+static inline int
+jail_run(struct service_instance *in, char **argv)
+{
+ struct blobmsg_list_node *var;
+ struct jail *jail = &in->jail;
+ int argc = 0;
+
+ argv[argc++] = "/sbin/ujail";
+
+ if (jail->name) {
+ argv[argc++] = "-n";
+ argv[argc++] = jail->name;
+ }
+
+ if (jail->hostname) {
+ argv[argc++] = "-h";
+ argv[argc++] = jail->hostname;
+ }
+
+ if (in->seccomp) {
+ argv[argc++] = "-S";
+ argv[argc++] = in->seccomp;
+ }
+
+ if (in->no_new_privs)
+ argv[argc++] = "-c";
+
+ if (jail->procfs)
+ argv[argc++] = "-p";
+
+ if (jail->sysfs)
+ argv[argc++] = "-s";
+
+ if (jail->ubus)
+ argv[argc++] = "-u";
+
+ if (jail->log)
+ argv[argc++] = "-l";
+
+ if (jail->ronly)
+ argv[argc++] = "-o";
+
+ blobmsg_list_for_each(&jail->mount, var) {
+ const char *type = blobmsg_data(var->data);
+
+ if (*type == '1')
+ argv[argc++] = "-w";
+ else
+ argv[argc++] = "-r";
+ argv[argc++] = (char *) blobmsg_name(var->data);
+ }
+
+ argv[argc++] = "--";
+
+ return argc;
+}
+
+static int
+instance_removepid(struct service_instance *in) {
+ if (!in->pidfile)
+ return 0;
+ if (unlink(in->pidfile)) {
+ ERROR("Failed to removed pidfile: %s: %d - %s\n",
+ in->pidfile, errno, strerror(errno));
+ return 1;
+ }
+ return 0;
+}
+
+static int
+instance_writepid(struct service_instance *in)
+{
+ FILE *_pidfile;
+
+ if (!in->pidfile) {
+ return 0;
+ }
+ _pidfile = fopen(in->pidfile, "w");
+ if (_pidfile == NULL) {
+ ERROR("failed to open pidfile for writing: %s: %d (%s)",
+ in->pidfile, errno, strerror(errno));
+ return 1;
+ }
+ if (fprintf(_pidfile, "%d\n", in->proc.pid) < 0) {
+ ERROR("failed to write pidfile: %s: %d (%s)",
+ in->pidfile, errno, strerror(errno));
+ return 2;
+ }
+ if (fclose(_pidfile)) {
+ ERROR("failed to close pidfile: %s: %d (%s)",
+ in->pidfile, errno, strerror(errno));
+ return 3;
+ }
+
+ return 0;
+}
+