warnings) { - warning("{yellow}Warning: seems that mount namespace is not supported on this device QwQ{clear}\n"); + ruri_warning("{yellow}Warning: seems that mount namespace is not supported on this device QwQ{clear}\n"); } else { usleep(1000); if (setns(ns_fd, CLONE_NEWNS) == -1) { - error("{red}Failed to setns mount namespace QwQ\n"); + ruri_error("{red}Failed to setns mount namespace QwQ\n"); } close(ns_fd); } @@ -179,10 +179,10 @@ static pid_t join_ns(struct CONTAINER *_Nonnull container) sprintf(net_ns_file, "%s%d%s", "/proc/", container->ns_pid, "/ns/net"); ns_fd = open(net_ns_file, O_RDONLY | O_CLOEXEC); if (ns_fd < 0) { - error("{red}--no-network detected, but failed to open network namespace QwQ\n"); + ruri_error("{red}--no-network detected, but failed to open network namespace QwQ\n"); } if (setns(ns_fd, CLONE_NEWNET) == -1) { - error("{red}--no-network detected, but failed to setns network namespace QwQ\n"); + ruri_error("{red}--no-network detected, but failed to setns network namespace QwQ\n"); } } // Close fds after fork(). @@ -199,13 +199,13 @@ static pid_t join_ns(struct CONTAINER *_Nonnull container) } // Maybe this will never be run. else if (unshare_pid < 0) { - error("{red}Fork error, QwQ?\n"); + ruri_error("{red}Fork error, QwQ?\n"); return 1; } return unshare_pid; } // Run unshare container. -void run_unshare_container(struct CONTAINER *_Nonnull container) +void ruri_run_unshare_container(struct RURI_CONTAINER *_Nonnull container) { /* * We first read /.rurienv file to get container config. @@ -215,16 +215,16 @@ void run_unshare_container(struct CONTAINER *_Nonnull container) pid_t unshare_pid = INIT_VALUE; // unshare(2) itself into new namespaces. if (container->use_rurienv) { - container = read_info(container, container->container_dir); + container = ruri_read_info(container, container->container_dir); } if (container->ns_pid < 0) { unshare_pid = init_unshare_container(container); } else { unshare_pid = join_ns(container); } - log("{base}ns pid: %d\n", container->ns_pid); + ruri_log("{base}ns pid: %d\n", container->ns_pid); // Check if we have joined the container's namespaces. if (unshare_pid == 0) { - run_chroot_container(container); + ruri_run_chroot_container(container); } }