add multi-user support

- it's now possible for different users, concurrently, and independent of each other, to run `corectl` on a OS X box. - the CoreOS images already on-disk will be regenerated, but overall the update process from older versions should be transparent. Signed-off-by: António Meireles <[email protected]>
TheNewNormal · Jan 8, 2016 · e7e2441 · e7e2441
1 parent 0eb0dc4
commit e7e2441
Show file tree

Hide file tree

Showing 4 changed files with 43 additions and 38 deletions.
diff --git a/README.md b/README.md
@@ -63,7 +63,7 @@ Update Strategy: No Reboots
 Last login: Tue Aug 25 13:23:20 +0000 2015 on /dev/tty1.
 core@localhost ~ $
 ```
-you 'll find out that `/Users` is available (via NFS) already inside your VM.
+you 'll find out that your `${HOME}` become available (via NFS) inside your VM.
 that will come handy when you come to play with `docker` volumes later...
 
 ### usage

diff --git a/globals.go b/globals.go
@@ -27,10 +27,10 @@ const LatestImageBreackage = "2016-01-08T16:00:00WET"
 type (
 	vmContext      struct{ vm *VMInfo }
 	sessionContext struct {
-		configDir, imageDir, runDir, pwd, uid, gid, username string
-		hasPowers, debug, json                               bool
-		rawArgs                                              *viper.Viper
-		VMs                                                  []vmContext
+		configDir, imageDir, runDir, pwd, uid, gid, homedir string
+		hasPowers, debug, json                              bool
+		rawArgs                                             *viper.Viper
+		VMs                                                 []vmContext
 	}
 	// VMInfo - per VM settings
 	VMInfo struct {
@@ -274,16 +274,20 @@ COREOS_PRIVATE_IPV4=${COREOS_PUBLIC_IPV4}
 block-until-url "${endpoint}"
 
 HOSTNAME="$(curl -Ls ${endpoint}/hostname)"
+HOMEDIR="$(curl -Ls ${endpoint}/homedir)"
 
 ( echo endpoint=${endpoint}
   echo UUID=${UUID}
   echo HOSTNAME="${HOSTNAME}"
+  echo HOMEDIR="${HOMEDIR}"
 
   echo COREOS_PUBLIC_IPV4=${COREOS_PUBLIC_IPV4}
   echo COREOS_PRIVATE_IPV4=${COREOS_PRIVATE_IPV4}
 ) > /etc/environment
 
 sed -i "s,@@hostname@@,${HOSTNAME},g" /usr/share/oem/xhyve.yml
+sed -i "s,@@homedir@@,${HOMEDIR},g" /usr/share/oem/xhyve.yml
+sed -i "s,Users\.mount,$(systemd-escape -p ${HOMEDIR})\.mount,g" /usr/share/oem/xhyve.yml
 
 echo "$(curl -Ls ${endpoint}/sshKey)" | update-ssh-keys -a proc-cmdline-ssh_internal
 
@@ -322,8 +326,8 @@ coreos:
     command: start
     content: |
       [Mount]
-        What=192.168.64.1:/Users
-        Where=/Users
+        What=192.168.64.1:@@homedir@@
+        Where=@@homedir@@
         Options=rw,async,nolock,noatime,rsize=32768,wsize=32768
         Type=nfs
 `

diff --git a/helpers.go b/helpers.go
@@ -267,7 +267,7 @@ func (session *sessionContext) init() (err error) {
 	session.runDir = filepath.Join(session.configDir, "/running/")
 
 	session.uid, session.gid = caller.Uid, caller.Gid
-	session.username = caller.Username
+	session.homedir = caller.HomeDir
 
 	if session.pwd, err = os.Getwd(); err != nil {
 		return
@@ -387,6 +387,12 @@ func (vm *VMInfo) metadataService() (endpoint string, err error) {
 				w.Write([]byte(vm.Name))
 			}
 		})
+	mux.HandleFunc(root+"/homedir",
+		func(w http.ResponseWriter, r *http.Request) {
+			if isAllowed(rIP(r.RemoteAddr), w) {
+				w.Write([]byte(engine.homedir))
+			}
+		})
 
 	srv := &http.Server{
 		Addr:    fmt.Sprintf(":%v", free.Addr().(*net.TCPAddr).Port),

diff --git a/run.go b/run.go
@@ -343,27 +343,23 @@ func init() {
 func nfsSetup() (err error) {
 	const exportsF = "/etc/exports"
 	var (
-		buf      []byte
-		shared   bool
-		right    string
-		shortSig = "/Users -network 192.168.64.0 " +
+		buf, bufN []byte
+		shared    bool
+		oldSig    = "/Users -network 192.168.64.0 " +
 			"-mask 255.255.255.0 -alldirs -mapall="
 		suffix    = engine.uid + ":" + engine.gid
-		signature = shortSig + suffix
-		exportSet = func() (ok bool, err error) {
+		signature = engine.homedir + " -network 192.168.64.0 " +
+			"-mask 255.255.255.0 -alldirs -mapall=" + suffix
+		exportSet = func() (ok bool) {
 			for _, line := range strings.Split(string(buf), "\n") {
-				if strings.HasPrefix(line, shortSig) {
-					right = strings.Split(line, "=")[1]
-					if right != suffix {
-						err = fmt.Errorf("'/Users' is already being shared " +
-							"via NFS by another user other than the " +
-							"currently running one. Either keep invoking " +
-							"'corectl' as that user or manually fix your " +
-							"'/etc/exports' file")
-						break
-					}
+				if strings.HasPrefix(line, signature) {
 					ok = true
 				}
+				if !strings.HasPrefix(line, oldSig) {
+					bufN = append(bufN, []byte(line+"\n")...)
+				} else {
+					bufN = append(bufN, []byte("\n")...)
+				}
 			}
 			return
 		}
@@ -376,17 +372,17 @@ func nfsSetup() (err error) {
 			}
 			return false
 		}()
-		exportsCheck = func() (err error) {
+		exportsCheck = func(previous []byte) (err error) {
 			cmd := exec.Command("nfsd", "-F", exportsF, "checkexports")
 			cmd.Stdin, cmd.Stdout, cmd.Stderr = nil, nil, os.Stderr
 
 			if err = cmd.Run(); err != nil {
 				err = fmt.Errorf("unable to validate %s (see above)", exportsF)
 				// getting back to where we were
-				ioutil.WriteFile(exportsF, buf, os.ModeAppend)
+				ioutil.WriteFile(exportsF, previous, os.ModeAppend)
 			}
 			return
-		}()
+		}
 	)
 	// check if /etc/exports exists, and if not create an empty one
 	if _, err = os.Stat(exportsF); os.IsNotExist(err) {
@@ -399,15 +395,13 @@ func nfsSetup() (err error) {
 		return
 	}
 
-	if shared, err = exportSet(); err != nil {
-		return
+	if shared = exportSet(); !shared {
+		ioutil.WriteFile(exportsF, append(bufN, []byte(signature)...),
+			os.ModeAppend)
 	}
 
-	if !shared {
-		ioutil.WriteFile(exportsF,
-			append(buf, append([]byte("\n"),
-				append([]byte(signature), []byte("\n")...)...)...),
-			os.ModeAppend)
+	if err = exportsCheck(buf); err != nil {
+		return
 	}
 
 	if nfsIsRunning {
@@ -416,16 +410,17 @@ func nfsSetup() (err error) {
 				return fmt.Errorf("unable to update NFS "+
 					"service definitions... (%v)", err)
 			}
-			log.Println("'/Users' was made available to VMs via NFS")
+			log.Printf("'%s' was made available to VMs via NFS\n",
+				engine.homedir)
 		}
 	} else {
 		if err = exec.Command("nfsd", "start").Run(); err != nil {
 			return fmt.Errorf("unable to start NFS service... (%v)", err)
 		}
-		log.Println("NFS started in order for '/Users' to be " +
-			"made available to the VMs")
+		log.Printf("NFS started in order for '%s' to be "+
+			"made available to the VMs\n", engine.homedir)
 	}
-	return exportsCheck
+	return
 }
 
 func (vm *VMInfo) storeConfig() (err error) {