Start a privileged muvm-server

Being able to run commands as root comes handy to debug the guest and
will also be used to tune the virtual memory parameters on demand.

Signed-off-by: Sergio Lopez <[email protected]>

Author: slp

crates/muvm/src/bin/muvm.rs

@@ -254,7 +254,7 @@ fn main() -> Result<()> {
                 .context("Failed to connect to `passt`")?
                 .into()
         } else {
-            start_passt(options.server_port)
+            start_passt(options.server_port, options.root_server_port)
                 .context("Failed to start `passt`")?
                 .into()
         };
@@ -375,6 +375,10 @@ fn main() -> Result<()> {
         "MUVM_SERVER_PORT".to_owned(),
         options.server_port.to_string(),
     );
+    env.insert(
+        "MUVM_ROOT_SERVER_PORT".to_owned(),
+        options.root_server_port.to_string(),
+    );
     env.insert("MUVM_SERVER_COOKIE".to_owned(), cookie.to_string());
 
     if options.direct_x11 {

crates/muvm/src/cli_options.rs

@@ -13,6 +13,7 @@ pub struct Options {
     pub mem: Option<MiB>,
     pub vram: Option<MiB>,
     pub passt_socket: Option<PathBuf>,
+    pub root_server_port: u32,
     pub server_port: u32,
     pub fex_images: Vec<String>,
     pub direct_x11: bool,
@@ -93,6 +94,12 @@ pub fn options() -> OptionParser<Options> {
         .help("Instead of starting passt, connect to passt socket at PATH")
         .argument("PATH")
         .optional();
+    let root_server_port = long("root-server-port")
+        .short('r')
+        .help("Set the port to be used in root server mode")
+        .argument("ROOT_SERVER_PORT")
+        .fallback(3335)
+        .display_fallback();
     let server_port = long("server-port")
         .short('p')
         .help("Set the port to be used in server mode")
@@ -117,6 +124,7 @@ pub fn options() -> OptionParser<Options> {
         mem,
         vram,
         passt_socket,
+        root_server_port,
         server_port,
         fex_images,
         direct_x11,

crates/muvm/src/guest/bin/muvm-guest.rs

@@ -62,6 +62,12 @@ fn main() -> Result<()> {
             .spawn()?;
     }
 
+    // Before switching to the user, start another instance of muvm-server to serve
+    // launch requests as root.
+    Command::new("muvm-server")
+        .spawn()
+        .context("Failed to execute `muvm-server` as child process")?;
+
     let run_path = match setup_user(options.username, options.uid, options.gid) {
         Ok(p) => p,
         Err(err) => return Err(err).context("Failed to set up user, bailing out"),

crates/muvm/src/net.rs

@@ -14,7 +14,7 @@ where
     Ok(UnixStream::connect(passt_socket_path)?)
 }
 
-pub fn start_passt(server_port: u32) -> Result<UnixStream> {
+pub fn start_passt(server_port: u32, root_server_port: u32) -> Result<UnixStream> {
     // SAFETY: The child process should not inherit the file descriptor of
     // `parent_socket`. There is no documented guarantee of this, but the
     // implementation as of writing atomically sets `SOCK_CLOEXEC`.
@@ -40,7 +40,9 @@ pub fn start_passt(server_port: u32) -> Result<UnixStream> {
     // See https://doc.rust-lang.org/std/io/index.html#io-safety
     let child = Command::new("passt")
         .args(["-q", "-f", "-t"])
-        .arg(format!("{server_port}:{server_port}"))
+        .arg(format!(
+            "{server_port}:{server_port},{root_server_port}:{root_server_port}"
+        ))
         .arg("--fd")
         .arg(format!("{}", child_fd.into_raw_fd()))
         .spawn();

crates/muvm/src/server/bin/muvm-server.rs

@@ -1,10 +1,12 @@
 use std::env;
 use std::os::unix::process::ExitStatusExt as _;
+use std::path::PathBuf;
 
 use anyhow::{Context, Result};
 use log::error;
 use muvm::server::cli_options::options;
 use muvm::server::worker::{State, Worker};
+use nix::unistd::geteuid;
 use tokio::net::TcpListener;
 use tokio::process::Command;
 use tokio::sync::watch;
@@ -23,19 +25,33 @@ fn main() -> Result<()> {
 async fn tokio_main(cookie: String) -> Result<()> {
     env_logger::init();
 
-    let options = options().run();
     let cookie = Uuid::try_parse(&cookie).context("Couldn't parse cookie as UUID v7")?;
+    let uid: u32 = geteuid().into();
 
-    let listener = TcpListener::bind(format!("0.0.0.0:{}", options.server_port)).await?;
+    let (server_port, command, command_args) = if uid == 0 {
+        let server_port = if let Ok(server_port) = env::var("MUVM_ROOT_SERVER_PORT") {
+            server_port.parse()?
+        } else {
+            3335
+        };
+        (
+            server_port,
+            PathBuf::from("/bin/sleep"),
+            vec!["inf".to_string()],
+        )
+    } else {
+        let options = options().run();
+        (options.server_port, options.command, options.command_args)
+    };
+
+    let listener = TcpListener::bind(format!("0.0.0.0:{}", server_port)).await?;
     let (state_tx, state_rx) = watch::channel(State::new());
 
     let mut worker_handle = tokio::spawn(async move {
         let mut worker = Worker::new(cookie, listener, state_tx);
         worker.run().await;
     });
-    let command_status = Command::new(&options.command)
-        .args(options.command_args)
-        .status();
+    let command_status = Command::new(&command).args(command_args).status();
     tokio::pin!(command_status);
     let mut state_rx = WatchStream::new(state_rx);
 
@@ -63,12 +79,12 @@ async fn tokio_main(cookie: String) -> Result<()> {
                             if let Some(code) = status.code() {
                                 eprintln!(
                                     "{:?} process exited with status code: {code}",
-                                    options.command
+                                    command
                                 );
                             } else {
                                 eprintln!(
                                     "{:?} process terminated by signal: {}",
-                                    options.command,
+                                    command,
                                     status
                                         .signal()
                                         .expect("either one of status code or signal should be set")
@@ -79,7 +95,7 @@ async fn tokio_main(cookie: String) -> Result<()> {
                     Err(err) => {
                         eprintln!(
                             "Failed to execute {:?} as child process: {err}",
-                            options.command
+                            command
                         );
                     },
                 }