diff options
| author | Tiago Natel de Moura <t.nateldemoura@f5.com> | 2020-05-28 14:57:41 +0100 |
|---|---|---|
| committer | Tiago Natel de Moura <t.nateldemoura@f5.com> | 2020-05-28 14:57:41 +0100 |
| commit | e2b53e16c60ba1e3bbbe59172c184e97f889326b (patch) | |
| tree | f2bda4ea966657fc52189d154e1d6afcb767973f /auto/isolation | |
| parent | e9e5ddd5a5d9ce99768833137eac2551a710becf (diff) | |
| download | unit-e2b53e16c60ba1e3bbbe59172c184e97f889326b.tar.gz unit-e2b53e16c60ba1e3bbbe59172c184e97f889326b.tar.bz2 | |
Added "rootfs" feature.
Diffstat (limited to 'auto/isolation')
| -rw-r--r-- | auto/isolation | 130 |
1 files changed, 130 insertions, 0 deletions
diff --git a/auto/isolation b/auto/isolation index d231de12..4238b859 100644 --- a/auto/isolation +++ b/auto/isolation @@ -6,6 +6,9 @@ NXT_ISOLATION=NO NXT_HAVE_CLONE=NO NXT_HAVE_CLONE_NEWUSER=NO +NXT_HAVE_MOUNT=NO +NXT_HAVE_UNMOUNT=NO +NXT_HAVE_ROOTFS=NO nsflags="USER NS PID NET UTS CGROUP" @@ -55,3 +58,130 @@ if [ $nxt_found = yes ]; then fi done fi + + +nxt_feature="Linux pivot_root()" +nxt_feature_name=NXT_HAVE_PIVOT_ROOT +nxt_feature_run=no +nxt_feature_incs= +nxt_feature_libs= +nxt_feature_test="#include <sys/syscall.h> + + int main() { + return __NR_pivot_root; + }" +. auto/feature + + +nxt_feature="prctl(PR_SET_NO_NEW_PRIVS)" +nxt_feature_name=NXT_HAVE_PR_SET_NO_NEW_PRIVS0 +nxt_feature_run=no +nxt_feature_incs= +nxt_feature_libs= +nxt_feature_test="#include <sys/prctl.h> + + int main() { + return PR_SET_NO_NEW_PRIVS; + }" +. auto/feature + + +nxt_feature="Linux mount()" +nxt_feature_name=NXT_HAVE_LINUX_MOUNT +nxt_feature_run=no +nxt_feature_incs= +nxt_feature_libs= +nxt_feature_test="#include <sys/mount.h> + + int main() { + return mount((void*)0, (void*)0, (void*)0, 0, (void*)0); + }" +. auto/feature + +if [ $nxt_found = yes ]; then + NXT_HAVE_MOUNT=YES +fi + + +nxt_feature="Bind mount()" +nxt_feature_name=NXT_HAVE_BIND_MOUNT +nxt_feature_run=no +nxt_feature_incs= +nxt_feature_libs= +nxt_feature_test="#include <sys/mount.h> + + int main() { + return MS_BIND | MS_REC + }" +. auto/feature + +if [ $nxt_found = yes ]; then + NXT_HAVE_MOUNT=YES +fi + + +if [ $nxt_found = no ]; then + nxt_feature="FreeBSD nmount()" + nxt_feature_name=NXT_HAVE_FREEBSD_NMOUNT + nxt_feature_run=no + nxt_feature_incs= + nxt_feature_libs= + nxt_feature_test="#include <sys/mount.h> + + int main() { + return nmount((void *)0, 0, 0); + }" + . auto/feature + + if [ $nxt_found = yes ]; then + NXT_HAVE_MOUNT=YES + fi +fi + + +nxt_feature="Linux umount2()" +nxt_feature_name=NXT_HAVE_LINUX_UMOUNT2 +nxt_feature_run=no +nxt_feature_incs= +nxt_feature_libs= +nxt_feature_test="#include <sys/mount.h> + + int main() { + return umount2((void *)0, 0); + }" +. auto/feature + +if [ $nxt_found = yes ]; then + NXT_HAVE_UNMOUNT=YES +fi + +if [ $nxt_found = no ]; then + nxt_feature="unmount()" + nxt_feature_name=NXT_HAVE_UNMOUNT + nxt_feature_run=no + nxt_feature_incs= + nxt_feature_libs= + nxt_feature_test="#include <sys/mount.h> + + int main() { + return unmount((void *)0, 0); + }" + . auto/feature + + if [ $nxt_found = yes ]; then + NXT_HAVE_UNMOUNT=YES + fi +fi + +if [ $NXT_HAVE_MOUNT = YES -a $NXT_HAVE_UNMOUNT = YES ]; then + NXT_HAVE_ROOTFS=YES + + cat << END >> $NXT_AUTO_CONFIG_H + +#ifndef NXT_HAVE_ISOLATION_ROOTFS +#define NXT_HAVE_ISOLATION_ROOTFS 1 +#endif + +END + +fi |