From 8f9930406242199d19d0357072d7e2d543cbe3ba Mon Sep 17 00:00:00 2001
From: "B. Blechschmidt" <git@blechschmidt.io>
Date: Mon, 15 Jul 2024 11:57:11 +0200
Subject: [PATCH] Use slirpnetstack by default

---
 install.sh        | 21 ++++++++++++++++-----
 pallium/cmd.py    |  8 ++++----
 tests/test_cli.py | 22 +++++++++++++++++++---
 3 files changed, 39 insertions(+), 12 deletions(-)

diff --git a/install.sh b/install.sh
index 1ede2e8..0087dab 100755
--- a/install.sh
+++ b/install.sh
@@ -30,6 +30,7 @@ while true; do
 done
 
 contains() { case "$1" in *"$2"*) true ;; *) false ;; esac }
+
 # shellcheck disable=SC2039
 is_root() { [ "${EUID:-$(id -u)}" -eq 0 ]; }
 
@@ -256,9 +257,21 @@ install_slirp4netns() {
   test $? -eq 0 || install_pkg slirp4netns
 }
 
+install_slirpnetstack() {
+  command -v slirpnetstack >/dev/null 2>&1
+  { test $? -eq 0 || test -f /usr/local/bin/slirpnetstack; } && return
+  get_goarch
+  SUFFIX="$RESULT"
+  URL=https://github.com/tun2proxy/slirpnetstack/releases/latest/download/slirpnetstack-linux-"$SUFFIX"
+
+  ask_continue "$URL will be downloaded and extracted to /usr/local/bin/."
+  curl -L "$URL" > /usr/local/bin/slirpnetstack
+  chmod 755 /usr/local/bin/slirpnetstack
+}
+
 install_tun2socks() {
   command -v tun2socks >/dev/null 2>&1
-  { test $? -eq 0 || test -f /usr/bin/tun2socks; } && return
+  { test $? -eq 0 || test -f /usr/local/bin/tun2socks; } && return
   get_goarch
   SUFFIX="$RESULT"
   test "$SUFFIX" = "arm" && SUFFIX=armv5
@@ -273,9 +286,7 @@ install_tun2socks() {
   install_unzip
   unzip -d "$TMP" "$TMP/tun2socks.zip" tun2socks-linux-"$SUFFIX"
   install -m 0755 "$TMP/tun2socks-linux-$SUFFIX" /usr/local/bin/tun2socks
-  rm "$TMP/tun2socks.zip"
-  rm "$TMP/tun2socks-linux-$SUFFIX"
-  rmdir "$TMP"
+  rm -r "$TMP"
 }
 
 install_gvisor() {
@@ -309,6 +320,6 @@ test "$DEPENDENCIES_ONLY" = "1" || {
 test "$NO_DEPENDENCIES" != "1" && {
   install_tor
   install_tun2socks
-  install_slirp4netns
+  install_slirpnetstack
   install_gvisor
 }
diff --git a/pallium/cmd.py b/pallium/cmd.py
index d9f562e..61d9ddf 100644
--- a/pallium/cmd.py
+++ b/pallium/cmd.py
@@ -104,12 +104,12 @@ def parse_path(path: str, session: int, sandbox_name: typing.Optional[str] = Non
         split = path.split(':', maxsplit=1)
         if '/' in split[0]:  # The part before the colon is not a sandbox name.
             return path
-        config = os.path.join(runtime.PROFILE_DIR, split[0] + '.json')
-        profile = Profile.from_file(config)
+        config_path = get_config_path(split[0])
+        profile = Profile.from_file(config_path)
         path = split[1]
     else:
-        profile = Profile.from_file(sandbox_name)
-        path = path
+        config_path = get_config_path(sandbox_name)
+        profile = Profile.from_file(config_path)
     session = profile.get_session(session)
     pid = session.sandbox_pid
     return '/proc/%d/root' % pid + path
diff --git a/tests/test_cli.py b/tests/test_cli.py
index 30419df..6ff4f1d 100644
--- a/tests/test_cli.py
+++ b/tests/test_cli.py
@@ -1,5 +1,7 @@
+import fcntl
 import json
 import os
+import select
 import socket
 import subprocess
 import tempfile
@@ -71,7 +73,17 @@ def close(self):
             self.tempfile = None
 
     def wait_for_startup(self):
-        os.read(self.read_fd, 1)
+        flag = fcntl.fcntl(self.read_fd, fcntl.F_GETFL)
+        fcntl.fcntl(self.read_fd, fcntl.F_SETFL, flag | os.O_NONBLOCK)
+        while True:
+            rlist, _, _ = select.select([self.read_fd], [], [], 0.3)
+            if len(rlist) > 0:
+                os.read(self.read_fd, 1)
+                break
+            exit_code = self.process.poll()
+            if exit_code is not None and exit_code != 0:
+                raise Exception('Pallium terminated with a non-zero exit code (%d) '
+                                'and did not write to the PID file' % exit_code)
 
     def exec(self, command, stripped=True):
         return pallium_exec_profile_path(self.profile_path, command, stripped).decode()
@@ -123,6 +135,10 @@ def test_mv(self):
             exec_result = session.exec(['cat', '/home/johndoe/hello.txt'])
             assert exec_result == 'hello world'
 
+            subprocess.call(['pallium', 'mv', '/home/johndoe/hello.txt', tmp.name, '--from', session.profile_path])
+            with open(tmp.name, 'r') as f:
+                assert f.read() == 'hello world'
+
     def test_port_forwarding(self):
         profile = {
             'network': {
@@ -148,10 +164,10 @@ def test_port_forwarding(self):
             sock.connect(('127.0.0.1', 1337))
             sock.sendall(b'hello world\n')
             sock.close()
-            nc.wait(30)
+            nc.wait(5)
             with open(tmp.name, 'r') as f:
                 assert f.read().strip() == 'hello world'
 
 
 if __name__ == '__main__':
-    unittest.main()
+    unittest.main(module='test_cli')