#!/usr/bin/env python3
# Copyright (c) 2023 Arista Networks, Inc.  All rights reserved.
# Arista Networks, Inc. Confidential and Proprietary.

import Tac
import sys

vrfName = sys.argv[ 1 ]
cmd = sys.argv[ 2 ]

origDir = f'/etc/sswan/vrf/VRF-{vrfName}'
out = Tac.run( [ 'ls', '-d', origDir ],
               stdout=Tac.CAPTURE,
               stderr=Tac.CAPTURE,
               ignoreReturnCode=True,
               asRoot=True )
if not out or out.split( '\n', maxsplit=1 )[ 0 ] != origDir:
   sys.exit( 1 )
if vrfName != 'default':
   cmd = f'ip netns exec ns-{vrfName} {cmd}'
mntCmd = f'mount -B /etc/sswan/vrf/VRF-{vrfName} /etc/strongswan;{cmd}'
Tac.run( [ 'unshare', '-m', '--',
           'sh', '--norc', '-c', mntCmd ],
           asRoot=True )
