refactor

evgeniy-scherbina · evgeniy-scherbina · commit 7e2af0c71866 · 2025-09-30T19:55:50.000Z
diff --git a/cli/cli.go b/cli/cli.go
@@ -102,7 +102,7 @@ func Run(ctx context.Context, config Config, args []string) error {
 		//fmt.Printf("%v\n", os.Environ())
 		time.Sleep(time.Second * 3) // wait for parent to configure env
 
-		vethNetJail := os.Getenv("VETH_NET_JAIL")
+		vethNetJail := os.Getenv("VETH_JAIL_NAME")
 
 		err := jail.SetupChildNetworking(vethNetJail)
 		if err != nil {
@@ -224,7 +224,7 @@ func Run(ctx context.Context, config Config, args []string) error {
 		defer cancel()
 		cmd := boundaryInstance.Command(os.Args)
 		cmd.Env = append(cmd.Env, "CHILD=true")
-		cmd.Env = append(cmd.Env, fmt.Sprintf("VETH_NET_JAIL=%v", boundaryInstance.GetNetworkConfiguration().VethNetJail))
+		cmd.Env = append(cmd.Env, fmt.Sprintf("VETH_JAIL_NAME=%v", boundaryInstance.GetNetworkConfiguration().VethJailName))
 		cmd.Stderr = os.Stderr
 		cmd.Stdout = os.Stdout
 		cmd.Stdin = os.Stdin
diff --git a/jail/jail.go b/jail/jail.go
@@ -10,13 +10,13 @@ import (
 type Jailer interface {
 	ConfigureBeforeCommandExecution() error
 	Command(command []string) *exec.Cmd
-	ConfigureAfterCommandExecution(processPID int)
+	ConfigureAfterCommandExecution(processPID int) error
 	Close() error
 	GetNetworkConfiguration() NetworkConfiguration
 }
 
 type NetworkConfiguration struct {
-	VethNetJail string
+	VethJailName string
 }
 
 type Config struct {
diff --git a/jail/linux.go b/jail/linux.go
@@ -192,23 +192,23 @@ func (l *LinuxJail) Command(command []string) *exec.Cmd {
 	return cmd
 }
 
-func (l *LinuxJail) ConfigureAfterCommandExecution(pidInt int) {
+func (l *LinuxJail) ConfigureAfterCommandExecution(pidInt int) error {
 	err := l.configureParentNetworkingStep2(pidInt)
 	if err != nil {
-		fmt.Fprintf(os.Stderr, "failed setupParentNetworking: %v\n", err)
-		os.Exit(1)
+		return fmt.Errorf("failed to configure parent networking: %v", err)
 	}
 
 	err = l.configureIptables()
 	if err != nil {
-		fmt.Fprintf(os.Stderr, "can't setup iptables: %v\n", err)
-		os.Exit(1)
+		return fmt.Errorf("failed to configure iptables: %v", err)
 	}
+
+	return nil
 }
 
 func (l *LinuxJail) GetNetworkConfiguration() NetworkConfiguration {
 	return NetworkConfiguration{
-		VethNetJail: l.vethJailName,
+		VethJailName: l.vethJailName,
 	}
 }
 
diff --git a/jail/macos.go b/jail/macos.go
@@ -341,7 +341,9 @@ func (n *MacOSJail) cleanupTempFiles() {
 	}
 }
 
-func (u *MacOSJail) ConfigureAfterCommandExecution(processPID int) {}
+func (u *MacOSJail) ConfigureAfterCommandExecution(processPID int) error {
+	return nil
+}
 
 func (l *MacOSJail) GetNetworkConfiguration() NetworkConfiguration {
 	return NetworkConfiguration{}
diff --git a/jail/unprivileged.go b/jail/unprivileged.go
@@ -61,7 +61,9 @@ func (u *Unprivileged) Close() error {
 	return nil
 }
 
-func (u *Unprivileged) ConfigureAfterCommandExecution(processPID int) {}
+func (u *Unprivileged) ConfigureAfterCommandExecution(processPID int) error {
+	return nil
+}
 
 func (l *Unprivileged) GetNetworkConfiguration() NetworkConfiguration {
 	return NetworkConfiguration{}

Original file line number	Diff line number	Diff line change
`@@ -10,13 +10,13 @@ import (`
`10`	`10`	`type Jailer interface {`
`11`	`11`	`ConfigureBeforeCommandExecution() error`
`12`	`12`	`Command(command []string) *exec.Cmd`
`13`		`- ConfigureAfterCommandExecution(processPID int)`
	`13`	`+ ConfigureAfterCommandExecution(processPID int) error`
`14`	`14`	`Close() error`
`15`	`15`	`GetNetworkConfiguration() NetworkConfiguration`
`16`	`16`	`}`
`17`	`17`
`18`	`18`	`type NetworkConfiguration struct {`
`19`		`- VethNetJail string`
	`19`	`+ VethJailName string`
`20`	`20`	`}`
`21`	`21`
`22`	`22`	`type Config struct {`
Original file line number	Diff line number	Diff line change
`@@ -192,23 +192,23 @@ func (l LinuxJail) Command(command []string) exec.Cmd {`
`192`	`192`	`return cmd`
`193`	`193`	`}`
`194`	`194`
`195`		`-func (l *LinuxJail) ConfigureAfterCommandExecution(pidInt int) {`
	`195`	`+func (l *LinuxJail) ConfigureAfterCommandExecution(pidInt int) error {`
`196`	`196`	`err := l.configureParentNetworkingStep2(pidInt)`
`197`	`197`	`if err != nil {`
`198`		`- fmt.Fprintf(os.Stderr, "failed setupParentNetworking: %v\n", err)`
`199`		`- os.Exit(1)`
	`198`	`+ return fmt.Errorf("failed to configure parent networking: %v", err)`
`200`	`199`	`}`
`201`	`200`
`202`	`201`	`err = l.configureIptables()`
`203`	`202`	`if err != nil {`
`204`		`- fmt.Fprintf(os.Stderr, "can't setup iptables: %v\n", err)`
`205`		`- os.Exit(1)`
	`203`	`+ return fmt.Errorf("failed to configure iptables: %v", err)`
`206`	`204`	`}`
	`205`	`+`
	`206`	`+ return nil`
`207`	`207`	`}`
`208`	`208`
`209`	`209`	`func (l *LinuxJail) GetNetworkConfiguration() NetworkConfiguration {`
`210`	`210`	`return NetworkConfiguration{`
`211`		`- VethNetJail: l.vethJailName,`
	`211`	`+ VethJailName: l.vethJailName,`
`212`	`212`	`}`
`213`	`213`	`}`
`214`	`214`
Original file line number	Diff line number	Diff line change
`@@ -341,7 +341,9 @@ func (n *MacOSJail) cleanupTempFiles() {`
`341`	`341`	`}`
`342`	`342`	`}`
`343`	`343`
`344`		`-func (u *MacOSJail) ConfigureAfterCommandExecution(processPID int) {}`
	`344`	`+func (u *MacOSJail) ConfigureAfterCommandExecution(processPID int) error {`
	`345`	`+ return nil`
	`346`	`+}`
`345`	`347`
`346`	`348`	`func (l *MacOSJail) GetNetworkConfiguration() NetworkConfiguration {`
`347`	`349`	`return NetworkConfiguration{}`
Original file line number	Diff line number	Diff line change
`@@ -61,7 +61,9 @@ func (u *Unprivileged) Close() error {`
`61`	`61`	`return nil`
`62`	`62`	`}`
`63`	`63`
`64`		`-func (u *Unprivileged) ConfigureAfterCommandExecution(processPID int) {}`
	`64`	`+func (u *Unprivileged) ConfigureAfterCommandExecution(processPID int) error {`
	`65`	`+ return nil`
	`66`	`+}`
`65`	`67`
`66`	`68`	`func (l *Unprivileged) GetNetworkConfiguration() NetworkConfiguration {`
`67`	`69`	`return NetworkConfiguration{}`