technocloud-public/nginx-unit
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Isolation: mounting of procfs by default when using "rootfs".

Browse Source
This commit is contained in:
Tiago Natel de Moura
2020-10-29 20:30:53 +00:00
parent 417f5d911d
commit 0390cb3a61
15 changed files with 355 additions and 200 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
auto/modules/java
View File

@@ -326,11 +326,10 @@ cat << END > $NXT_BUILD_DIR/$NXT_JAVA_MOUNTS_HEADER
static const nxt_fs_mount_t nxt_java_mounts[] = {
{(u_char *) "proc", (u_char *) "/proc", (u_char *) "proc", 0, NULL, 1},
{(u_char *) "$NXT_JAVA_LIBC_DIR", (u_char *) "$NXT_JAVA_LIBC_DIR",
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1},
NXT_FS_BIND, (u_char *) "bind", 0, NULL, 1, 1},
{(u_char *) "$NXT_JAVA_HOME", (u_char *) "$NXT_JAVA_HOME",
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1},
NXT_FS_BIND, (u_char *) "bind", 0, NULL, 1, 1},
};

2
auto/modules/python
View File

@@ -138,7 +138,7 @@ pyver = "python" + str(sys.version_info[0]) + "." + str(sys.version_info[1])
print("static const nxt_fs_mount_t nxt_python_mounts[] = {")
pattern = "{(u_char *) \"%s\", (u_char *) \"%s\", (u_char *) \"bind\", NXT_MS_BIND|NXT_MS_REC, NULL, 1},"
pattern = "{(u_char *) \"%s\", (u_char *) \"%s\", NXT_FS_BIND, (u_char *) \"bind\", 0, NULL, 1, 1},"
base = None
for p in sys.path:
if len(p) > 0:

14
auto/modules/ruby
View File

@@ -156,23 +156,23 @@ cat << END > $NXT_RUBY_MOUNTS_PATH
static const nxt_fs_mount_t nxt_ruby_mounts[] = {
{(u_char *) "$NXT_RUBY_RUBYHDRDIR", (u_char *) "$NXT_RUBY_RUBYHDRDIR",
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1},
NXT_FS_BIND, (u_char *) "bind", 0, NULL, 1, 1},
{(u_char *) "$NXT_RUBY_ARCHHDRDIR", (u_char *) "$NXT_RUBY_ARCHHDRDIR",
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1},
NXT_FS_BIND, (u_char *) "bind", 0, NULL, 1, 1},
{(u_char *) "$NXT_RUBY_SITEDIR", (u_char *) "$NXT_RUBY_SITEDIR",
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1},
NXT_FS_BIND, (u_char *) "bind", 0, NULL, 1, 1},
{(u_char *) "$NXT_RUBY_LIBDIR", (u_char *) "$NXT_RUBY_LIBDIR",
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1},
NXT_FS_BIND, (u_char *) "bind", 0, NULL, 1, 1},
{(u_char *) "$NXT_RUBY_TOPDIR", (u_char *) "$NXT_RUBY_TOPDIR",
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1},
NXT_FS_BIND, (u_char *) "bind", 0, NULL, 1, 1},
{(u_char *) "$NXT_RUBY_PREFIXDIR", (u_char *) "$NXT_RUBY_PREFIXDIR",
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1},
NXT_FS_BIND, (u_char *) "bind", 0, NULL, 1, 1},
END
for path in `echo $NXT_RUBY_GEMPATH | tr ':' '\n'`; do
$echo "{(u_char *) \"$path\", (u_char *) \"$path\"," >> $NXT_RUBY_MOUNTS_PATH
$echo "(u_char *) \"bind\", NXT_MS_BIND | NXT_MS_REC, NULL, 1}," >> $NXT_RUBY_MOUNTS_PATH
$echo "NXT_FS_BIND, (u_char *) \"bind\", 0, NULL, 1, 1}," >> $NXT_RUBY_MOUNTS_PATH
done
$echo "};" >> $NXT_RUBY_MOUNTS_PATH