wip

2025-04-13 16:58:15 +03:00
parent 8070112bf2
commit a51a8ab963
12 changed files with 442 additions and 173 deletions
--- a/internal.go
+++ b/internal.go
@ -17,8 +17,13 @@
 package main

 import (
+	"fmt"
 	"log/slog"
 	"os"
+	"os/exec"
+	"os/user"
+	"path/filepath"
+	"strings"
 	"syscall"

 	"github.com/hashicorp/go-hclog"
@ -47,10 +52,6 @@ func InternalBuildCmd() *cli.Command {
 				slog.Error("aa", "err", err)
 				os.Exit(1)
 			}
-			slog.Info("",
-				"uid", os.Getuid(),
-				"gid", os.Getgid(),
-			)
 			cfg := config.New()
 			err = cfg.Load()
 			if err != nil {
@ -131,3 +132,135 @@ func InternalInstallCmd() *cli.Command {
 		},
 	}
 }
+
+func InternalMountCmd() *cli.Command {
+	return &cli.Command{
+		Name:     "_internal-mount",
+		HideHelp: true,
+		Hidden:   true,
+		Action: func(c *cli.Context) error {
+			sourceDir := c.Args().First()
+
+			u, _ := user.Current()
+
+			logger.SetupForGoPlugin()
+			err := syscall.Setuid(0)
+			if err != nil {
+				slog.Error("Failed to setuid(0)", "err", err)
+				os.Exit(1)
+			}
+
+			alrRunDir := "/var/run/alr"
+			err = os.MkdirAll(alrRunDir, 0o750)
+			if err != nil {
+				slog.Error("Error creating /var/run/alr directory", "err", err)
+				os.Exit(1)
+			}
+
+			_, gid, _ := utils.GetUidGidAlrUser()
+
+			// Меняем группу на alr и права
+			err = os.Chown(alrRunDir, 0, gid) // root:alr
+			if err != nil {
+				slog.Error("Failed to chown /var/run/alr", "err", err)
+				os.Exit(1)
+			}
+
+			// Создаем поддиректорию для bindfs
+			targetDir := filepath.Join(alrRunDir, fmt.Sprintf("bindfs-%d", os.Getpid()))
+			err = os.MkdirAll(targetDir, 0o750) // 0750: владелец (root) и группа (alr) имеют доступ
+			if err != nil {
+				slog.Error("Error creating bindfs target directory", "err", err)
+				os.Exit(1)
+			}
+
+			// Устанавливаем владельца и группу (root:alr)
+			err = os.Chown(targetDir, 0, gid)
+			if err != nil {
+				slog.Error("Failed to chown bindfs directory", "err", err)
+				os.Exit(1)
+			}
+
+			bindfsCmd := exec.Command(
+				"bindfs",
+				fmt.Sprintf("--map=%s/alr:@%s/@alr", u.Uid, u.Gid),
+				sourceDir,
+				targetDir,
+			)
+
+			bindfsCmd.Stderr = os.Stderr
+
+			if err := bindfsCmd.Start(); err != nil {
+				slog.Error("Error starting bindfs", "err", err)
+				os.Exit(1)
+			}
+
+			fmt.Print(targetDir)
+
+			return nil
+		},
+	}
+}
+
+func InternalUnmountCmd() *cli.Command {
+	return &cli.Command{
+		Name:     "_internal-umount",
+		HideHelp: true,
+		Hidden:   true,
+		Action: func(c *cli.Context) error {
+			currentUser, err := user.Current()
+			if err != nil {
+				slog.Error("Failed to get current user", "err", err)
+				os.Exit(1)
+			}
+
+			uid, gid, err := utils.GetUidGidAlrUserString()
+			if err != nil {
+				slog.Error("Failed to get alr user info", "err", err)
+				os.Exit(1)
+			}
+
+			if currentUser.Uid != uid && currentUser.Gid != gid {
+				slog.Error("Only alr user can unmount these directories")
+				os.Exit(1)
+			}
+
+			targetDir := c.Args().First()
+			if targetDir == "" {
+				slog.Error("No target directory specified")
+				os.Exit(1)
+			}
+
+			if !strings.HasPrefix(targetDir, "/var/run/alr/") {
+				slog.Error("Can only unmount directories under /var/run/alr")
+				os.Exit(1)
+			}
+
+			if _, err := os.Stat(targetDir); os.IsNotExist(err) {
+				slog.Error("Target directory does not exist", "dir", targetDir)
+				os.Exit(1)
+			}
+
+			err = syscall.Setuid(0)
+			if err != nil {
+				slog.Error("Failed to setuid(0)", "err", err)
+				os.Exit(1)
+			}
+
+			umountCmd := exec.Command("umount", targetDir)
+			umountCmd.Stderr = os.Stderr
+
+			if err := umountCmd.Run(); err != nil {
+				slog.Error("Error unmounting directory", "dir", targetDir, "err", err)
+				os.Exit(1)
+			}
+
+			if err := os.Remove(targetDir); err != nil {
+				slog.Error("Error removing directory", "dir", targetDir, "err", err)
+				os.Exit(1)
+			}
+
+			return nil
+		},
+	}
+}