]>
Commit | Line | Data |
---|---|---|
eb67e449 VK |
1 | /* |
2 | * namespace.c | |
3 | * | |
4 | * This program is free software; you can redistribute it and/or | |
5 | * modify it under the terms of the GNU General Public License | |
6 | * as published by the Free Software Foundation; either version | |
7 | * 2 of the License, or (at your option) any later version. | |
8 | */ | |
9 | ||
8f080702 | 10 | #include <sys/statvfs.h> |
eb67e449 VK |
11 | #include <fcntl.h> |
12 | #include <dirent.h> | |
ea343669 | 13 | #include <limits.h> |
eb67e449 VK |
14 | |
15 | #include "utils.h" | |
16 | #include "namespace.h" | |
17 | ||
18 | static void bind_etc(const char *name) | |
19 | { | |
89e3c36b | 20 | char etc_netns_path[sizeof(NETNS_ETC_DIR) + NAME_MAX]; |
ea343669 FJ |
21 | char netns_name[PATH_MAX]; |
22 | char etc_name[PATH_MAX]; | |
eb67e449 VK |
23 | struct dirent *entry; |
24 | DIR *dir; | |
25 | ||
89e3c36b SH |
26 | if (strlen(name) >= NAME_MAX) |
27 | return; | |
28 | ||
eb67e449 VK |
29 | snprintf(etc_netns_path, sizeof(etc_netns_path), "%s/%s", NETNS_ETC_DIR, name); |
30 | dir = opendir(etc_netns_path); | |
31 | if (!dir) | |
32 | return; | |
33 | ||
34 | while ((entry = readdir(dir)) != NULL) { | |
35 | if (strcmp(entry->d_name, ".") == 0) | |
36 | continue; | |
37 | if (strcmp(entry->d_name, "..") == 0) | |
38 | continue; | |
39 | snprintf(netns_name, sizeof(netns_name), "%s/%s", etc_netns_path, entry->d_name); | |
40 | snprintf(etc_name, sizeof(etc_name), "/etc/%s", entry->d_name); | |
41 | if (mount(netns_name, etc_name, "none", MS_BIND, NULL) < 0) { | |
42 | fprintf(stderr, "Bind %s -> %s failed: %s\n", | |
43 | netns_name, etc_name, strerror(errno)); | |
44 | } | |
45 | } | |
46 | closedir(dir); | |
47 | } | |
48 | ||
49 | int netns_switch(char *name) | |
50 | { | |
ea343669 | 51 | char net_path[PATH_MAX]; |
eb67e449 | 52 | int netns; |
8f080702 LR |
53 | unsigned long mountflags = 0; |
54 | struct statvfs fsstat; | |
eb67e449 VK |
55 | |
56 | snprintf(net_path, sizeof(net_path), "%s/%s", NETNS_RUN_DIR, name); | |
57 | netns = open(net_path, O_RDONLY | O_CLOEXEC); | |
58 | if (netns < 0) { | |
59 | fprintf(stderr, "Cannot open network namespace \"%s\": %s\n", | |
60 | name, strerror(errno)); | |
61 | return -1; | |
62 | } | |
63 | ||
64 | if (setns(netns, CLONE_NEWNET) < 0) { | |
65 | fprintf(stderr, "setting the network namespace \"%s\" failed: %s\n", | |
66 | name, strerror(errno)); | |
9e5ba07f PS |
67 | close(netns); |
68 | return -1; | |
eb67e449 | 69 | } |
9e5ba07f | 70 | close(netns); |
eb67e449 VK |
71 | |
72 | if (unshare(CLONE_NEWNS) < 0) { | |
73 | fprintf(stderr, "unshare failed: %s\n", strerror(errno)); | |
9e5ba07f | 74 | return -1; |
eb67e449 VK |
75 | } |
76 | /* Don't let any mounts propagate back to the parent */ | |
77 | if (mount("", "/", "none", MS_SLAVE | MS_REC, NULL)) { | |
78 | fprintf(stderr, "\"mount --make-rslave /\" failed: %s\n", | |
79 | strerror(errno)); | |
9e5ba07f | 80 | return -1; |
eb67e449 | 81 | } |
8f080702 | 82 | |
eb67e449 | 83 | /* Mount a version of /sys that describes the network namespace */ |
8f080702 | 84 | |
3655f788 LR |
85 | if (umount2("/sys", MNT_DETACH) < 0) { |
86 | /* If this fails, perhaps there wasn't a sysfs instance mounted. Good. */ | |
87 | if (statvfs("/sys", &fsstat) == 0) { | |
88 | /* We couldn't umount the sysfs, we'll attempt to overlay it. | |
89 | * A read-only instance can't be shadowed with a read-write one. */ | |
90 | if (fsstat.f_flag & ST_RDONLY) | |
91 | mountflags = MS_RDONLY; | |
8f080702 LR |
92 | } |
93 | } | |
94 | if (mount(name, "/sys", "sysfs", mountflags, NULL) < 0) { | |
eb67e449 | 95 | fprintf(stderr, "mount of /sys failed: %s\n",strerror(errno)); |
9e5ba07f | 96 | return -1; |
eb67e449 VK |
97 | } |
98 | ||
99 | /* Setup bind mounts for config files in /etc */ | |
100 | bind_etc(name); | |
101 | return 0; | |
102 | } | |
c3087c10 VK |
103 | |
104 | int netns_get_fd(const char *name) | |
105 | { | |
ea343669 | 106 | char pathbuf[PATH_MAX]; |
c3087c10 VK |
107 | const char *path, *ptr; |
108 | ||
109 | path = name; | |
110 | ptr = strchr(name, '/'); | |
111 | if (!ptr) { | |
112 | snprintf(pathbuf, sizeof(pathbuf), "%s/%s", | |
113 | NETNS_RUN_DIR, name ); | |
114 | path = pathbuf; | |
115 | } | |
116 | return open(path, O_RDONLY); | |
117 | } | |
e998e118 VK |
118 | |
119 | int netns_foreach(int (*func)(char *nsname, void *arg), void *arg) | |
120 | { | |
121 | DIR *dir; | |
122 | struct dirent *entry; | |
123 | ||
124 | dir = opendir(NETNS_RUN_DIR); | |
125 | if (!dir) | |
126 | return -1; | |
127 | ||
128 | while ((entry = readdir(dir)) != NULL) { | |
129 | if (strcmp(entry->d_name, ".") == 0) | |
130 | continue; | |
131 | if (strcmp(entry->d_name, "..") == 0) | |
132 | continue; | |
133 | if (func(entry->d_name, arg)) | |
134 | break; | |
135 | } | |
136 | ||
137 | closedir(dir); | |
138 | return 0; | |
139 | } |