technocloud-public/nginx-unit
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Isolation: added "automount" option.

Browse Source 
Now it's possible to disable default bind mounts of
languages by setting:

  {
      "isolation": {
           "automount": {
               "language_deps": false
           }
     }
  }

In this case, the user is responsible to provide a "rootfs"
containing the language libraries and required files for
the application.
This commit is contained in:
Tiago Natel de Moura
2020-08-25 15:25:51 +01:00
parent 244ffb2829
commit b65a8636bb
9 changed files with 112 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
auto/modules/java
View File

@@ -326,11 +326,11 @@ cat << END > $NXT_BUILD_DIR/$NXT_JAVA_MOUNTS_HEADER
static const nxt_fs_mount_t nxt_java_mounts[] = {
{(u_char *) "proc", (u_char *) "/proc", (u_char *) "proc", 0, NULL},
{(u_char *) "proc", (u_char *) "/proc", (u_char *) "proc", 0, NULL, 1},
{(u_char *) "$NXT_JAVA_LIBC_DIR", (u_char *) "$NXT_JAVA_LIBC_DIR",
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL},
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1},
{(u_char *) "$NXT_JAVA_HOME", (u_char *) "$NXT_JAVA_HOME",
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL},
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1},
};

6
auto/modules/php
View File

@@ -233,11 +233,11 @@ NXT_PHP_MOUNTS_HEADER=nxt_${NXT_PHP_MODULE}_mounts.h
cat << END > $NXT_BUILD_DIR/$NXT_PHP_MOUNTS_HEADER
static const nxt_fs_mount_t nxt_php_mounts[] = {
{(u_char *) "$NXT_PHP_EXT_DIR", (u_char *) "$NXT_PHP_EXT_DIR",
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL},
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1},
{(u_char *) "$NXT_PHP_LIBC_DIR", (u_char *) "$NXT_PHP_LIBC_DIR",
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL},
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1},
{(u_char *) "$NXT_PHP_SYSLIB_DIR", (u_char *) "$NXT_PHP_SYSLIB_DIR",
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL},
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1},
};
END

2
auto/modules/python
View File

@@ -138,7 +138,7 @@ pyver = "python" + str(sys.version_info[0]) + "." + str(sys.version_info[1])
print("static const nxt_fs_mount_t nxt_python_mounts[] = {")
pattern = "{(u_char *) \"%s\", (u_char *) \"%s\", (u_char *) \"bind\", NXT_MS_BIND|NXT_MS_REC, NULL},"
pattern = "{(u_char *) \"%s\", (u_char *) \"%s\", (u_char *) \"bind\", NXT_MS_BIND|NXT_MS_REC, NULL, 1},"
base = None
for p in sys.path:
if len(p) > 0:

14
auto/modules/ruby
View File

@@ -156,23 +156,23 @@ cat << END > $NXT_RUBY_MOUNTS_PATH
static const nxt_fs_mount_t nxt_ruby_mounts[] = {
{(u_char *) "$NXT_RUBY_RUBYHDRDIR", (u_char *) "$NXT_RUBY_RUBYHDRDIR",
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL},
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1},
{(u_char *) "$NXT_RUBY_ARCHHDRDIR", (u_char *) "$NXT_RUBY_ARCHHDRDIR",
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL},
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1},
{(u_char *) "$NXT_RUBY_SITEDIR", (u_char *) "$NXT_RUBY_SITEDIR",
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL},
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1},
{(u_char *) "$NXT_RUBY_LIBDIR", (u_char *) "$NXT_RUBY_LIBDIR",
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL},
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1},
{(u_char *) "$NXT_RUBY_TOPDIR", (u_char *) "$NXT_RUBY_TOPDIR",
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL},
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1},
{(u_char *) "$NXT_RUBY_PREFIXDIR", (u_char *) "$NXT_RUBY_PREFIXDIR",
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL},
(u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1},
END
for path in `echo $NXT_RUBY_GEMPATH | tr ':' '\n'`; do
$echo "{(u_char *) \"$path\", (u_char *) \"$path\"," >> $NXT_RUBY_MOUNTS_PATH
$echo "(u_char *) \"bind\", NXT_MS_BIND | NXT_MS_REC, NULL}," >> $NXT_RUBY_MOUNTS_PATH
$echo "(u_char *) \"bind\", NXT_MS_BIND | NXT_MS_REC, NULL, 1}," >> $NXT_RUBY_MOUNTS_PATH
done
$echo "};" >> $NXT_RUBY_MOUNTS_PATH