#!/usr/bin/openrc-run

# Copyright (C) 2018 Márcio Silva <coadde@hyperbola.info>
# Released under the 2-clause BSD license

description="OS level virtualization from chroot command"

[[ -z $CR_COMD ]] && CR_COMD=/sbin/init

depend() {
	need $CR_NDEP
	after modules bootmisc localmount net netmount
	keyword -jail -prefix -vserver
	provide oslv
}

start() {
	ebegin "Start $CR_NAME chroot virtualization"
	case $RC_UNAME in
		GNU/Linux|Linux)
			# uses linux namespaces (unshare) to isolate the CR_COMD command
			start-stop-daemon --start \
				--background \
				--chroot $CR_PATH \
				--name $CR_COMD \
				--wait ${CR_STWT}000 \
				/sbin/unshare \
				-- \
					--cgroup \
					--fork \
					--ipc \
					--mount \
					--net \
					--pid \
					--propagation private \
					--setgroups allow \
					--uts \
					-- \
					$CR_COMD
			eend $?
			# isolate network interfaces to chroot command (only with linux kernel)
			if [[ $CR_NINF ]]; then
				for int in $CR_NINF; do
					einfo "Add $int to chroot.$CR_NAME"
					ip link set $int netns $(pgrep -n ${CR_COMD##*/})
					eend $?
				done
				unset int
			fi
			if [[ $CR_WINF ]]; then
				for wif in $CR_WINF; do
					einfo "Add $wif to chroot.$CR_NAME"
					iw phy $wif set netns $(pgrep -n ${CR_COMD##*/})
					eend $?
				done
				unset wif
			fi
			;;
		*)
			start-stop-daemon --start \
				--background \
				--chroot $CR_PATH \
				--name $CR_COMD \
				$CR_COMD
			eend $?
			;;
	esac
	einfo "wait in seconds to start the service"
	sleep ${CR_STWT:-1}
	eend $?
}

stop() {
	ebegin "Stop $CR_NAME chroot virtualization"
	# use SIGINIT or 2 to stop the CR_COMD
	start-stop-daemon --signal 2 --wait ${CR_SPWT:-1} --progress $CR_COMD
	eend $?
}