Fix/health check error (#2731)

* fix: No error's with an error code * fix dns query * await resolv.conf copy * use tty in subcontainer exec if parent is tty * Fix: Home=root for inject services * fix: Add the action inject too --------- Co-authored-by: Aiden McClelland <me@drbonez.dev>
2026-03-31 04:23:40 +00:00 · 2024-08-30 00:29:27 -06:00
parent ed1bc6c215
commit 66b018a355
7 changed files with 78 additions and 15 deletions
--- a/core/startos/src/service/effects/subcontainer/sync.rs
+++ b/core/startos/src/service/effects/subcontainer/sync.rs
@@ -2,15 +2,16 @@ use std::borrow::Cow;
 use std::collections::BTreeMap;
 use std::ffi::{c_int, OsStr, OsString};
 use std::fs::File;
+use std::io::IsTerminal;
 use std::os::unix::process::CommandExt;
 use std::path::{Path, PathBuf};
 use std::process::{Command as StdCommand, Stdio};

 use nix::sched::CloneFlags;
 use nix::unistd::Pid;
-use rpc_toolkit::Context;
 use signal_hook::consts::signal::*;
 use tokio::sync::oneshot;
+use tty_spawn::TtySpawn;
 use unshare::Command as NSCommand;

 use crate::service::effects::prelude::*;
@@ -294,6 +295,37 @@ pub fn exec(
        command,
    }: ExecParams,
 ) -> Result<(), Error> {
+    if std::io::stdin().is_terminal() {
+        let mut cmd = TtySpawn::new("/usr/bin/start-cli");
+        cmd.arg("subcontainer").arg("exec-command");
+        if let Some(env) = env {
+            cmd.arg("--env").arg(env);
+        }
+        if let Some(workdir) = workdir {
+            cmd.arg("--workdir").arg(workdir);
+        }
+        if let Some(user) = user {
+            cmd.arg("--user").arg(user);
+        }
+        cmd.arg(&chroot);
+        cmd.args(command.iter());
+        nix::sched::setns(
+            open_file_read(chroot.join("proc/1/ns/pid"))?,
+            CloneFlags::CLONE_NEWPID,
+        )
+        .with_ctx(|_| (ErrorKind::Filesystem, "set pid ns"))?;
+        nix::sched::setns(
+            open_file_read(chroot.join("proc/1/ns/cgroup"))?,
+            CloneFlags::CLONE_NEWCGROUP,
+        )
+        .with_ctx(|_| (ErrorKind::Filesystem, "set cgroup ns"))?;
+        nix::sched::setns(
+            open_file_read(chroot.join("proc/1/ns/ipc"))?,
+            CloneFlags::CLONE_NEWIPC,
+        )
+        .with_ctx(|_| (ErrorKind::Filesystem, "set ipc ns"))?;
+        std::process::exit(cmd.spawn().with_kind(ErrorKind::Filesystem)?);
+    }
    let mut sig = signal_hook::iterator::Signals::new(FWD_SIGNALS)?;
    let (send_pid, recv_pid) = oneshot::channel();
    std::thread::spawn(move || {