diff options
| author | Doug Rabson <dfr@FreeBSD.org> | 2022-11-07 16:56:09 +0000 |
|---|---|---|
| committer | Doug Rabson <dfr@FreeBSD.org> | 2023-01-06 07:57:57 +0000 |
| commit | 823dfd17e27c2561119b1de9b04dc28d8e709b1a (patch) | |
| tree | 9fb0e3bb98d7da043361ddd8a4e35952452446b0 /sbin/mount_nullfs/mount_nullfs.c | |
| parent | 77c0992af4e3b013915ae84ef3d831f470ea5dd5 (diff) | |
Add support for mounting single files in nullfs
My main use-case for this is to support mounting config files and secrets
into OCI containers. My current workaround copies the files into the
container which is messy and risks secrets leaking into container images
if the cleanup fails.
Reviewed by: mjg, kib
Tested by: pho
Differential Revision: https://reviews.freebsd.org/D37478
(cherry picked from commit a3f714c4ff8cf3754520f330abe783aa6a06dcdb)
Diffstat (limited to 'sbin/mount_nullfs/mount_nullfs.c')
| -rw-r--r-- | sbin/mount_nullfs/mount_nullfs.c | 23 |
1 files changed, 21 insertions, 2 deletions
diff --git a/sbin/mount_nullfs/mount_nullfs.c b/sbin/mount_nullfs/mount_nullfs.c index 77ec0991ea9b..55d7ac982f70 100644 --- a/sbin/mount_nullfs/mount_nullfs.c +++ b/sbin/mount_nullfs/mount_nullfs.c @@ -48,6 +48,7 @@ static const char rcsid[] = #include <sys/param.h> #include <sys/mount.h> +#include <sys/stat.h> #include <sys/uio.h> #include <err.h> @@ -61,6 +62,14 @@ static const char rcsid[] = static void usage(void) __dead2; +static int +stat_realpath(const char *path, char *resolved, struct stat *sbp) +{ + if (realpath(path, resolved) == NULL || stat(resolved, sbp) != 0) + return (1); + return (0); +} + int main(int argc, char *argv[]) { @@ -71,6 +80,8 @@ main(int argc, char *argv[]) char errmsg[255]; int ch, iovlen; char nullfs[] = "nullfs"; + struct stat target_stat; + struct stat mountpoint_stat; iov = NULL; iovlen = 0; @@ -98,10 +109,18 @@ main(int argc, char *argv[]) usage(); /* resolve target and mountpoint with realpath(3) */ - if (checkpath(argv[0], target) != 0) + if (stat_realpath(argv[0], target, &target_stat) != 0) err(EX_USAGE, "%s", target); - if (checkpath(argv[1], mountpoint) != 0) + if (stat_realpath(argv[1], mountpoint, &mountpoint_stat) != 0) err(EX_USAGE, "%s", mountpoint); + if (!S_ISDIR(target_stat.st_mode) && !S_ISREG(target_stat.st_mode)) + errx(EX_USAGE, "%s: must be either a file or directory", + target); + if ((target_stat.st_mode & S_IFMT) != + (mountpoint_stat.st_mode & S_IFMT)) + errx(EX_USAGE, + "%s: must be same type as %s (file or directory)", + mountpoint, target); build_iovec(&iov, &iovlen, "fstype", nullfs, (size_t)-1); build_iovec(&iov, &iovlen, "fspath", mountpoint, (size_t)-1); |