haskal
/
vagrant
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
vagrant/plugins/hosts/bsd/cap/nfs.rb

230 lines
8.2 KiB
Ruby
Raw Normal View History

hosts/bsd: convert to new style
2014-01-08 04:39:24 +00:00
require "log4r"
require "vagrant/util"
hosts/bsd: don't execute shell for sudo commands [GH-2808]
2014-01-13 06:34:45 +00:00
require "vagrant/util/shell_quote"
hosts/bsd: use Util::Which instead of system("which")
2014-01-13 06:37:39 +00:00
require "vagrant/util/which"
hosts/bsd: convert to new style
2014-01-08 04:39:24 +00:00
module VagrantPlugins
module HostBSD
module Cap
class NFS
Fix #10961 NFS sharing in macOS 10.15 host On OS X 10.15, / is read-only and paths inside of /Users (and elsewhere) are mounted via a "firmlink" (which is a new invention in APFS). These must be resolved to their full path to be shareable via NFS. /Users/johnsmith/mycode => /System/Volumes/Data/Users/johnsmith/mycode We check to see if a path is mounted here with `df`, and prepend it. Firmlinks are only createable by the OS and this wasn't supposed to be visible to applications anyway: https://developer.apple.com/videos/play/wwdc2019/710/?time=481
2019-10-06 04:40:54 +00:00
# On OS X 10.15, / is read-only and paths inside of /Users (and elsewhere) are mounted
# via a "firmlink" (which is a new invention in APFS). These must be resolved to their
# full path to be shareable via NFS.
# /Users/johnsmith/mycode becomes /System/Volumes/Data/Users/johnsmith/mycode
# we check to see if a path is mounted here with `df`, and prepend it.
#
# Firmlinks are only createable by the OS, so a hardcoded path should be fine, until
# Apple gets crazier. This wasn't supposed to be visible to applications anyway:
# https://developer.apple.com/videos/play/wwdc2019/710/?time=481
# see also https://github.com/hashicorp/vagrant/issues/10961
OSX_FIRMLINK_HACK = "/System/Volumes/Data"
hosts/bsd: convert to new style
2014-01-08 04:39:24 +00:00
def self.nfs_export(environment, ui, id, ips, folders)
nfs_exports_template = environment.host.capability(:nfs_exports_template)
nfs_restart_command = environment.host.capability(:nfs_restart_command)
logger = Log4r::Logger.new("vagrant::hosts::bsd")
nfs_checkexports! if File.file?("/etc/exports")
Fix #10961 NFS sharing in macOS 10.15 host On OS X 10.15, / is read-only and paths inside of /Users (and elsewhere) are mounted via a "firmlink" (which is a new invention in APFS). These must be resolved to their full path to be shareable via NFS. /Users/johnsmith/mycode => /System/Volumes/Data/Users/johnsmith/mycode We check to see if a path is mounted here with `df`, and prepend it. Firmlinks are only createable by the OS and this wasn't supposed to be visible to applications anyway: https://developer.apple.com/videos/play/wwdc2019/710/?time=481
2019-10-06 04:40:54 +00:00
# Check to see if this folder is mounted 1) as APFS and 2) within the /System/Volumes/Data volume
# on OS X, which is a read-write "firmlink", and must be prepended so it can be shared via NFS
# we also need to directly mutate the :hostpath if we change it, so that it's mounted with the
# prefix.
logger.debug("Checking to see if NFS exports are in an APFS firmlink...")
nfs_check_folders_for_apfs folders
hosts/bsd: convert to new style
2014-01-08 04:39:24 +00:00
# We need to build up mapping of directories that are enclosed
# within each other because the exports file has to have subdirectories
# of an exported directory on the same line. e.g.:
#
# "/foo" "/foo/bar" ...
# "/bar"
#
# We build up this mapping within the following hash.
logger.debug("Compiling map of sub-directories for NFS exports...")
dirmap = {}
hosts/bsd: sort NFS exports to avoid false validation errors [GH-2927] With a synced folder configuration like so: synced_folder ".", "/vagrant", :nfs => true synced_folder "#{ENV['HOME']}/mirror", "/mirror", :nfs => true synced_folder ENV['HOME'], "/home/#{ENV['USER']}", :nfs => true on OSX, vagrant writes two overlapping exports to /etc/exports which then fail the export check. Iterating through the list of folders lexically builds a correct, single exports entry. Signed-off-by: Teemu Matilainen <teemu.matilainen@iki.fi>
2014-02-22 02:40:10 +00:00
folders.sort_by { |_, opts| opts[:hostpath] }.each do |_, opts|
hosts/bsd: convert to new style
2014-01-08 04:39:24 +00:00
hostpath = opts[:hostpath].dup
hostpath.gsub!('"', '\"')
found = false
dirmap.each do |dirs, diropts|
dirs.each do |dir|
if dir.start_with?(hostpath) || hostpath.start_with?(dir)
# TODO: verify opts and diropts are _identical_, raise an error
# if not. NFS mandates subdirectories have identical options.
dirs << hostpath
found = true
break
end
end
break if found
end
if !found
dirmap[[hostpath]] = opts.dup
end
end
# Sort all the keys by length so that the directory closest to
hosts/bsd: make directories unique when exporting
2014-02-26 16:04:21 +00:00
# the root is exported first. Also, remove duplicates so that
# checkexports will work properly.
hosts/bsd: convert to new style
2014-01-08 04:39:24 +00:00
dirmap.each do |dirs, _|
hosts/bsd: make directories unique when exporting
2014-02-26 16:04:21 +00:00
dirs.uniq!
hosts/bsd: convert to new style
2014-01-08 04:39:24 +00:00
dirs.sort_by! { |d| d.length }
end
# Setup the NFS options
dirmap.each do |dirs, opts|
if !opts[:bsd__nfs_options]
opts[:bsd__nfs_options] = ["alldirs"]
end
hasmapall = false
opts[:bsd__nfs_options].each do |opt|
# mapall/maproot are mutually exclusive, so we have to check
# for both here.
if opt =~ /^mapall=/ || opt =~ /^maproot=/
hasmapall = true
break
end
end
if !hasmapall
opts[:bsd__nfs_options] << "mapall=#{opts[:map_uid]}:#{opts[:map_gid]}"
end
opts[:bsd__compiled_nfs_options] = opts[:bsd__nfs_options].map do |opt|
"-#{opt}"
end.join(" ")
end
logger.info("Exporting the following for NFS...")
dirmap.each do |dirs, opts|
logger.info("NFS DIR: #{dirs.inspect}")
logger.info("NFS OPTS: #{opts.inspect}")
end
output = Vagrant::Util::TemplateRenderer.render(nfs_exports_template,
Change symbols inside hashes to 1.9 JSON-like syntax
2014-05-22 16:35:12 +00:00
uuid: id,
ips: ips,
folders: dirmap,
user: Process.uid)
hosts/bsd: convert to new style
2014-01-08 04:39:24 +00:00
# The sleep ensures that the output is truly flushed before any `sudo`
# commands are issued.
ui.info I18n.t("vagrant.hosts.bsd.nfs_export")
sleep 0.5
# First, clean up the old entry
nfs_cleanup(id)
hosts/bsd: only use sudo if we can't write /etc/exports [GH-2643]
2014-10-24 00:43:58 +00:00
# Only use "sudo" if we can't write to /etc/exports directly
sudo_command = ""
sudo_command = "sudo " if !File.writable?("/etc/exports")
hosts/bsd: convert to new style
2014-01-08 04:39:24 +00:00
# Output the rendered template into the exports
output.split("\n").each do |line|
hosts/bsd: don't execute shell for sudo commands [GH-2808]
2014-01-13 06:34:45 +00:00
line = Vagrant::Util::ShellQuote.escape(line, "'")
hosts/bsd: only use sudo if we can't write /etc/exports [GH-2643]
2014-10-24 00:43:58 +00:00
system(
"echo '#{line}' | " +
Invoke tee from specific path This commit updates the use of `tee` to use an explicit path when invoked rather than relying on where `tee` has been defined in a users PATH.
2017-06-29 23:11:18 +00:00
"#{sudo_command}/usr/bin/tee -a /etc/exports >/dev/null")
hosts/bsd: convert to new style
2014-01-08 04:39:24 +00:00
end
# We run restart here instead of "update" just in case nfsd
# is not starting
hosts/bsd: don't execute shell for sudo commands [GH-2808]
2014-01-13 06:34:45 +00:00
system(*nfs_restart_command)
hosts/bsd: convert to new style
2014-01-08 04:39:24 +00:00
end
def self.nfs_exports_template(environment)
Fixes #10609: Properly set BSD options for /etc/exports Prior to this commit, the BSD options for the /etc/exports file was not properly set up in the correct order for a given entry. It was however fixed for FreeBSD, but never for the original exports template. This commit fixes that by unifying the BSD and FreeBSD templates.
2019-06-13 18:44:12 +00:00
"nfs/exports_bsd"
hosts/bsd: convert to new style
2014-01-08 04:39:24 +00:00
end
def self.nfs_installed(environment)
hosts/bsd: use Util::Which instead of system("which")
2014-01-13 06:37:39 +00:00
!!Vagrant::Util::Which.which("nfsd")
hosts/bsd: convert to new style
2014-01-08 04:39:24 +00:00
end
def self.nfs_prune(environment, ui, valid_ids)
return if !File.exist?("/etc/exports")
logger = Log4r::Logger.new("vagrant::hosts::bsd")
logger.info("Pruning invalid NFS entries...")
output = false
user = Process.uid
File.read("/etc/exports").lines.each do |line|
Allow colon in NFS ID regex Signed-off-by: Si Beaumont <simon.beaumont@citrix.com>
2015-01-20 14:04:42 +00:00
if id = line[/^# VAGRANT-BEGIN:( #{user})? ([\.\/A-Za-z0-9\-_:]+?)$/, 2]
hosts/bsd: convert to new style
2014-01-08 04:39:24 +00:00
if valid_ids.include?(id)
logger.debug("Valid ID: #{id}")
else
if !output
# We want to warn the user but we only want to output once
ui.info I18n.t("vagrant.hosts.bsd.nfs_prune")
output = true
end
logger.info("Invalid ID, pruning: #{id}")
nfs_cleanup(id)
end
end
end
rescue Errno::EACCES
raise Vagrant::Errors::NFSCantReadExports
end
def self.nfs_restart_command(environment)
hosts/bsd: don't execute shell for sudo commands [GH-2808]
2014-01-13 06:34:45 +00:00
["sudo", "nfsd", "restart"]
hosts/bsd: convert to new style
2014-01-08 04:39:24 +00:00
end
protected
def self.nfs_cleanup(id)
return if !File.exist?("/etc/exports")
# Escape sed-sensitive characters:
id = id.gsub("/", "\\/")
id = id.gsub(".", "\\.")
user = Process.uid
hosts/bsd: only use sudo if we can't write /etc/exports [GH-2643]
2014-10-24 00:43:58 +00:00
command = []
command << "sudo" if !File.writable?("/etc/exports")
command += [
"sed", "-E", "-e",
"/^# VAGRANT-BEGIN:( #{user})? #{id}/," +
"/^# VAGRANT-END:( #{user})? #{id}/ d",
"-ibak",
"/etc/exports"
]
hosts/bsd: convert to new style
2014-01-08 04:39:24 +00:00
# Use sed to just strip out the block of code which was inserted
# by Vagrant, and restart NFS.
hosts/bsd: only use sudo if we can't write /etc/exports [GH-2643]
2014-10-24 00:43:58 +00:00
system(*command)
hosts/bsd: convert to new style
2014-01-08 04:39:24 +00:00
end
def self.nfs_checkexports!
r = Vagrant::Util::Subprocess.execute("nfsd", "checkexports")
if r.exit_code != 0
raise Vagrant::Errors::NFSBadExports, output: r.stderr
end
end
Fix #10961 NFS sharing in macOS 10.15 host On OS X 10.15, / is read-only and paths inside of /Users (and elsewhere) are mounted via a "firmlink" (which is a new invention in APFS). These must be resolved to their full path to be shareable via NFS. /Users/johnsmith/mycode => /System/Volumes/Data/Users/johnsmith/mycode We check to see if a path is mounted here with `df`, and prepend it. Firmlinks are only createable by the OS and this wasn't supposed to be visible to applications anyway: https://developer.apple.com/videos/play/wwdc2019/710/?time=481
2019-10-06 04:40:54 +00:00
def self.nfs_check_folders_for_apfs(folders)
folders.each do |_, opts|
`df` -> `/bin/df` to use macOS version Thanks, @AntonioMeireles!
2019-10-08 14:53:56 +00:00
# check to see if this path is mounted in an APFS filesystem, and if it's under the
# firmlink which must be prefixed. we need to use the OS X df — GNU won't notice.
is_mounted_apfs_command = "/bin/df -t apfs #{opts[:hostpath]}"
Fix #10961 NFS sharing in macOS 10.15 host On OS X 10.15, / is read-only and paths inside of /Users (and elsewhere) are mounted via a "firmlink" (which is a new invention in APFS). These must be resolved to their full path to be shareable via NFS. /Users/johnsmith/mycode => /System/Volumes/Data/Users/johnsmith/mycode We check to see if a path is mounted here with `df`, and prepend it. Firmlinks are only createable by the OS and this wasn't supposed to be visible to applications anyway: https://developer.apple.com/videos/play/wwdc2019/710/?time=481
2019-10-06 04:40:54 +00:00
result = Vagrant::Util::Subprocess.execute(*Shellwords.split(is_mounted_apfs_command))
if (result.stdout.include? OSX_FIRMLINK_HACK)
opts[:hostpath].prepend(OSX_FIRMLINK_HACK)
end
end
end
hosts/bsd: convert to new style
2014-01-08 04:39:24 +00:00
end
end
end
end