external/mailinabox
1
0
Fork 0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2026-03-14 17:27:23 +01:00
Code Issues Releases Wiki Activity

change from vagrant to lxd as the virtualization system

Browse Source
This commit is contained in:
downtownallday
2024-09-02 17:09:59 -04:00
parent a79a6c00eb
commit a1d6f67135
23 changed files with 1591 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

234
tests/bin/lx_functions.sh Normal file
View File

@@ -0,0 +1,234 @@
#!/bin/bash
#####
##### This file is part of Mail-in-a-Box-LDAP which is released under the
##### terms of the GNU Affero General Public License as published by the
##### Free Software Foundation, either version 3 of the License, or (at
##### your option) any later version. See file LICENSE or go to
##### https://github.com/downtownallday/mailinabox-ldap for full license
##### details.
#####
# source this file
lx_project_root_dir() {
local d="$PWD"
while [ ${#d} -gt 1 ]; do
if [ -e "$d/setup" ]; then
echo "$d"
return 0
fi
d="$(dirname "$d")"
done
return 1
}
lx_guess_project_name() {
local d
d="$(lx_project_root_dir)"
[ $? -ne 0 ] && return 1
if [ -e "$d/setup/redis.sh" ]; then
echo "ciab"
else
echo "miab"
fi
}
# get the interface with the default route (first one)
get_system_default_network_interface() {
ip route | awk '/^default/ {printf "%s", $5; exit 0}'
}
isa_bridge_interface() {
local interface="$1"
if ip --oneline link show type bridge | awk -F: '{print $2}' | grep -q "^ *$interface *\$"; then
echo "yes"
else
echo "no"
fi
}
isa_wifi_device() {
local interface="$1"
local type
type="$(nmcli d show "$interface" | awk '$1=="GENERAL.TYPE:" {print $2}')"
if [ "$type" = "wifi" ]; then
echo "yes"
else
echo "no"
fi
}
# delete an instance
lx_delete() {
local project="${1:-default}"
local inst="$2"
local interactive="${3:-interactive}"
local xargs=""
if [ "$interactive" = "interactive" ]; then
xargs="-i"
fi
# only delete instance if the instance exists
if [ "$(lxc --project "$project" list name="$inst" -c n -f csv)" = "$inst" ]; then
lxc --project "$project" delete "$inst" -f $xargs
fi
}
# create a virtual-machine instance and start it
lx_launch_vm() {
local project="${1:-default}"
local inst_name="$2"
lx_init_vm "$@" || return 1
lxc --project "$project" start "$inst_name" || return 1
}
# create a virtual-machine instance (stopped)
lx_init_vm() {
local project="${1:-default}"
local inst_name="$2"
local image="$3"
local mount_host="$4" # path that you want available in guest
local mount_guest="$5" # mountpoint in guest
shift; shift; shift; shift; shift;
# 1. this assumes that a bridge profile has been created called "bridgenet"
# 2. this assumes that storage named the same as project exists,
# e.g. "lxc storage create $project dir" was executed prior.
case "${@}" in
*bridgenet* )
echo "Using network 'bridgenet'"
lxc --project "$project" profile show bridgenet | sed 's/^/ /' || return 1
;;
esac
lxc --project "$project" init "$image" "$inst_name" --vm --storage "$project" "$@" || return 1
if [ ! -z "$mount_host" -a ! -z "$mount_guest" ]; then
echo "adding $mount_guest on $inst_name to refer to $mount_host on host as device '${project}root'"
if [ $EUID -ne 0 ]; then
# so that files created by root on the mount inside the
# guest have the permissions of the current host user and
# not root:root
# see: https://documentation.ubuntu.com/lxd/en/latest/userns-idmap/
local egid="$(id --group)"
local idmap="uid $EUID 0
gid $egid 0"
lxc --project "$project" config set "$inst_name" raw.idmap="$idmap"
fi
lxc --project "$project" config device add "$inst_name" "${project}root" disk source="$(realpath "$mount_host")" path="$mount_guest" || return 1
fi
}
lx_launch_vm_and_wait() {
local project="$1"
local inst="$2"
local base_image="$3"
local mount_project_root_to="$4"
shift; shift; shift; shift;
# Delete existing instance, if it exists
lx_delete "$project" "$inst" interactive || return 1
# Create the instance (started)
lx_launch_vm "$project" "$inst" "$base_image" "$(lx_project_root_dir)" "$mount_project_root_to" "$@" || return 1
lx_wait_for_boot "$project" "$inst" || return 1
}
lx_output_inst_list() {
# Pre-defined column shorthand chars:
# 4 - IPv4 address
# 6 - IPv6 address
# a - Architecture
# b - Storage pool
# c - Creation date
# d - Description
# D - disk usage
# e - Project name
# l - Last used date
# m - Memory usage
# M - Memory usage (%)
# n - Name
# N - Number of Processes
# p - PID of the instance's init process
# P - Profiles
# s - State
# S - Number of snapshots
# t - Type (persistent or ephemeral)
# u - CPU usage (in seconds)
# L - Location of the instance (e.g. its cluster member)
# f - Base Image Fingerprint (short)
# F - Base Image Fingerprint (long)
local project="$1"
local columns="${2:-ns46tSL}"
local format="${3:-table}" # csv|json|table|yaml|compact
lxc --project "$project" list -c "$columns" -f "$format"
}
lx_output_image_list() {
# Column shorthand chars:
# l - Shortest image alias (and optionally number of other aliases)
# L - Newline-separated list of all image aliases
# f - Fingerprint (short)
# F - Fingerprint (long)
# p - Whether image is public
# d - Description
# a - Architecture
# s - Size
# u - Upload date
# t - Type
local project="$1"
local columns="${2:-lfpdatsu}"
local format="${3:-table}" # csv|json|table|yaml|compact
lxc --project "$project" image list -c "$columns" -f "$format"
}
lx_wait_for_boot() {
local project="$1"
local inst="$2"
echo -n "Wait for boot "
while ! lxc --project "$project" exec "$inst" -- ls >/dev/null 2>&1; do
echo -n "."
sleep 1
done
echo ""
echo -n "Wait for cloud-init "
lxc --project "$project" exec "$inst" -- cloud-init status --wait
echo ""
}
lx_get_ssh_identity() {
local keydir="tests/assets/vm_keys"
if [ "$1" != "relative" ]; then
keydir="$(lx_project_root_dir)/$keydir"
fi
echo "$keydir/id_ed25519"
}
lx_get_ssh_known_hosts() {
local id="$(lx_get_ssh_identity)"
local known_hosts="$(dirname "$id")/known_hosts"
echo "$known_hosts"
}
lx_remove_known_host() {
local hostname="$1"
local known_hosts="$(lx_get_ssh_known_hosts)"
ssh-keygen -f "$known_hosts" -R "$hostname"
}
lx_create_ssh_identity() {
local id="$(lx_get_ssh_identity)"
if [ ! -e "$id" ]; then
mkdir -p "$(dirname "$id")"
ssh-keygen -f "$id" -C "vm key" -N "" -t ed25519
fi
}

209
tests/bin/lx_setup.sh Executable file
View File

@@ -0,0 +1,209 @@
#!/bin/bash
#####
##### This file is part of Mail-in-a-Box-LDAP which is released under the
##### terms of the GNU Affero General Public License as published by the
##### Free Software Foundation, either version 3 of the License, or (at
##### your option) any later version. See file LICENSE or go to
##### https://github.com/downtownallday/mailinabox-ldap for full license
##### details.
#####
#
# This script configures the system for virtulization by installing
# lxd, adding a host bridge, and configuring some firewall
# rules. Beware that the user running the script will be added to the
# 'sudo' group!
#
# The script can be run anytime, but usually only needs to be run
# once. Once successful, the lxd-based test vms can be run locally.
#
# Limitations:
#
# The host bridge only works with an ethernet interface. Wifi does not
# work, so you must be plugged in to run the vm tests.
#
# Docker cannot be installed alongside as LXD due to conflicts with
# Docker's iptables entries. More on this issue can be found here:
#
# https://github.com/docker/for-linux/issues/103
#
# https://documentation.ubuntu.com/lxd/en/latest/howto/network_bridge_firewalld/#prevent-connectivity-issues-with-lxd-and-docker
#
# Removal:
#
# Run the script with a single "-d" argument to back out the changes.
#
# Helpful tools:
#
# NetworkManager UI: nm-connection-editor
# NetworkManager cli: nmcli
#
D=$(dirname "$BASH_SOURCE")
. "$D/lx_functions.sh" || exit 1
project="$(lx_guess_project_name)"
bridge_yaml="/etc/netplan/51-lxd-bridge.yaml"
install_packages() {
sudo snap install lxd --channel=latest/stable
if [ $EUID -ne 0 ]; then
echo "Add $USER to the 'sudo' group (!!)"
sudo usermod -aG sudo $USER || exit 1
fi
}
remove_packages() {
# note: run 'snap remove --purge lxd' to nuke lxd images,
# otherwise they stay on the system
snap remove lxd
}
create_network_bridge() {
# Create network bridge (we'll bridge vms to the local network)
# On return, sets these variables:
# vm_bridge: to name of bridge interface
# get the interface with the default route (first one)
local default_network_interface="$(get_system_default_network_interface)"
local isa_bridge="$(isa_bridge_interface "$default_network_interface")"
local isa_wifi_device="$(isa_wifi_device "$default_network_interface")"
if [ "$isa_bridge" = "yes" ]; then
vm_bridge="$default_network_interface"
#out_iface="$(ip --oneline link show type bridge_slave | grep -F " $default_network_interface " | awk -F: '{print $2}')"
#out_iface="$default_network_interface"
else
echo "NO HOST BRIDGE FOUND!!! CREATING ONE."
if [ "$isa_wifi_device" = "yes" ]; then
echo "*********************************************************"
echo "UNSUPPORTED: Host bridging is not available with WIFI ! (interface $default_network_interface)"
echo "*********************************************************"
return 1
fi
echo "YOU WILL LOSE NETWORK CONNECTIVITY BRIEFLY"
echo "To remove the host bridge, delete $bridge_yaml, then run netplan apply, or run this script with '-u'"
vm_bridge="br-lxd0"
#out_iface="br-lxd0"
tmp="$(mktemp)"
sudo cat <<EOF > "$tmp"
network:
ethernets:
myeths:
match:
name: $default_network_interface
dhcp4: no
bridges:
$vm_bridge:
dhcp4: yes
interfaces: [ myeths ]
EOF
if [ -e "$bridge_yaml" ]; then
echo "Overwriting netplan $bridge_yaml"
else
echo "Adding netplan $bridge_yaml"
fi
sudo mv "$tmp" "$bridge_yaml" || return 1
sudo chown root:root "$bridge_yaml"
sudo chmod 600 "$bridge_yaml"
sudo netplan apply || return 1
fi
}
remove_network_bridge() {
if [ -e "$bridge_yaml" ]; then
sudo rm -f "$bridge_yaml" || return 1
sudo netplan apply || return 1
else
echo "OK: Bridge configuration does not exist ($bridge_yaml)"
fi
}
install_ufw_rules() {
local bridge="$1"
# per: https://documentation.ubuntu.com/lxd/en/latest/howto/network_bridge_firewalld/
sudo ufw allow in on "$bridge" comment 'for lxd'
sudo ufw route allow in on "$bridge" comment 'for lxd'
sudo ufw route allow out on "$bridge" comment 'for lxd'
if which docker >/dev/null; then
echo "WARNING: docker appears to be installed. Guest VM networking probably won't work as the docker iptables conflict with LXD (guest DHCP broadcasts are dropped)"
fi
}
remove_ufw_rules() {
# 2. Remove all old ufw rules
sudo ufw status numbered | grep -E '(for lxd|for multipass)' | cut -c2-3 | sort -nr |
while read n; do
echo 'y' | sudo ufw delete $n
done
}
create_lxd_project_and_pool() {
local bridge="$1"
# Create project and networking bridge profile. When an instance
# is initialized, include the 'bridgenet' profile (see
# lx_init_vm() in lx_functions.sh)
echo "Create lxd project '$project' with profile 'bridgenet'"
echo " bridge: $bridge"
lxc project create "$project" 2>/dev/null
lxc --project "$project" profile create bridgenet 2>/dev/null
cat <<EOF | lxc --project "$project" profile edit bridgenet
description: Bridged networking LXD profile
devices:
eth0:
name: eth0
nictype: bridged
parent: $bridge
type: nic
EOF
[ $? -ne 0 ] && return 1
# create lxd storage pool for project (our convention is that
# project and storage must have the same name)
if ! lxc storage list -f csv | grep -q "^$project,"; then
echo "Create storage pool for $project project"
lxc storage create "$project" dir || return 1
fi
}
if [ "$1" = "-u" ]; then
# uninstall
echo "Revert ufw rules"
remove_ufw_rules
echo "Remove packages"
remove_packages
echo "Remove network bridge"
remove_network_bridge
else
echo "Install packages"
install_packages || exit 1
echo "Revert ufw rules"
remove_ufw_rules || exit 1
echo "Create network bridge"
create_network_bridge || exit 1 # sets vm_bridge
echo "Install ufw rules"
install_ufw_rules "$vm_bridge" || exit 1
create_lxd_project_and_pool "$vm_bridge" || exit 1
lx_create_ssh_identity || exit 1
fi

58
tests/bin/lx_status.sh Executable file
View File

@@ -0,0 +1,58 @@
#!/bin/bash
#####
##### This file is part of Mail-in-a-Box-LDAP which is released under the
##### terms of the GNU Affero General Public License as published by the
##### Free Software Foundation, either version 3 of the License, or (at
##### your option) any later version. See file LICENSE or go to
##### https://github.com/downtownallday/mailinabox-ldap for full license
##### details.
#####
show() {
local project="$1"
local which=$2
if [ -z "$which" -o "$which" = "instances" ]; then
lxc --project "$project" list -c enfsd -f csv | sed "s/^/ /"
fi
if [ -z "$which" -o "$which" = "images" ]; then
lxc --project "$project" image list -c lfsd -f csv | sed "s/^/ $project,/"
fi
}
global="no"
if [ $# -gt 0 ]; then
projects=( "$@" )
else
global="yes"
projects=( $(lxc project list -f csv | awk -F, '{print $1}' | sed 's/ .*$//') )
fi
if [ "$global" = "yes" ]; then
echo "** projects"
idx=0
while [ $idx -lt ${#projects[*]} ]; do
echo " ${projects[$idx]}"
let idx+=1
done
else
echo "Project: ${projects[*]}"
fi
echo "** images"
idx=0
while [ $idx -lt ${#projects[*]} ]; do
project="${projects[$idx]}"
let idx+=1
show "$project" images $verbose
done
echo "** instances"
idx=0
while [ $idx -lt ${#projects[*]} ]; do
project="${projects[$idx]}"
let idx+=1
show "$project" instances $verbose
done

91
tests/bin/provision_functions.sh Normal file
View File

@@ -0,0 +1,91 @@
#####
##### This file is part of Mail-in-a-Box-LDAP which is released under the
##### terms of the GNU Affero General Public License as published by the
##### Free Software Foundation, either version 3 of the License, or (at
##### your option) any later version. See file LICENSE or go to
##### https://github.com/downtownallday/mailinabox-ldap for full license
##### details.
#####
# source this file
#
# requires: lx_functions.sh
#
. "$(dirname "$BASH_SOURCE")/../lib/misc.sh"
load_provision_defaults() {
#
# search from the current directory up for a file named
# ".provision_defaults"
#
if [ -z "$PROVISION_DEFAULTS_FILE" ]; then
PROVISION_DEFAULTS_FILE="$(pwd)/.provision_defaults"
while [ "$PROVISION_DEFAULTS_FILE" != "/.provision_defaults" ]; do
[ -e "$PROVISION_DEFAULTS_FILE" ] && break
PROVISION_DEFAULTS_FILE="$(realpath -m "$PROVISION_DEFAULTS_FILE/../..")/.provision_defaults"
done
source "$PROVISION_DEFAULTS_FILE" || return 1
fi
if [ ! -e "$PROVISION_DEFAULTS_FILE" ]; then
return 1
fi
}
provision_start() {
load_provision_defaults || return 1
local base_image="${1:-$DEFAULT_LXD_IMAGE}"
local guest_mount_path="$2"
shift; shift
local opts=( "$@" )
if [ ${#opts[@]} -eq 0 ]; then
opts=( "${DEFAULT_LXD_INST_OPTS[@]}" )
fi
# set these globals
project="$(lx_guess_project_name)"
inst="$(basename "$PWD")"
provision_start_s="$(date +%s)"
echo "Creating instance '$inst' from image $base_image (${opts[@]})"
lx_launch_vm_and_wait \
"$project" "$inst" "$base_image" "$guest_mount_path" \
"${opts[@]}" \
|| return 1
}
provision_shell() {
# provision_start must have been called first!
local remote_path="/tmp/provision.sh"
local lxc_flags="--uid 0 --gid 0 --mode 755 --create-dirs"
if [ ! -z "$1" ]; then
lxc --project "$project" file push "$1" "${inst}${remote_path}" $lxc_flags || return 1
else
local tmp=$(mktemp)
echo "#!/bin/sh" >"$tmp"
cat >>"$tmp"
lxc --project "$project" file push "$tmp" "${inst}${remote_path}" $lxc_flags || return 1
rm -f "$tmp"
fi
lxc --project "$project" exec "$inst" --cwd / --env PROVISION=true \
-- "$remote_path"
}
provision_done() {
local rc="${1:-0}"
echo "Elapsed: $(elapsed_pretty "$provision_start_s" "$(date +%s)")"
if [ $rc -ne 0 ]; then
echo "Failed with code $rc"
return 1
else
echo "Success!"
return 0
fi
}

258
tests/bin/vlx Executable file
View File

@@ -0,0 +1,258 @@
#!/bin/bash
#####
##### This file is part of Mail-in-a-Box-LDAP which is released under the
##### terms of the GNU Affero General Public License as published by the
##### Free Software Foundation, either version 3 of the License, or (at
##### your option) any later version. See file LICENSE or go to
##### https://github.com/downtownallday/mailinabox-ldap for full license
##### details.
#####
# This is a helper script to make it easier to interact with lxd by
# calling lxc with arguments derived from conventions we've developed
# in this project.
#
# Those conventions are:
#
# 1. the project name is derived from the working directory. You
# must be anywhere in the source tree. "ciab" for cloudinabox and
# "miab" for mailinabox
#
# 2. the instance name is derived from the base name of the current
# working directory. this means that each instance must have it's
# own directory and have a script within it called "provision.sh"
# that creates the instance.
#
# Run the script with no arguments to see a list of commands.
#
# It's helpful to create a command alias. eg. in bash:
#
# alias vlx="/path/to/tests/bin/vlx"
#
# Add it to your ~/bash_aliases file to make it available for new
# terminal windows.
#
D=$(dirname "$BASH_SOURCE")
. "$D/lx_functions.sh" || exit 1
vlx_guess() {
if [ $# -eq 2 ]; then
LX_PROJECT="$1"
LX_INST="$2"
elif [ $# -eq 1 ]; then
LX_PROJECT="$(lx_guess_project_name)"
LX_INST="$1"
elif [ $# -eq 0 ]; then
LX_PROJECT="$(lx_guess_project_name)"
LX_INST="$(basename "$PWD")"
else
echo "Invalid number of arguments"
return 1
fi
}
vlx_exec_usage() {
echo "Usage: vlx exec <project> <inst> [<cwd>] -- cmd ..."
echo " or: vlx exec <inst> [<cwd>] -- cmd ..."
echo " or: vlx exec <cwd> -- cmd ..."
echo " or: vlx exec cmd ..."
}
vlx_exec() {
# args
# format 1: project inst [cwd] -- cmd ...
# format 2: inst [cwd] -- cmd ...
# format 3: <cwd> -- cmd ...
# format 4: cmd ...
if [ $# -eq 0 ]; then
vlx_exec_usage
return 1
fi
local args=( "$@" )
local idx=0
while [ $idx -le 3 -a $idx -lt ${#args[*]} ]; do
[ "${args[$idx]}" = "--" ] && break
let idx+=1
done
local wd=""
if [ "${args[$idx]}" = "--" ]; then
if [ $idx -eq 3 ]; then
# format 1 with cwd
echo "f1"
wd="$3"
vlx_guess "$1" "$2" || return 1
shift; shift; shift; shift;
elif [ $idx -eq 2 ]; then
# format 1 w/o cwd or 2
if [ "${2#/}" != "$2" ]; then
# wd starts with /, so it's a path
# format 2
echo "f2"
wd="$2"
vlx_guess "" "$1" || return 1
else
# format 1 w/o cwd
echo "f1 w/o cwd"
vlx_guess "$1" "$2" || return 1
fi
shift; shift; shift;
elif [ $idx -eq 1 ]; then
# format 2 w/o cwd or 3
if [ "${1#/}" != "$1" ]; then
# wd starts with /, so it's a path
# format 3
echo "f3"
wd="$1"
vlx_guess || return 1
else
# format 2 w/o cwd
echo "f2 w/o cwd"
vlx_guess "$1" || return 1
fi
shift; shift;
elif [ $idx -eq 0 ]; then
# command line "-- cmd ...", just ignore the leading --
shift;
fi
else
# format 4
echo "f4"
vlx_guess || return 1
fi
local xargs=""
if [ ! -z "$wd" ]; then
xargs="--cwd $wd"
fi
echo lxc --project "$LX_PROJECT" exec "$LX_INST" $xargs -- "$@"
lxc --project "$LX_PROJECT" exec "$LX_INST" $xargs -- "$@"
}
vlx_shell() {
vlx_guess "$@" || return 1
echo lxc --project "$LX_PROJECT" exec "$LX_INST" -- bash
lxc --project "$LX_PROJECT" exec "$LX_INST" -- bash
}
vlx_hostname() {
vlx_guess "$@" || return 1
local host
lxc --project "$LX_PROJECT" exec "$LX_INST" -- /usr/bin/hostname --fqdn || return 1
}
vlx_ssh() {
local host="$1"
if [ -z "$host" ]; then
host="$(vlx_hostname)"
if [ $? -ne 0 ]; then
echo "Could not determine hostname, please specify"
host=""
fi
if [ -z "$host" ]; then
echo "usage: vlx ssh <vm-hostname>"
return 1
fi
fi
local id="$(lx_get_ssh_identity)"
local known_hosts="$(lx_get_ssh_known_hosts)"
local vmuser="vmuser"
#echo ssh -i "$id" -o UserKnownHostsFile="$known_hosts" -o StrictHostKeyChecking=no "$vmuser@$host"
echo "Connecting to $vmuser@$host ..."
ssh -i "$id" -o UserKnownHostsFile="$known_hosts" -o StrictHostKeyChecking=no "$vmuser@$host"
}
vlx_list() {
vlx_guess "$1" || return 1
echo lxc --project "$LX_PROJECT" list
lxc --project "$LX_PROJECT" list
}
vlx_images() {
vlx_guess "$1" || return 1
echo lxc --project "$LX_PROJECT" image list
lxc --project "$LX_PROJECT" image list
}
vlx_up() {
if [ -x "./provision.sh" ] ; then
echo "Provision"
./provision.sh "$@" || return 1
else
echo "UP failed: ./provision.sh does not exist or is not executable"
return 1
fi
}
vlx_start() {
vlx_guess "$@" || return 1
echo lxc --project "$LX_PROJECT" start "$LX_INST"
lxc --project "$LX_PROJECT" start "$LX_INST"
}
vlx_stop() {
vlx_guess "$@" || return 1
echo lxc --project "$LX_PROJECT" stop "$LX_INST"
lxc --project "$LX_PROJECT" stop "$LX_INST"
}
vlx_delete() {
vlx_guess "$@" || return 1
echo lxc --project "$LX_PROJECT" delete --force --interactive "$LX_INST"
lxc --project "$LX_PROJECT" delete --force --interactive "$LX_INST"
}
vlx_destroy() {
vlx_delete "$@"
}
vlx_status() {
if [ $# -eq 0 ]; then
vlx_guess || return 1
"$D/lx_status.sh" "$LX_PROJECT"
elif [ "$1" = "-g" ]; then
"$D/lx_status.sh"
else
"$D/lx_status.sh" "$@"
fi
}
usage() {
echo "Usage:"
echo "vlx <command> [<arg> ...]"
echo "commands:"
echo " exec <working-directoy> -- command [arg ...]"
echo " exec command [arg ...]"
echo " shell"
echo " ssh"
echo " hostname"
echo " list"
echo " images"
echo " up"
echo " start"
echo " stop"
echo " delete|destroy"
echo " status"
}
if [ $# -eq 0 ]; then
usage
exit 1
fi
cmd="$1"
handler="vlx_$1"
shift
if [ ! "$(type -t $handler)" = "function" ]; then
echo "Unknown command: $cmd"
exit 1
fi
$handler "$@"