src/type3_AndroidCloud/anbox-master/scripts/container-manager.sh

   1 #!/bin/bash
   2 set -x
   3
   4 # We need to put the rootfs somewhere where we can modify some
   5 # parts of the content on first boot (namely file permissions).
   6 # Other than that nothing should ever modify the content of the
   7 # rootfs.
   8
   9 DATA_PATH=$SNAP_COMMON/
  10 ANDROID_IMG=$SNAP/android.img
  11
  12 if [ "$(id -u)" != 0 ]; then
  13         echo "ERROR: You need to run the container manager as root"
  14         exit 1
  15 fi
  16
  17 if [ ! -e "$ANDROID_IMG" ]; then
  18         echo "ERROR: android image does not exist"
  19         exit 1
  20 fi
  21
  22 if [ "$SNAP_ARCH" = "amd64" ]; then
  23         ARCH="x86_64-linux-gnu"
  24 elif [ "$SNAP_ARCH" = "armhf" ]; then
  25         ARCH="arm-linux-gnueabihf"
  26 else
  27         ARCH="$SNAP_ARCH-linux-gnu"
  28 fi
  29
  30 # Re-exec outside of apparmor confinement
  31 if [ -d /sys/kernel/security/apparmor ] && [ "$(cat /proc/self/attr/current)" != "unconfined" ]; then
  32         exec /usr/sbin/aa-exec -p unconfined -- "$0" "$@"
  33 fi
  34
  35 start() {
  36         # Make sure our setup path for the container rootfs
  37         # is present as lxc is statically configured for
  38         # this path.
  39         mkdir -p "$SNAP_COMMON/lxc"
  40
  41         # We start the bridge here as long as a oneshot service unit is not
  42         # possible. See snapcraft.yaml for further details.
  43         "$SNAP"/bin/anbox-bridge.sh start
  44
  45         # Ensure FUSE support for user namespaces is enabled
  46         echo Y | tee /sys/module/fuse/parameters/userns_mounts || echo "WARNING: kernel doesn't support fuse in user namespaces"
  47
  48         # liblxc.so.1 is in $SNAP/lib
  49         export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$SNAP/liblxc"
  50
  51         # For unknown reason we got bug reports that the container manager failed to start
  52         # because it cannot find libboost_log.so.1.58.0 To mitigate this we're adding the
  53         # lib directory as explicit search target here.
  54         export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$SNAP/usr/lib/$ARCH"
  55
  56         enable_debug="$(snapctl get debug.enable)"
  57         if [ "$enable_debug" = true ]; then
  58                 export ANBOX_LOG_LEVEL=debug
  59                 export LD_DEBUG=libs
  60         fi
  61
  62         EXTRA_ARGS=
  63         enable_rootfs_overlay="$(snapctl get rootfs-overlay.enable)"
  64         if [ "$enable_rootfs_overlay" = true ]; then
  65                 EXTRA_ARGS="$EXTRA_ARGS --use-rootfs-overlay"
  66         fi
  67
  68         enable_privileged_container="$(snapctl get container.privileged)"
  69         if [ "$enable_privileged_container" = true ]; then
  70                 EXTRA_ARGS="$EXTRA_ARGS --privileged"
  71         fi
  72
  73         container_network_address=$(snapctl get container.network.address)
  74         if [ -n "$container_network_address" ]; then
  75                 EXTRA_ARGS="$EXTRA_ARGS --container-network-address=$container_network_address"
  76         fi
  77
  78         container_network_gateway=$(snapctl get container.network.gateway)
  79         if [ -n "$container_network_gateway" ]; then
  80                 EXTRA_ARGS="$EXTRA_ARGS --container-network-gateway=$container_network_gateway"
  81         fi
  82
  83         container_network_dns=$(snapctl get container.network.dns)
  84         if [ -n "$container_network_dns" ]; then
  85                 EXTRA_ARGS="$EXTRA_ARGS --container-network-dns-servers=$container_network_dns"
  86         fi
  87
  88         # Load all relevant kernel modules
  89         modprobe binder_linux
  90         modprobe ashmem_linux
  91
  92         # Ensure we have binderfs mounted when our kernel supports it
  93         if cat /proc/filesystems | grep -q binder ; then
  94                 mkdir -p "$SNAP_COMMON"/binderfs
  95                 # Remove old mounts so that we start fresh without any devices allocated
  96                 if cat /proc/mounts | grep -q "binder $SNAP_COMMON/binderfs" ; then
  97                         umount "$SNAP_COMMON"/binderfs
  98                 fi
  99                 mount -t binder none "$SNAP_COMMON"/binderfs
 100         fi
 101
 102         exec "$SNAP"/bin/anbox-wrapper.sh container-manager \
 103                 --data-path="$DATA_PATH" \
 104                 --android-image="$ANDROID_IMG" \
 105                 --daemon \
 106                 $EXTRA_ARGS
 107 }
 108
 109 stop() {
 110         "$SNAP"/bin/anbox-bridge.sh stop
 111 }
 112
 113 case "$1" in
 114         start)
 115                 start
 116                 ;;
 117         stop)
 118                 stop
 119                 ;;
 120         *)
 121                 echo "ERROR: Unknown command '$1'"
 122                 exit 1
 123                 ;;
 124 esac