2
0
mirror of https://github.com/xcat2/confluent.git synced 2025-01-24 00:23:53 +00:00
Jarrod Johnson 9f45b0ed56 Draft support for stateless images
Aim is to support a few modes of operation:
-tar.xz, extracted to memory (most inefficient, least dependency)
-nfs read-only (less secure, more efficient, depends on getting nfs
export just right)
-nfs image read-only (same as above, but using squashfs to make overlay
more easily happily)
-gocryptfs on nfs (this provides encryption and integrity check)
2021-05-11 17:05:12 -04:00

18 lines
705 B
C

#include <unistd.h>
#include <stdio.h>
#include <sys/mount.h>
#define __USE_GNU
#include <sched.h>
int main(int argc, char* argv[]) {
unshare(CLONE_NEWNS);
mount("/dev", "/sysroot/dev", NULL, MS_MOVE, NULL);
mount("/proc", "/sysroot/proc", NULL, MS_MOVE, NULL);
mount("/sys", "/sysroot/sys", NULL, MS_MOVE, NULL);
mount("/run", "/sysroot/run", NULL, MS_MOVE, NULL);
if (chdir("/sysroot") < 0) { fprintf(stderr, "Unable to chdir!\n"); }
mount("/sysroot", "/", NULL, MS_MOVE, NULL);
if (chroot(".") < 0) { fprintf(stderr, "Failed to chroot!\n"); }
if (chdir("/") < 0) { fprintf(stderr, "Unable to chdir after chroot!\n"); }
execl("/sbin/init", "/sbin/init", NULL);
}