From 6455271aa083f7f29982500825e136814a0c67e0 Mon Sep 17 00:00:00 2001 From: Andrew Hamilton Date: Sat, 12 Mar 2016 23:16:52 +0000 Subject: [PATCH] Put a hole in the sandbox once. Not once per worker. --- vigil | 23 ++++++++++++++++------- worker.py | 11 +++-------- worker_test.py | 4 ++-- 3 files changed, 21 insertions(+), 17 deletions(-) diff --git a/vigil b/vigil index ae91b35..47f25e0 100755 --- a/vigil +++ b/vigil @@ -878,6 +878,15 @@ def _update_screen(main_widget, appearance_changed_event): fill3.patch_screen(main_widget) +def make_sandbox(mount_point): + sandbox = sandbox_fs.SandboxFs(mount_point) + sandbox.mount() + cache_path = os.path.join(os.getcwd(), tools.CACHE_PATH) + subprocess.check_call(["sudo", "mount", "--bind", cache_path, + mount_point + cache_path]) + return sandbox + + def main(root_path, loop, worker_count=None, is_sandboxed=True, editor_command=None, is_being_tested=False): if worker_count is None: @@ -918,17 +927,14 @@ def main(root_path, loop, worker_count=None, is_sandboxed=True, root_path, loop, on_filesystem_change, _is_path_excluded) screen.workers = workers = [] if is_sandboxed: + log.log_message("Making filesystem sandbox...") sandbox_temp_dir = tempfile.mkdtemp() - sandbox = sandbox_fs.SandboxFs(sandbox_temp_dir) + sandbox = make_sandbox(sandbox_temp_dir) + log.log_message("Sandbox made.") else: + log.log_message("Running without the filesystem sandbox...") sandbox = None try: - if is_sandboxed: - log.log_message("Making filesystem sandbox...") - sandbox.mount() - log.log_message("Sandbox made.") - else: - log.log_message("Running without the filesystem sandbox...") log.log_message("Starting workers (%s) ..." % worker_count) for index in range(worker_count): worker_ = worker.Worker(sandbox, screen._is_paused, is_being_tested) @@ -980,6 +986,9 @@ def main(root_path, loop, worker_count=None, is_sandboxed=True, tools.dump_pickle_safe(screen, pickle_path, open=open_compressed) finally: if is_sandboxed: + cache_path = os.path.join(os.getcwd(), tools.CACHE_PATH) + subprocess.check_call(["sudo", "umount", + sandbox.mount_point + cache_path]) sandbox.umount() os.rmdir(sandbox_temp_dir) loop.remove_reader(watch_manager_fd) diff --git a/worker.py b/worker.py index 659b920..911ad80 100755 --- a/worker.py +++ b/worker.py @@ -31,14 +31,9 @@ class Worker: @asyncio.coroutine def create_process(self): - if self.sandbox is None: - command = [__file__] - else: - cache_path = os.path.join(os.getcwd(), tools.CACHE_PATH) - cache_mount = self.sandbox.mount_point + cache_path - subprocess.check_call(["sudo", "mount", "--bind", cache_path, - cache_mount]) - command = self.sandbox.command([__file__]) + command = [__file__] + if self.sandbox is not None: + command = self.sandbox.command(command) create = asyncio.create_subprocess_exec( *command, stdin=asyncio.subprocess.PIPE, stdout=asyncio.subprocess.PIPE, stderr=asyncio.subprocess.PIPE) diff --git a/worker_test.py b/worker_test.py index 00578cd..a7557ab 100755 --- a/worker_test.py +++ b/worker_test.py @@ -12,6 +12,7 @@ import unittest import sandbox_fs import tools +import vigil import worker @@ -43,8 +44,7 @@ class WorkerTestCase(unittest.TestCase): def test_run_job_with_sandbox(self): temp_dir = tempfile.mkdtemp() - sandbox = sandbox_fs.SandboxFs(temp_dir) - sandbox.mount() + sandbox = vigil.make_sandbox(temp_dir) try: self._test_worker(sandbox) finally: