From ae5201c54d8df3caac6054598cfd7b77979d212e Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Tue, 16 Aug 2022 14:02:29 +0000
Subject: [PATCH] jail: Give a random UUID and use it for the cgroup

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 src/libpakfire/jail.c | 22 ++++++++++++++++++++--
 1 file changed, 20 insertions(+), 2 deletions(-)

diff --git a/src/libpakfire/jail.c b/src/libpakfire/jail.c
index 3591c354d..97decaa92 100644
--- a/src/libpakfire/jail.c
+++ b/src/libpakfire/jail.c
@@ -39,6 +39,9 @@
 // libseccomp
 #include <seccomp.h>
 
+// libuuid
+#include <uuid.h>
+
 #include <pakfire/arch.h>
 #include <pakfire/cgroup.h>
 #include <pakfire/jail.h>
@@ -67,6 +70,10 @@ struct pakfire_jail {
 	struct pakfire* pakfire;
 	int nrefs;
 
+	// A unique ID for each jail
+	uuid_t uuid;
+	char __uuid[UUID_STR_LEN];
+
 	// Flags
 	int flags;
 
@@ -211,6 +218,9 @@ PAKFIRE_EXPORT int pakfire_jail_create(struct pakfire_jail** jail,
 	// Store flags
 	j->flags = flags;
 
+	// Generate a random UUID
+	uuid_generate_random(j->uuid);
+
 	DEBUG(j->pakfire, "Allocated new jail at %p\n", j);
 
 	// Set default log callback
@@ -260,6 +270,13 @@ static int pakfire_jail_has_flag(struct pakfire_jail* jail, int flag) {
 	return jail->flags & flag;
 }
 
+static const char* pakfire_jail_uuid(struct pakfire_jail* jail) {
+	if (*jail->__uuid)
+		uuid_unparse_lower(jail->uuid, jail->__uuid);
+
+	return jail->__uuid;
+}
+
 // Resource Limits
 
 PAKFIRE_EXPORT int pakfire_jail_nice(struct pakfire_jail* jail, int nice) {
@@ -1302,10 +1319,11 @@ static int __pakfire_jail_exec(struct pakfire_jail* jail, const char* argv[]) {
 	if (jail->cgroup) {
 		args.flags |= CLONE_INTO_CGROUP;
 
-#warning TODO randomize the name
+		// Fetch our UUID
+		const char* uuid = pakfire_jail_uuid(jail);
 
 		// Create a temporary cgroup
-		r = pakfire_cgroup_child(&ctx.cgroup, jail->cgroup, "jail", 0);
+		r = pakfire_cgroup_child(&ctx.cgroup, jail->cgroup, uuid, 0);
 		if (r) {
 			ERROR(jail->pakfire, "Could not create cgroup for jail: %m\n");
 			goto ERROR;
-- 
2.47.3