ns

package
v1.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 19, 2026 License: MIT Imports: 6 Imported by: 0

Documentation

Overview

Package ns prepares the local execution environment for the target process. It receives bind mounts, command lines, environment variables, and working directories from the runtime, and feeds either Bubblewrap on Linux or the direct Darwin launcher with the workspace and shim env.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func FormatEnv 

func FormatEnv(base []string, brokerSock, shimPath string, pathInj PathInjection) []string

FormatEnv builds the environment slice for the child process, injecting machineproxy-specific variables needed by the shim. When pathInj.Dir is set, it is prepended or appended to PATH (creating a PATH if none exists in base) so the FUSE-backed stub directory is resolved by the shell's PATH search.

Types

type Bind 

type Bind struct {
	Src string
	Dst string
}

Bind describes one bind mount entry. Src is a path on the host; Dst is the path it appears at inside the container. Linux honours this via bwrap --bind; darwin (no containment) ignores it.

type Deps 

type Deps struct {
	// LookPath resolves external helpers (e.g. bwrap on Linux). Defaults
	// to exec.LookPath when nil. Unused on platforms with no helper.
	LookPath func(file string) (string, error)
	Log      *slog.Logger
}

Deps allows dependency injection for testing.

type Namespace 

type Namespace struct {
	// contains filtered or unexported fields
}

Namespace is the darwin runner. There is no kernel-level containment on macOS, so this struct holds only the bookkeeping needed to launch the child with the caller-supplied env and working directory. Exec interception is delivered by the DYLD interposer dylib whose path the caller injects into env as DYLD_INSERT_LIBRARIES.

func New 

func New(deps Deps) *Namespace

New creates a Namespace. Call Prepare before Run.

func (*Namespace) Command 

func (n *Namespace) Command(workingDir string, cmdline []string, binds []Bind) (string, []string)

Command returns the resolved binary and full argument list without executing anything. Useful for inspection and testing. On darwin this is effectively a pass-through.

func (*Namespace) Leave 

func (n *Namespace) Leave()

Leave is a no-op on darwin.

func (*Namespace) Prepare 

func (n *Namespace) Prepare(ctx context.Context) error

Prepare is a no-op on darwin. No external helper to locate.

func (*Namespace) Run 

func (n *Namespace) Run(ctx context.Context, workingDir string, cmdline []string, env []string, binds []Bind) error

Run executes cmdline directly with the caller-supplied env. binds are ignored: macOS has no unprivileged bind-mount facility. The caller is expected to point workingDir at the real FUSE mount path (no path translation happens here).

type PathInjection 

type PathInjection struct {
	// Dir is the absolute path (as seen inside the container) to splice
	// in. When empty, FormatEnv leaves PATH untouched.
	Dir string
	// Position is "prepend" or "append". Empty means prepend.
	Position string
}

PathInjection controls splicing an extra directory into the PATH env variable for the container process.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.