Implement Isolator interface in SystemdNSspawn and enhance Enter method

OminduD · OminduD · commit 38b4eaf739a4 · 2025-10-15T07:17:02.000+05:30
diff --git a/isolation/isolation.go b/isolation/isolation.go
@@ -1,11 +1,31 @@
 package isolation
 
-// Isolator defines the interface for entering a sandboxed environment.
-type Isolator interface {
-	// Enter runs a command within the isolated environment.
-	// 'name' is the machine name for the container.
-	// 'path' is the directory to use as the root filesystem.
-	// 'command' is the command to execute within the container. If empty,
-	// an interactive shell should be started.
-	Enter(name, path string, command ...string) error
+import (
+	"os"
+	"os/exec"
+)
+
+// SystemdNSspawn provides isolation using systemd-nspawn.
+type SystemdNSspawn struct{}
+
+// Enter uses systemd-nspawn to enter the sandbox environment. This implementation
+// now correctly matches the Isolator interface, accepting the 'path' argument.
+func (s *SystemdNSspawn) Enter(name, path string, command ...string) error {
+	// --directory points to the root filesystem for the container.
+	// --machine gives the container a unique, manageable name.
+	args := []string{"--directory", path, "--machine", name}
+
+	// If no command is provided, default to an interactive bash shell.
+	if len(command) == 0 {
+		command = []string{"/bin/bash"}
+	}
+	args = append(args, command...)
+
+	cmd := exec.Command("systemd-nspawn", args...)
+	cmd.Stdin = os.Stdin
+	cmd.Stdout = os.Stdout
+	cmd.Stderr = os.Stderr
+	cmd.Env = os.Environ()
+
+	return cmd.Run()
 }
