merged layer handling

src/cmd/init.rs

@@ -54,10 +54,10 @@ pub async fn run() {
     info!("Linux version {kernel_version}");
 
     // mount basic filesystems
-    mount(None, "/proc", "proc", None).await;
-    mount(None, "/sys", "sysfs", None).await;
-    mount(None, "/dev", "devtmpfs", None).await;
-    mount(None, "/dev/pts", "devpts", Some("gid=5,mode=620")).await;
+    mount(None::<&str>, "/proc", "proc", None).await;
+    mount(None::<&str>, "/sys", "sysfs", None).await;
+    mount(None::<&str>, "/dev", "devtmpfs", None).await;
+    mount(None::<&str>, "/dev/pts", "devpts", Some("gid=5,mode=620")).await;
 
     if utils::bool_param("debug") {
         log::set_max_level(log::LevelFilter::Debug);
@@ -177,15 +177,27 @@ async fn chmod(path: impl AsRef<Path>, mode: u32) -> std::io::Result<()> {
     fs::set_permissions(path, perms).await
 }
 
-async fn mount(src: Option<&str>, dst: &str, fstype: &str, opts: Option<&str>) {
+async fn mount<S: AsRef<Path>>(
+    src: Option<S>,
+    dst: impl AsRef<Path>,
+    fstype: &str,
+    opts: Option<&str>,
+) {
+    let src = src.as_ref().map(|s| s.as_ref());
+    let src_str = src.map(|s| s.display().to_string());
+    let src_str = src_str.as_deref();
+
+    let dst = dst.as_ref();
+    let dst_str = &dst.display().to_string();
+
     if let Err(e) = fs::create_dir_all(dst).await {
-        error!("failed to create dir {dst}: {e}");
+        error!("failed to create dir {dst_str}: {e}");
     }
 
     retry_or_ignore(async || {
         let mut is_file = false;
 
-        if let Some(src) = src {
+        if let Some(src) = src_str {
             is_file = (fs::metadata(src).await)
                 .map_err(|e| format_err!("stat {src} failed: {e}"))?
                 .is_file();
@@ -197,7 +209,7 @@ async fn mount(src: Option<&str>, dst: &str, fstype: &str, opts: Option<&str>) {
             }
         }
 
-        let mut args = vec![src.unwrap_or("none"), dst, "-t", fstype];
+        let mut args = vec![src_str.unwrap_or("none"), dst_str, "-t", fstype];
         if let Some(opts) = opts {
             args.extend(["-o", opts]);
         }
@@ -209,11 +221,17 @@ async fn mount(src: Option<&str>, dst: &str, fstype: &str, opts: Option<&str>) {
         }
 
         let (cmd_str, _) = cmd_str("mount", &args);
-        let flags = nix::mount::MsFlags::empty();
 
         info!("# {cmd_str}",);
-        nix::mount::mount(src, dst, Some(fstype), flags, opts)
-            .map_err(|e| format_err!("mount {dst} failed: {e}"))
+
+        let mount = |flags| nix::mount::mount(src, dst, Some(fstype), flags, opts);
+
+        use nix::{errno::Errno, mount::MsFlags};
+        match mount(MsFlags::empty()) {
+            Err(Errno::EACCES) => mount(MsFlags::MS_RDONLY),
+            r => r,
+        }
+        .map_err(|e| format_err!("mount {dst_str} failed: {e}"))
     })
     .await
 }
@@ -228,6 +246,25 @@ async fn start_daemon(prog: &str, args: &[&str]) {
     .await;
 }
 
+async fn try_exec_cmd(mut cmd: tokio::process::Command) -> Result<()> {
+    info!(
+        "# {} {}",
+        cmd.as_std().get_program().to_string_lossy(),
+        cmd.as_std()
+            .get_args()
+            .map(|a| a.to_string_lossy())
+            .collect::<Vec<_>>()
+            .join(" ")
+    );
+
+    let s = cmd.status().await?;
+    if s.success() {
+        Ok(())
+    } else {
+        Err(format_err!("command failed: {s}"))
+    }
+}
+
 async fn try_exec(prog: &str, args: &[&str]) -> Result<()> {
     let (cmd_str, mut cmd) = cmd_str(prog, args);
     info!("# {cmd_str}");