|
|
@ -15,8 +15,9 @@ proc mount(source: cstring, target: cstring, filesystemtype: cstring,
|
|
|
|
mountflags: culong, data: pointer): cint {.importc, header:"<sys/mount.h>"}
|
|
|
|
mountflags: culong, data: pointer): cint {.importc, header:"<sys/mount.h>"}
|
|
|
|
|
|
|
|
|
|
|
|
const
|
|
|
|
const
|
|
|
|
GID_MAP = "/proc/self/gid_map"
|
|
|
|
|
|
|
|
UID_MAP = "/proc/self/uid_map"
|
|
|
|
UID_MAP = "/proc/self/uid_map"
|
|
|
|
|
|
|
|
GID_MAP = "/proc/self/gid_map"
|
|
|
|
|
|
|
|
SETGROUPS = "/proc/self/setgroups"
|
|
|
|
|
|
|
|
|
|
|
|
proc virtiofsd(paths: seq[string]): Pid =
|
|
|
|
proc virtiofsd(paths: seq[string]): Pid =
|
|
|
|
let uid = getuid()
|
|
|
|
let uid = getuid()
|
|
|
@ -36,6 +37,7 @@ proc virtiofsd(paths: seq[string]): Pid =
|
|
|
|
|
|
|
|
|
|
|
|
# map our uid to root
|
|
|
|
# map our uid to root
|
|
|
|
writeFile(UID_MAP, &"0 {uid} 1")
|
|
|
|
writeFile(UID_MAP, &"0 {uid} 1")
|
|
|
|
|
|
|
|
writeFile(SETGROUPS, "deny")
|
|
|
|
writeFile(GID_MAP, &"0 {gid} 1")
|
|
|
|
writeFile(GID_MAP, &"0 {gid} 1")
|
|
|
|
|
|
|
|
|
|
|
|
# create a tmpfs in /var/run so virtiofsd can write there
|
|
|
|
# create a tmpfs in /var/run so virtiofsd can write there
|
|
|
@ -61,29 +63,35 @@ proc virtiofsd(paths: seq[string]): Pid =
|
|
|
|
for process in procs:
|
|
|
|
for process in procs:
|
|
|
|
discard waitForExit(process)
|
|
|
|
discard waitForExit(process)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
quit(0)
|
|
|
|
|
|
|
|
|
|
|
|
proc qemu*(args: OptParser) =
|
|
|
|
proc qemu*(args: OptParser) =
|
|
|
|
let childPid = virtiofsd(@["/tmp", "/home"])
|
|
|
|
let childPid = virtiofsd(@["/tmp", "/home"])
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
let args = @[
|
|
|
|
|
|
|
|
"-enable-kvm", "-cpu", "host", "-m", "512m", "-smp", "2",
|
|
|
|
|
|
|
|
"-kernel", "/home/martin/code/qemu/build-image/image/vmlinuz-linux",
|
|
|
|
|
|
|
|
"-append", "earlyprintk=ttyS0 console=ttyS0 root=/dev/vda rw quiet",
|
|
|
|
|
|
|
|
"-initrd" , "/home/martin/code/qemu/build-image/image/initramfs-linux-custom.img",
|
|
|
|
|
|
|
|
"-m", "4G", "-object", "memory-backend-file,id=mem,size=4G,mem-path=/dev/shm,share=on", "-numa", "node,memdev=mem",
|
|
|
|
|
|
|
|
"-device", "virtio-rng-pci",
|
|
|
|
|
|
|
|
"-bios", "/usr/share/qemu/qboot.rom",
|
|
|
|
|
|
|
|
"-drive", "if=virtio,file=/home/martin/code/qemu/build-image/image/image.qcow2",
|
|
|
|
|
|
|
|
"-netdev", "user,id=net0,hostfwd=tcp::2222-:22",
|
|
|
|
|
|
|
|
"-device", "virtio-net-pci,netdev=net0",
|
|
|
|
|
|
|
|
"-nodefaults", "-no-user-config", "-nographic",
|
|
|
|
|
|
|
|
"-chardev", "socket,id=share.1,path=/tmp/mount.0.sock",
|
|
|
|
|
|
|
|
"-device", "vhost-user-fs-pci,queue-size=1024,chardev=share.1,tag=share.1",
|
|
|
|
|
|
|
|
"-serial", "stdio"
|
|
|
|
|
|
|
|
]
|
|
|
|
|
|
|
|
|
|
|
|
let qemu = startProcess(
|
|
|
|
let qemu = startProcess(
|
|
|
|
command = "qemu-system-x86_64",
|
|
|
|
command = "qemu-system-x86_64",
|
|
|
|
options = {poParentStreams, poUsePath},
|
|
|
|
options = {poParentStreams, poUsePath},
|
|
|
|
args = @[
|
|
|
|
args = args
|
|
|
|
"-enable-kvm", "-cpu", "host", "-m", "512m", "-smp", "2",
|
|
|
|
|
|
|
|
"-kernel", "/home/martin/code/qemu/build-image/image/vmlinuz-linux",
|
|
|
|
|
|
|
|
"-append", "earlyprintk=ttyS0 console=ttyS0 root=/dev/vda rw quiet",
|
|
|
|
|
|
|
|
"-initrd" , "/home/martin/code/qemu/build-image/image/initramfs-linux-custom.img",
|
|
|
|
|
|
|
|
"-m", "4G", "-object", "memory-backend-file,id=mem,size=4G,mem-path=/dev/shm,share=on", "-numa", "node,memdev=mem",
|
|
|
|
|
|
|
|
"-device", "virtio-rng-pci",
|
|
|
|
|
|
|
|
"-bios", "/usr/share/qemu/qboot.rom",
|
|
|
|
|
|
|
|
"-drive", "if=virtio,file=/home/martin/code/qemu/build-image/image/image.qcow2",
|
|
|
|
|
|
|
|
"-netdev", "user,id=net0,hostfwd=tcp::2222-:22",
|
|
|
|
|
|
|
|
"-device", "virtio-net-pci,netdev=net0",
|
|
|
|
|
|
|
|
"-nodefaults", "-no-user-config", "-nographic",
|
|
|
|
|
|
|
|
"-serial", "stdio"
|
|
|
|
|
|
|
|
]
|
|
|
|
|
|
|
|
)
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
discard waitForExit(qemu)
|
|
|
|
discard waitForExit(qemu)
|
|
|
|
|
|
|
|
|
|
|
|
#discard kill(childPid, SIGTERM)
|
|
|
|
discard kill(childPid, SIGTERM)
|
|
|
|
#discard waitPid(childPid,cast[var cint](nil),0)
|
|
|
|
discard waitPid(childPid,cast[var cint](nil),0)
|
|
|
|