]>
Commit | Line | Data |
---|---|---|
e0732705 CS |
1 | /* |
2 | * lxc: linux Container library | |
3 | * | |
4 | * (C) Copyright IBM Corp. 2007, 2008 | |
5 | * | |
6 | * Authors: | |
9afe19d6 | 7 | * Daniel Lezcano <daniel.lezcano at free.fr> |
e0732705 CS |
8 | * |
9 | * This library is free software; you can redistribute it and/or | |
10 | * modify it under the terms of the GNU Lesser General Public | |
11 | * License as published by the Free Software Foundation; either | |
12 | * version 2.1 of the License, or (at your option) any later version. | |
13 | * | |
14 | * This library is distributed in the hope that it will be useful, | |
15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
17 | * Lesser General Public License for more details. | |
18 | * | |
19 | * You should have received a copy of the GNU Lesser General Public | |
20 | * License along with this library; if not, write to the Free Software | |
250b1eec | 21 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA |
e0732705 CS |
22 | */ |
23 | ||
24 | #define _GNU_SOURCE | |
e0732705 CS |
25 | #include <errno.h> |
26 | #include <fcntl.h> | |
e5adb2b5 | 27 | #include <termios.h> |
c476bdce | 28 | #include <grp.h> |
6f4f1937 CB |
29 | #include <pwd.h> |
30 | #include <signal.h> | |
31 | #include <stdio.h> | |
32 | #include <stdlib.h> | |
33 | #include <string.h> | |
34 | #include <unistd.h> | |
35 | #include <linux/unistd.h> | |
36 | #include <sys/mount.h> | |
e0732705 CS |
37 | #include <sys/param.h> |
38 | #include <sys/prctl.h> | |
5ec27989 | 39 | #include <sys/socket.h> |
1ba0013f | 40 | #include <sys/syscall.h> |
905022f7 | 41 | #include <sys/wait.h> |
6f4f1937 CB |
42 | |
43 | #include <lxc/lxccontainer.h> | |
e0732705 | 44 | |
955e2a02 | 45 | #ifndef HAVE_DECL_PR_CAPBSET_DROP |
e0732705 CS |
46 | #define PR_CAPBSET_DROP 24 |
47 | #endif | |
48 | ||
955e2a02 CB |
49 | #ifndef HAVE_DECL_PR_SET_NO_NEW_PRIVS |
50 | #define PR_SET_NO_NEW_PRIVS 38 | |
51 | #endif | |
52 | ||
53 | #ifndef HAVE_DECL_PR_GET_NO_NEW_PRIVS | |
54 | #define PR_GET_NO_NEW_PRIVS 39 | |
55 | #endif | |
56 | ||
81f466d0 | 57 | #include "af_unix.h" |
e0732705 CS |
58 | #include "attach.h" |
59 | #include "caps.h" | |
9c4693b8 | 60 | #include "cgroup.h" |
6f4f1937 | 61 | #include "commands.h" |
2c4ea790 | 62 | #include "conf.h" |
6f4f1937 | 63 | #include "config.h" |
9b8e3c96 | 64 | #include "confile.h" |
6f4f1937 CB |
65 | #include "log.h" |
66 | #include "lsm/lsm.h" | |
67 | #include "lxclock.h" | |
68 | #include "lxcseccomp.h" | |
ba2be1a8 | 69 | #include "mainloop.h" |
6f4f1937 | 70 | #include "namespace.h" |
0ed9b1bc | 71 | #include "terminal.h" |
6f4f1937 | 72 | #include "utils.h" |
9c4693b8 CS |
73 | |
74 | #if HAVE_SYS_PERSONALITY_H | |
75 | #include <sys/personality.h> | |
76 | #endif | |
e0732705 | 77 | |
a3da2f3b | 78 | #ifndef SOCK_CLOEXEC |
6f4f1937 | 79 | #define SOCK_CLOEXEC 02000000 |
a3da2f3b SG |
80 | #endif |
81 | ||
d6a3c917 SG |
82 | #ifndef MS_REC |
83 | #define MS_REC 16384 | |
84 | #endif | |
85 | ||
86 | #ifndef MS_SLAVE | |
6f4f1937 | 87 | #define MS_SLAVE (1 << 19) |
d6a3c917 SG |
88 | #endif |
89 | ||
ac2cecc4 | 90 | lxc_log_define(attach, lxc); |
e0732705 | 91 | |
8ce83369 | 92 | /* /proc/pid-to-str/status\0 = (5 + 21 + 7 + 1) */ |
eab15c1e | 93 | #define __PROC_STATUS_LEN (5 + (LXC_NUMSTRLEN64) + 7 + 1) |
74a3920a | 94 | static struct lxc_proc_context_info *lxc_proc_get_context_info(pid_t pid) |
e0732705 | 95 | { |
6f4f1937 CB |
96 | int ret; |
97 | bool found; | |
e0732705 | 98 | FILE *proc_file; |
8ce83369 | 99 | char proc_fn[__PROC_STATUS_LEN]; |
e0732705 | 100 | size_t line_bufsz = 0; |
6f4f1937 | 101 | char *line = NULL; |
8ce83369 | 102 | struct lxc_proc_context_info *info = NULL; |
e0732705 | 103 | |
8ce83369 CB |
104 | /* Read capabilities. */ |
105 | ret = snprintf(proc_fn, __PROC_STATUS_LEN, "/proc/%d/status", pid); | |
106 | if (ret < 0 || ret >= __PROC_STATUS_LEN) | |
107 | goto on_error; | |
e0732705 CS |
108 | |
109 | proc_file = fopen(proc_fn, "r"); | |
110 | if (!proc_file) { | |
ea918412 | 111 | SYSERROR("Could not open %s", proc_fn); |
8ce83369 | 112 | goto on_error; |
e0732705 CS |
113 | } |
114 | ||
8ce83369 CB |
115 | info = calloc(1, sizeof(*info)); |
116 | if (!info) { | |
ea918412 | 117 | SYSERROR("Could not allocate memory"); |
17ac5301 | 118 | fclose(proc_file); |
8ce83369 CB |
119 | return NULL; |
120 | } | |
121 | ||
122 | found = false; | |
ea918412 | 123 | |
e0732705 CS |
124 | while (getline(&line, &line_bufsz, proc_file) != -1) { |
125 | ret = sscanf(line, "CapBnd: %llx", &info->capability_mask); | |
8ce83369 CB |
126 | if (ret != EOF && ret == 1) { |
127 | found = true; | |
e0732705 CS |
128 | break; |
129 | } | |
130 | } | |
131 | ||
f10fad2f | 132 | free(line); |
e0732705 CS |
133 | fclose(proc_file); |
134 | ||
135 | if (!found) { | |
ea918412 | 136 | ERROR("Could not read capability bounding set from %s", |
137 | proc_fn); | |
8ce83369 | 138 | goto on_error; |
e0732705 CS |
139 | } |
140 | ||
fe4de9a6 | 141 | info->lsm_label = lsm_process_label_get(pid); |
877f3a04 CB |
142 | info->ns_inherited = 0; |
143 | memset(info->ns_fd, -1, sizeof(int) * LXC_NS_MAX); | |
e0732705 | 144 | |
e0732705 CS |
145 | return info; |
146 | ||
8ce83369 | 147 | on_error: |
460a1cf0 | 148 | free(info); |
e0732705 CS |
149 | return NULL; |
150 | } | |
151 | ||
877f3a04 CB |
152 | static inline void lxc_proc_close_ns_fd(struct lxc_proc_context_info *ctx) |
153 | { | |
154 | int i; | |
155 | ||
156 | for (i = 0; i < LXC_NS_MAX; i++) { | |
157 | if (ctx->ns_fd[i] < 0) | |
158 | continue; | |
ea918412 | 159 | |
877f3a04 CB |
160 | close(ctx->ns_fd[i]); |
161 | ctx->ns_fd[i] = -EBADF; | |
162 | } | |
163 | } | |
164 | ||
fe4de9a6 DE |
165 | static void lxc_proc_put_context_info(struct lxc_proc_context_info *ctx) |
166 | { | |
f10fad2f | 167 | free(ctx->lsm_label); |
08ea9270 CB |
168 | ctx->lsm_label = NULL; |
169 | ||
170 | if (ctx->container) { | |
2c4ea790 | 171 | lxc_container_put(ctx->container); |
08ea9270 CB |
172 | ctx->container = NULL; |
173 | } | |
174 | ||
877f3a04 | 175 | lxc_proc_close_ns_fd(ctx); |
fe4de9a6 DE |
176 | free(ctx); |
177 | } | |
178 | ||
299d1198 CB |
179 | /** |
180 | * in_same_namespace - Check whether two processes are in the same namespace. | |
181 | * @pid1 - PID of the first process. | |
182 | * @pid2 - PID of the second process. | |
183 | * @ns - Name of the namespace to check. Must correspond to one of the names | |
184 | * for the namespaces as shown in /proc/<pid/ns/ | |
185 | * | |
186 | * If the two processes are not in the same namespace returns an fd to the | |
187 | * namespace of the second process identified by @pid2. If the two processes are | |
188 | * in the same namespace returns -EINVAL, -1 if an error occurred. | |
189 | */ | |
190 | static int in_same_namespace(pid_t pid1, pid_t pid2, const char *ns) | |
191 | { | |
192 | int ns_fd1 = -1, ns_fd2 = -1, ret = -1; | |
21d0acc2 | 193 | int saved_errno; |
299d1198 CB |
194 | struct stat ns_st1, ns_st2; |
195 | ||
196 | ns_fd1 = lxc_preserve_ns(pid1, ns); | |
134284c3 CB |
197 | if (ns_fd1 < 0) { |
198 | /* The kernel does not support this namespace. This is not an | |
199 | * error. | |
200 | */ | |
201 | if (errno == ENOENT) | |
202 | return -EINVAL; | |
203 | ||
299d1198 | 204 | goto out; |
134284c3 | 205 | } |
299d1198 CB |
206 | |
207 | ns_fd2 = lxc_preserve_ns(pid2, ns); | |
21d0acc2 | 208 | if (ns_fd2 < 0) |
299d1198 CB |
209 | goto out; |
210 | ||
211 | ret = fstat(ns_fd1, &ns_st1); | |
21d0acc2 | 212 | if (ret < 0) |
299d1198 CB |
213 | goto out; |
214 | ||
215 | ret = fstat(ns_fd2, &ns_st2); | |
21d0acc2 | 216 | if (ret < 0) |
299d1198 CB |
217 | goto out; |
218 | ||
219 | /* processes are in the same namespace */ | |
ea918412 | 220 | if ((ns_st1.st_dev == ns_st2.st_dev ) && (ns_st1.st_ino == ns_st2.st_ino)) { |
221 | ret = -EINVAL; | |
299d1198 | 222 | goto out; |
ea918412 | 223 | } |
299d1198 CB |
224 | |
225 | /* processes are in different namespaces */ | |
226 | ret = ns_fd2; | |
227 | ns_fd2 = -1; | |
228 | ||
229 | out: | |
21d0acc2 | 230 | saved_errno = errno; |
231 | ||
299d1198 CB |
232 | if (ns_fd1 >= 0) |
233 | close(ns_fd1); | |
ea918412 | 234 | |
299d1198 CB |
235 | if (ns_fd2 >= 0) |
236 | close(ns_fd2); | |
237 | ||
ea918412 | 238 | errno = saved_errno; |
299d1198 CB |
239 | return ret; |
240 | } | |
241 | ||
877f3a04 | 242 | static int lxc_attach_to_ns(pid_t pid, struct lxc_proc_context_info *ctx) |
99d50954 | 243 | { |
21d0acc2 | 244 | int i, ret; |
99d50954 | 245 | |
26818618 | 246 | for (i = 0; i < LXC_NS_MAX; i++) { |
877f3a04 | 247 | if (ctx->ns_fd[i] < 0) |
26818618 CB |
248 | continue; |
249 | ||
21d0acc2 | 250 | ret = setns(ctx->ns_fd[i], ns_info[i].clone_flag); |
251 | if (ret < 0) { | |
299d1198 | 252 | SYSERROR("Failed to attach to %s namespace of %d", |
ea918412 | 253 | ns_info[i].proc_name, pid); |
99d50954 CS |
254 | return -1; |
255 | } | |
256 | ||
299d1198 | 257 | DEBUG("Attached to %s namespace of %d", ns_info[i].proc_name, pid); |
99d50954 CS |
258 | } |
259 | ||
260 | return 0; | |
261 | } | |
262 | ||
74a3920a | 263 | static int lxc_attach_remount_sys_proc(void) |
7a0b0b56 CS |
264 | { |
265 | int ret; | |
266 | ||
267 | ret = unshare(CLONE_NEWNS); | |
268 | if (ret < 0) { | |
ea918412 | 269 | SYSERROR("Failed to unshare mount namespace"); |
7a0b0b56 CS |
270 | return -1; |
271 | } | |
272 | ||
2c6f3fc9 | 273 | if (detect_shared_rootfs()) { |
6f4f1937 | 274 | if (mount(NULL, "/", NULL, MS_SLAVE | MS_REC, NULL)) { |
ea918412 | 275 | SYSERROR("Failed to make / rslave"); |
2c6f3fc9 SH |
276 | ERROR("Continuing..."); |
277 | } | |
278 | } | |
279 | ||
8ce83369 | 280 | /* Assume /proc is always mounted, so remount it. */ |
7a0b0b56 CS |
281 | ret = umount2("/proc", MNT_DETACH); |
282 | if (ret < 0) { | |
ea918412 | 283 | SYSERROR("Failed to unmount /proc"); |
7a0b0b56 CS |
284 | return -1; |
285 | } | |
286 | ||
287 | ret = mount("none", "/proc", "proc", 0, NULL); | |
288 | if (ret < 0) { | |
ea918412 | 289 | SYSERROR("Failed to remount /proc"); |
7a0b0b56 CS |
290 | return -1; |
291 | } | |
292 | ||
8ce83369 CB |
293 | /* Try to umount /sys. If it's not a mount point, we'll get EINVAL, then |
294 | * we ignore it because it may not have been mounted in the first place. | |
7a0b0b56 CS |
295 | */ |
296 | ret = umount2("/sys", MNT_DETACH); | |
297 | if (ret < 0 && errno != EINVAL) { | |
ea918412 | 298 | SYSERROR("Failed to unmount /sys"); |
7a0b0b56 CS |
299 | return -1; |
300 | } else if (ret == 0) { | |
8ce83369 | 301 | /* Remount it. */ |
7a0b0b56 CS |
302 | ret = mount("none", "/sys", "sysfs", 0, NULL); |
303 | if (ret < 0) { | |
ea918412 | 304 | SYSERROR("Failed to remount /sys"); |
7a0b0b56 CS |
305 | return -1; |
306 | } | |
307 | } | |
308 | ||
309 | return 0; | |
310 | } | |
311 | ||
74a3920a | 312 | static int lxc_attach_drop_privs(struct lxc_proc_context_info *ctx) |
e0732705 | 313 | { |
6f4f1937 | 314 | int cap, last_cap; |
e0732705 | 315 | |
6f4f1937 | 316 | last_cap = lxc_caps_last_cap(); |
e0732705 CS |
317 | for (cap = 0; cap <= last_cap; cap++) { |
318 | if (ctx->capability_mask & (1LL << cap)) | |
319 | continue; | |
320 | ||
b81689a1 CB |
321 | if (prctl(PR_CAPBSET_DROP, prctl_arg(cap), prctl_arg(0), |
322 | prctl_arg(0), prctl_arg(0))) { | |
94ac256f | 323 | SYSERROR("Failed to drop capability %d", cap); |
e0732705 CS |
324 | return -1; |
325 | } | |
ea918412 | 326 | |
94ac256f | 327 | TRACE("Dropped capability %d", cap); |
e0732705 CS |
328 | } |
329 | ||
330 | return 0; | |
331 | } | |
905022f7 | 332 | |
7385273f | 333 | static int lxc_attach_set_environment(struct lxc_proc_context_info *init_ctx, |
334 | enum lxc_attach_env_policy_t policy, | |
6f4f1937 | 335 | char **extra_env, char **extra_keep) |
b3a39ba6 | 336 | { |
3d55242a | 337 | int ret; |
7385273f | 338 | struct lxc_list *iterator; |
339 | ||
799f96fd | 340 | if (policy == LXC_ATTACH_CLEAR_ENV) { |
3d5e9f48 | 341 | int path_kept = 0; |
6f4f1937 | 342 | char **extra_keep_store = NULL; |
3d5e9f48 CS |
343 | |
344 | if (extra_keep) { | |
345 | size_t count, i; | |
346 | ||
3d55242a CB |
347 | for (count = 0; extra_keep[count]; count++) |
348 | ; | |
3d5e9f48 CS |
349 | |
350 | extra_keep_store = calloc(count, sizeof(char *)); | |
3d55242a | 351 | if (!extra_keep_store) |
3d5e9f48 | 352 | return -1; |
3d55242a | 353 | |
3d5e9f48 CS |
354 | for (i = 0; i < count; i++) { |
355 | char *v = getenv(extra_keep[i]); | |
356 | if (v) { | |
357 | extra_keep_store[i] = strdup(v); | |
358 | if (!extra_keep_store[i]) { | |
3d5e9f48 CS |
359 | while (i > 0) |
360 | free(extra_keep_store[--i]); | |
ea918412 | 361 | |
3d5e9f48 CS |
362 | free(extra_keep_store); |
363 | return -1; | |
364 | } | |
3d55242a | 365 | |
3d5e9f48 CS |
366 | if (strcmp(extra_keep[i], "PATH") == 0) |
367 | path_kept = 1; | |
368 | } | |
3d5e9f48 CS |
369 | } |
370 | } | |
371 | ||
799f96fd | 372 | if (clearenv()) { |
a9cab7e3 | 373 | if (extra_keep_store) { |
3d55242a CB |
374 | char **p; |
375 | ||
a9cab7e3 CS |
376 | for (p = extra_keep_store; *p; p++) |
377 | free(*p); | |
3d55242a | 378 | |
a9cab7e3 CS |
379 | free(extra_keep_store); |
380 | } | |
3d55242a | 381 | |
ea918412 | 382 | ERROR("Failed to clear environment"); |
3d5e9f48 CS |
383 | return -1; |
384 | } | |
385 | ||
386 | if (extra_keep_store) { | |
387 | size_t i; | |
6f4f1937 | 388 | |
3d5e9f48 | 389 | for (i = 0; extra_keep[i]; i++) { |
acd4922e | 390 | if (extra_keep_store[i]) { |
3d55242a CB |
391 | ret = setenv(extra_keep[i], extra_keep_store[i], 1); |
392 | if (ret < 0) | |
a24c5678 | 393 | SYSWARN("Failed to set environment variable"); |
acd4922e | 394 | } |
ea918412 | 395 | |
3d5e9f48 CS |
396 | free(extra_keep_store[i]); |
397 | } | |
ea918412 | 398 | |
3d5e9f48 CS |
399 | free(extra_keep_store); |
400 | } | |
401 | ||
8ce83369 CB |
402 | /* Always set a default path; shells and execlp tend to be fine |
403 | * without it, but there is a disturbing number of C programs | |
404 | * out there that just assume that getenv("PATH") is never NULL | |
405 | * and then die a painful segfault death. | |
406 | */ | |
3d55242a CB |
407 | if (!path_kept) { |
408 | ret = setenv("PATH", "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", 1); | |
409 | if (ret < 0) | |
a24c5678 | 410 | SYSWARN("Failed to set environment variable"); |
3d55242a | 411 | } |
b3a39ba6 DW |
412 | } |
413 | ||
3d55242a CB |
414 | ret = putenv("container=lxc"); |
415 | if (ret < 0) { | |
a24c5678 | 416 | SYSWARN("Failed to set environment variable"); |
b3a39ba6 DW |
417 | return -1; |
418 | } | |
419 | ||
7385273f | 420 | /* Set container environment variables.*/ |
421 | if (init_ctx && init_ctx->container && init_ctx->container->lxc_conf) { | |
422 | lxc_list_for_each(iterator, &init_ctx->container->lxc_conf->environment) { | |
3d55242a CB |
423 | char *env_tmp; |
424 | ||
425 | env_tmp = strdup((char *)iterator->elem); | |
426 | if (!env_tmp) | |
7385273f | 427 | return -1; |
7385273f | 428 | |
3d55242a CB |
429 | ret = putenv(env_tmp); |
430 | if (ret < 0) { | |
431 | SYSERROR("Failed to set environment variable: %s", (char *)iterator->elem); | |
7385273f | 432 | return -1; |
433 | } | |
434 | } | |
435 | } | |
436 | ||
8ce83369 | 437 | /* Set extra environment variables. */ |
3d5e9f48 CS |
438 | if (extra_env) { |
439 | for (; *extra_env; extra_env++) { | |
3d55242a | 440 | char *p; |
ea918412 | 441 | |
8ce83369 CB |
442 | /* We just assume the user knows what they are doing, so |
443 | * we don't do any checks. | |
444 | */ | |
3d55242a CB |
445 | p = strdup(*extra_env); |
446 | if (!p) | |
3d5e9f48 | 447 | return -1; |
3d55242a CB |
448 | |
449 | ret = putenv(p); | |
450 | if (ret < 0) | |
a24c5678 | 451 | SYSWARN("Failed to set environment variable"); |
3d5e9f48 CS |
452 | } |
453 | } | |
454 | ||
b3a39ba6 DW |
455 | return 0; |
456 | } | |
457 | ||
74a3920a | 458 | static char *lxc_attach_getpwshell(uid_t uid) |
905022f7 | 459 | { |
6f4f1937 | 460 | int fd, ret; |
905022f7 CS |
461 | pid_t pid; |
462 | int pipes[2]; | |
3fa23ac3 CB |
463 | FILE *pipe_f; |
464 | bool found = false; | |
465 | size_t line_bufsz = 0; | |
466 | char *line = NULL, *result = NULL; | |
905022f7 | 467 | |
8ce83369 CB |
468 | /* We need to fork off a process that runs the getent program, and we |
469 | * need to capture its output, so we use a pipe for that purpose. | |
905022f7 | 470 | */ |
3fa23ac3 | 471 | ret = pipe2(pipes, O_CLOEXEC); |
905022f7 CS |
472 | if (ret < 0) |
473 | return NULL; | |
474 | ||
475 | pid = fork(); | |
476 | if (pid < 0) { | |
477 | close(pipes[0]); | |
478 | close(pipes[1]); | |
479 | return NULL; | |
480 | } | |
481 | ||
3fa23ac3 | 482 | if (!pid) { |
905022f7 CS |
483 | char uid_buf[32]; |
484 | char *arguments[] = { | |
485 | "getent", | |
486 | "passwd", | |
487 | uid_buf, | |
488 | NULL | |
489 | }; | |
490 | ||
491 | close(pipes[0]); | |
492 | ||
8ce83369 | 493 | /* We want to capture stdout. */ |
3fa23ac3 | 494 | ret = dup2(pipes[1], STDOUT_FILENO); |
905022f7 | 495 | close(pipes[1]); |
3fa23ac3 | 496 | if (ret < 0) |
ea918412 | 497 | _exit(EXIT_FAILURE); |
905022f7 | 498 | |
8ce83369 CB |
499 | /* Get rid of stdin/stderr, so we try to associate it with |
500 | * /dev/null. | |
905022f7 | 501 | */ |
3fa23ac3 | 502 | fd = open_devnull(); |
905022f7 | 503 | if (fd < 0) { |
3fa23ac3 CB |
504 | close(STDIN_FILENO); |
505 | close(STDERR_FILENO); | |
905022f7 | 506 | } else { |
3fa23ac3 CB |
507 | (void)dup3(fd, STDIN_FILENO, O_CLOEXEC); |
508 | (void)dup3(fd, STDOUT_FILENO, O_CLOEXEC); | |
905022f7 CS |
509 | close(fd); |
510 | } | |
511 | ||
8ce83369 | 512 | /* Finish argument list. */ |
3fa23ac3 CB |
513 | ret = snprintf(uid_buf, sizeof(uid_buf), "%ld", (long)uid); |
514 | if (ret <= 0 || ret >= sizeof(uid_buf)) | |
ea918412 | 515 | _exit(EXIT_FAILURE); |
905022f7 | 516 | |
8ce83369 | 517 | /* Try to run getent program. */ |
3fa23ac3 | 518 | (void)execvp("getent", arguments); |
ea918412 | 519 | _exit(EXIT_FAILURE); |
905022f7 | 520 | } |
3fa23ac3 CB |
521 | |
522 | close(pipes[1]); | |
523 | ||
524 | pipe_f = fdopen(pipes[0], "r"); | |
525 | while (getline(&line, &line_bufsz, pipe_f) != -1) { | |
526 | int i; | |
527 | long value; | |
528 | char *token; | |
529 | char *endptr = NULL, *saveptr = NULL; | |
530 | ||
531 | /* If we already found something, just continue to read | |
532 | * until the pipe doesn't deliver any more data, but | |
533 | * don't modify the existing data structure. | |
534 | */ | |
535 | if (found) | |
536 | continue; | |
537 | ||
18d4ffde | 538 | if (!line) |
539 | continue; | |
540 | ||
3fa23ac3 CB |
541 | /* Trim line on the right hand side. */ |
542 | for (i = strlen(line); i > 0 && (line[i - 1] == '\n' || line[i - 1] == '\r'); --i) | |
543 | line[i - 1] = '\0'; | |
544 | ||
545 | /* Split into tokens: first: user name. */ | |
546 | token = strtok_r(line, ":", &saveptr); | |
547 | if (!token) | |
548 | continue; | |
549 | ||
550 | /* next: dummy password field */ | |
551 | token = strtok_r(NULL, ":", &saveptr); | |
552 | if (!token) | |
553 | continue; | |
554 | ||
555 | /* next: user id */ | |
556 | token = strtok_r(NULL, ":", &saveptr); | |
557 | value = token ? strtol(token, &endptr, 10) : 0; | |
558 | if (!token || !endptr || *endptr || value == LONG_MIN || | |
ea918412 | 559 | value == LONG_MAX) |
3fa23ac3 CB |
560 | continue; |
561 | ||
562 | /* dummy sanity check: user id matches */ | |
563 | if ((uid_t)value != uid) | |
564 | continue; | |
565 | ||
566 | /* skip fields: gid, gecos, dir, go to next field 'shell' */ | |
567 | for (i = 0; i < 4; i++) { | |
568 | token = strtok_r(NULL, ":", &saveptr); | |
569 | if (!token) | |
570 | continue; | |
571 | } | |
ea918412 | 572 | |
3fa23ac3 CB |
573 | if (!token) |
574 | continue; | |
ea918412 | 575 | |
3fa23ac3 CB |
576 | free(result); |
577 | result = strdup(token); | |
578 | ||
579 | /* Sanity check that there are no fields after that. */ | |
580 | token = strtok_r(NULL, ":", &saveptr); | |
581 | if (token) | |
582 | continue; | |
583 | ||
584 | found = true; | |
585 | } | |
ea918412 | 586 | |
3fa23ac3 CB |
587 | free(line); |
588 | fclose(pipe_f); | |
589 | ||
590 | ret = wait_for_pid(pid); | |
591 | if (ret < 0) { | |
592 | free(result); | |
593 | return NULL; | |
594 | } | |
595 | ||
596 | if (!found) { | |
597 | free(result); | |
598 | return NULL; | |
599 | } | |
600 | ||
601 | return result; | |
905022f7 | 602 | } |
cb3e61fa | 603 | |
6f4f1937 | 604 | static void lxc_attach_get_init_uidgid(uid_t *init_uid, gid_t *init_gid) |
cb3e61fa CS |
605 | { |
606 | FILE *proc_file; | |
8ce83369 CB |
607 | char proc_fn[__PROC_STATUS_LEN]; |
608 | int ret; | |
cb3e61fa CS |
609 | char *line = NULL; |
610 | size_t line_bufsz = 0; | |
cb3e61fa CS |
611 | long value = -1; |
612 | uid_t uid = (uid_t)-1; | |
613 | gid_t gid = (gid_t)-1; | |
614 | ||
7fb45c93 CB |
615 | ret = snprintf(proc_fn, __PROC_STATUS_LEN, "/proc/%d/status", 1); |
616 | if (ret < 0 || ret >= __PROC_STATUS_LEN) | |
617 | return; | |
cb3e61fa CS |
618 | |
619 | proc_file = fopen(proc_fn, "r"); | |
620 | if (!proc_file) | |
621 | return; | |
622 | ||
623 | while (getline(&line, &line_bufsz, proc_file) != -1) { | |
8ce83369 CB |
624 | /* Format is: real, effective, saved set user, fs we only care |
625 | * about real uid. | |
cb3e61fa CS |
626 | */ |
627 | ret = sscanf(line, "Uid: %ld", &value); | |
8ce83369 | 628 | if (ret != EOF && ret == 1) { |
6f4f1937 | 629 | uid = (uid_t)value; |
cb3e61fa CS |
630 | } else { |
631 | ret = sscanf(line, "Gid: %ld", &value); | |
8ce83369 | 632 | if (ret != EOF && ret == 1) |
6f4f1937 | 633 | gid = (gid_t)value; |
cb3e61fa | 634 | } |
ea918412 | 635 | |
cb3e61fa CS |
636 | if (uid != (uid_t)-1 && gid != (gid_t)-1) |
637 | break; | |
638 | } | |
639 | ||
640 | fclose(proc_file); | |
641 | free(line); | |
642 | ||
8ce83369 | 643 | /* Only override arguments if we found something. */ |
cb3e61fa CS |
644 | if (uid != (uid_t)-1) |
645 | *init_uid = uid; | |
ea918412 | 646 | |
cb3e61fa CS |
647 | if (gid != (gid_t)-1) |
648 | *init_gid = gid; | |
649 | ||
650 | /* TODO: we should also parse supplementary groups and use | |
8ce83369 CB |
651 | * setgroups() to set them. |
652 | */ | |
cb3e61fa | 653 | } |
9c4693b8 | 654 | |
8ce83369 | 655 | /* Define default options if no options are supplied by the user. */ |
9c4693b8 CS |
656 | static lxc_attach_options_t attach_static_default_options = LXC_ATTACH_OPTIONS_DEFAULT; |
657 | ||
d4db3d14 | 658 | static bool fetch_seccomp(struct lxc_container *c, lxc_attach_options_t *options) |
2c4ea790 | 659 | { |
d4db3d14 CB |
660 | int ret; |
661 | bool bret; | |
bd7b4e28 | 662 | char *path; |
2eef2bda | 663 | |
6f4f1937 CB |
664 | if (!(options->namespaces & CLONE_NEWNS) || |
665 | !(options->attach_flags & LXC_ATTACH_LSM)) { | |
bd4307f0 CB |
666 | free(c->lxc_conf->seccomp); |
667 | c->lxc_conf->seccomp = NULL; | |
2c4ea790 | 668 | return true; |
bd4307f0 | 669 | } |
bd7b4e28 | 670 | |
2e812c16 | 671 | /* Remove current setting. */ |
d4db3d14 | 672 | if (!c->set_config_item(c, "lxc.seccomp.profile", "") && |
ea918412 | 673 | !c->set_config_item(c, "lxc.seccomp", "")) |
2c4ea790 | 674 | return false; |
bd7b4e28 | 675 | |
8ce83369 | 676 | /* Fetch the current profile path over the cmd interface. */ |
0b427da0 | 677 | path = c->get_running_config_item(c, "lxc.seccomp.profile"); |
bd7b4e28 | 678 | if (!path) { |
d4db3d14 | 679 | INFO("Failed to retrieve lxc.seccomp.profile"); |
ea918412 | 680 | |
0b427da0 | 681 | path = c->get_running_config_item(c, "lxc.seccomp"); |
d4db3d14 CB |
682 | if (!path) { |
683 | INFO("Failed to retrieve lxc.seccomp"); | |
684 | return true; | |
685 | } | |
bd7b4e28 SG |
686 | } |
687 | ||
8ce83369 | 688 | /* Copy the value into the new lxc_conf. */ |
d4db3d14 | 689 | bret = c->set_config_item(c, "lxc.seccomp.profile", path); |
bd7b4e28 | 690 | free(path); |
d4db3d14 CB |
691 | if (!bret) |
692 | return false; | |
bd7b4e28 | 693 | |
8ce83369 | 694 | /* Attempt to parse the resulting config. */ |
d4db3d14 CB |
695 | ret = lxc_read_seccomp_config(c->lxc_conf); |
696 | if (ret < 0) { | |
697 | ERROR("Failed to retrieve seccomp policy"); | |
2c4ea790 SH |
698 | return false; |
699 | } | |
700 | ||
d4db3d14 | 701 | INFO("Retrieved seccomp policy"); |
2e812c16 CB |
702 | return true; |
703 | } | |
704 | ||
6f4f1937 | 705 | static bool no_new_privs(struct lxc_container *c, lxc_attach_options_t *options) |
2e812c16 | 706 | { |
bcbef733 | 707 | bool bret; |
2e812c16 CB |
708 | char *val; |
709 | ||
2e812c16 | 710 | /* Remove current setting. */ |
bcbef733 CB |
711 | if (!c->set_config_item(c, "lxc.no_new_privs", "")) { |
712 | INFO("Failed to unset lxc.no_new_privs"); | |
2e812c16 | 713 | return false; |
bcbef733 | 714 | } |
2e812c16 CB |
715 | |
716 | /* Retrieve currently active setting. */ | |
717 | val = c->get_running_config_item(c, "lxc.no_new_privs"); | |
718 | if (!val) { | |
bcbef733 | 719 | INFO("Failed to retrieve lxc.no_new_privs"); |
2e812c16 CB |
720 | return false; |
721 | } | |
722 | ||
723 | /* Set currently active setting. */ | |
bcbef733 | 724 | bret = c->set_config_item(c, "lxc.no_new_privs", val); |
2e812c16 | 725 | free(val); |
bcbef733 | 726 | return bret; |
2c4ea790 SH |
727 | } |
728 | ||
9b8e3c96 SH |
729 | static signed long get_personality(const char *name, const char *lxcpath) |
730 | { | |
6f4f1937 | 731 | char *p; |
9b8e3c96 SH |
732 | signed long ret; |
733 | ||
6f4f1937 | 734 | p = lxc_cmd_get_config_item(name, "lxc.arch", lxcpath); |
9b8e3c96 SH |
735 | if (!p) |
736 | return -1; | |
6f4f1937 | 737 | |
9b8e3c96 SH |
738 | ret = lxc_config_parse_arch(p); |
739 | free(p); | |
6f4f1937 | 740 | |
9b8e3c96 SH |
741 | return ret; |
742 | } | |
743 | ||
a998454a CB |
744 | struct attach_clone_payload { |
745 | int ipc_socket; | |
9e84479f | 746 | int terminal_slave_fd; |
a998454a CB |
747 | lxc_attach_options_t *options; |
748 | struct lxc_proc_context_info *init_ctx; | |
749 | lxc_attach_exec_t exec_function; | |
750 | void *exec_payload; | |
751 | }; | |
752 | ||
ba2be1a8 CB |
753 | static void lxc_put_attach_clone_payload(struct attach_clone_payload *p) |
754 | { | |
755 | if (p->ipc_socket >= 0) { | |
756 | shutdown(p->ipc_socket, SHUT_RDWR); | |
757 | close(p->ipc_socket); | |
758 | p->ipc_socket = -EBADF; | |
759 | } | |
760 | ||
9e84479f CB |
761 | if (p->terminal_slave_fd >= 0) { |
762 | close(p->terminal_slave_fd); | |
763 | p->terminal_slave_fd = -EBADF; | |
ba2be1a8 CB |
764 | } |
765 | ||
b21da190 | 766 | if (p->init_ctx) { |
ba2be1a8 | 767 | lxc_proc_put_context_info(p->init_ctx); |
b21da190 CB |
768 | p->init_ctx = NULL; |
769 | } | |
ba2be1a8 CB |
770 | } |
771 | ||
a998454a CB |
772 | static int attach_child_main(struct attach_clone_payload *payload) |
773 | { | |
57de839f | 774 | int fd, lsm_fd, ret; |
a998454a CB |
775 | uid_t new_uid; |
776 | gid_t new_gid; | |
a998454a CB |
777 | lxc_attach_options_t* options = payload->options; |
778 | struct lxc_proc_context_info* init_ctx = payload->init_ctx; | |
57de839f CB |
779 | bool needs_lsm = (options->namespaces & CLONE_NEWNS) && |
780 | (options->attach_flags & LXC_ATTACH_LSM) && | |
781 | init_ctx->lsm_label; | |
a998454a CB |
782 | |
783 | /* A description of the purpose of this functionality is provided in the | |
784 | * lxc-attach(1) manual page. We have to remount here and not in the | |
785 | * parent process, otherwise /proc may not properly reflect the new pid | |
786 | * namespace. | |
787 | */ | |
788 | if (!(options->namespaces & CLONE_NEWNS) && | |
789 | (options->attach_flags & LXC_ATTACH_REMOUNT_PROC_SYS)) { | |
790 | ret = lxc_attach_remount_sys_proc(); | |
b75c344c CB |
791 | if (ret < 0) |
792 | goto on_error; | |
ea918412 | 793 | |
b75c344c | 794 | TRACE("Remounted \"/proc\" and \"/sys\""); |
a998454a CB |
795 | } |
796 | ||
b75c344c | 797 | /* Now perform additional attachments. */ |
a998454a | 798 | #if HAVE_SYS_PERSONALITY_H |
a998454a | 799 | if (options->attach_flags & LXC_ATTACH_SET_PERSONALITY) { |
b75c344c CB |
800 | long new_personality; |
801 | ||
802 | if (options->personality < 0) | |
803 | new_personality = init_ctx->personality; | |
804 | else | |
805 | new_personality = options->personality; | |
ea918412 | 806 | |
a998454a | 807 | ret = personality(new_personality); |
b75c344c CB |
808 | if (ret < 0) |
809 | goto on_error; | |
ea918412 | 810 | |
b75c344c | 811 | TRACE("Set new personality"); |
a998454a CB |
812 | } |
813 | #endif | |
814 | ||
815 | if (options->attach_flags & LXC_ATTACH_DROP_CAPABILITIES) { | |
816 | ret = lxc_attach_drop_privs(init_ctx); | |
b75c344c CB |
817 | if (ret < 0) |
818 | goto on_error; | |
ea918412 | 819 | |
b75c344c | 820 | TRACE("Dropped capabilities"); |
a998454a CB |
821 | } |
822 | ||
823 | /* Always set the environment (specify (LXC_ATTACH_KEEP_ENV, NULL, NULL) | |
824 | * if you want this to be a no-op). | |
825 | */ | |
7385273f | 826 | ret = lxc_attach_set_environment(init_ctx, |
827 | options->env_policy, | |
a998454a CB |
828 | options->extra_env_vars, |
829 | options->extra_keep_env); | |
b75c344c CB |
830 | if (ret < 0) |
831 | goto on_error; | |
ea918412 | 832 | |
b75c344c | 833 | TRACE("Set up environment"); |
a998454a | 834 | |
57de839f CB |
835 | /* This remark only affects fully unprivileged containers: |
836 | * Receive fd for LSM security module before we set{g,u}id(). The reason | |
837 | * is that on set{g,u}id() the kernel will a) make us undumpable and b) | |
838 | * we will change our effective uid. This means our effective uid will | |
839 | * be different from the effective uid of the process that created us | |
840 | * which means that this processs no longer has capabilities in our | |
841 | * namespace including CAP_SYS_PTRACE. This means we will not be able to | |
842 | * read and /proc/<pid> files for the process anymore when /proc is | |
843 | * mounted with hidepid={1,2}. So let's get the lsm label fd before the | |
844 | * set{g,u}id(). | |
845 | */ | |
846 | if (needs_lsm) { | |
b75c344c | 847 | ret = lxc_abstract_unix_recv_fds(payload->ipc_socket, &lsm_fd, 1, NULL, 0); |
9044b79e | 848 | if (ret <= 0) { |
849 | if (ret < 0) | |
850 | SYSERROR("Failed to receive lsm label fd"); | |
851 | ||
b75c344c | 852 | goto on_error; |
9044b79e | 853 | } |
854 | ||
57de839f CB |
855 | TRACE("Received LSM label file descriptor %d from parent", lsm_fd); |
856 | } | |
857 | ||
08ea9270 | 858 | if (options->stdin_fd > 0 && isatty(options->stdin_fd)) { |
cd0a2b2f | 859 | ret = lxc_make_controlling_terminal(options->stdin_fd); |
08ea9270 CB |
860 | if (ret < 0) |
861 | goto on_error; | |
862 | } | |
863 | ||
a998454a CB |
864 | /* Set {u,g}id. */ |
865 | new_uid = 0; | |
866 | new_gid = 0; | |
ea918412 | 867 | |
a998454a CB |
868 | /* Ignore errors, we will fall back to root in that case (/proc was not |
869 | * mounted etc.). | |
870 | */ | |
871 | if (options->namespaces & CLONE_NEWUSER) | |
872 | lxc_attach_get_init_uidgid(&new_uid, &new_gid); | |
873 | ||
874 | if (options->uid != (uid_t)-1) | |
875 | new_uid = options->uid; | |
ea918412 | 876 | |
a998454a CB |
877 | if (options->gid != (gid_t)-1) |
878 | new_gid = options->gid; | |
879 | ||
a998454a | 880 | /* Try to set the {u,g}id combination. */ |
b75c344c CB |
881 | if (new_uid != 0 || new_gid != 0 || options->namespaces & CLONE_NEWUSER) { |
882 | ret = lxc_switch_uid_gid(new_uid, new_gid); | |
883 | if (ret < 0) | |
884 | goto on_error; | |
a998454a CB |
885 | } |
886 | ||
24927339 | 887 | ret = lxc_setgroups(0, NULL); |
96ec54ac | 888 | if (ret < 0 && errno != EPERM) |
24927339 CB |
889 | goto on_error; |
890 | ||
a998454a CB |
891 | if ((init_ctx->container && init_ctx->container->lxc_conf && |
892 | init_ctx->container->lxc_conf->no_new_privs) || | |
893 | (options->attach_flags & LXC_ATTACH_NO_NEW_PRIVS)) { | |
b81689a1 CB |
894 | ret = prctl(PR_SET_NO_NEW_PRIVS, prctl_arg(1), prctl_arg(0), |
895 | prctl_arg(0), prctl_arg(0)); | |
b75c344c CB |
896 | if (ret < 0) |
897 | goto on_error; | |
ea918412 | 898 | |
b75c344c | 899 | TRACE("Set PR_SET_NO_NEW_PRIVS"); |
a998454a CB |
900 | } |
901 | ||
57de839f | 902 | if (needs_lsm) { |
d3ba7c98 | 903 | bool on_exec; |
a998454a CB |
904 | |
905 | /* Change into our new LSM profile. */ | |
d3ba7c98 | 906 | on_exec = options->attach_flags & LXC_ATTACH_LSM_EXEC ? true : false; |
ea918412 | 907 | |
d3ba7c98 | 908 | ret = lsm_process_label_set_at(lsm_fd, init_ctx->lsm_label, on_exec); |
57de839f | 909 | close(lsm_fd); |
b75c344c CB |
910 | if (ret < 0) |
911 | goto on_error; | |
ea918412 | 912 | |
d3ba7c98 | 913 | TRACE("Set %s LSM label to \"%s\"", lsm_name(), init_ctx->lsm_label); |
a998454a CB |
914 | } |
915 | ||
916 | if (init_ctx->container && init_ctx->container->lxc_conf && | |
b75c344c CB |
917 | init_ctx->container->lxc_conf->seccomp) { |
918 | ret = lxc_seccomp_load(init_ctx->container->lxc_conf); | |
919 | if (ret < 0) | |
920 | goto on_error; | |
ea918412 | 921 | |
b75c344c | 922 | TRACE("Loaded seccomp profile"); |
a998454a | 923 | } |
ea918412 | 924 | |
b75c344c CB |
925 | shutdown(payload->ipc_socket, SHUT_RDWR); |
926 | close(payload->ipc_socket); | |
ba2be1a8 CB |
927 | payload->ipc_socket = -EBADF; |
928 | lxc_proc_put_context_info(init_ctx); | |
d35b372a | 929 | payload->init_ctx = NULL; |
a998454a CB |
930 | |
931 | /* The following is done after the communication socket is shut down. | |
932 | * That way, all errors that might (though unlikely) occur up until this | |
933 | * point will have their messages printed to the original stderr (if | |
934 | * logging is so configured) and not the fd the user supplied, if any. | |
935 | */ | |
936 | ||
937 | /* Fd handling for stdin, stdout and stderr; ignore errors here, user | |
938 | * may want to make sure the fds are closed, for example. | |
939 | */ | |
08ea9270 | 940 | if (options->stdin_fd >= 0 && options->stdin_fd != STDIN_FILENO) |
00c72a93 | 941 | (void)dup2(options->stdin_fd, STDIN_FILENO); |
08ea9270 CB |
942 | |
943 | if (options->stdout_fd >= 0 && options->stdout_fd != STDOUT_FILENO) | |
00c72a93 | 944 | (void)dup2(options->stdout_fd, STDOUT_FILENO); |
08ea9270 CB |
945 | |
946 | if (options->stderr_fd >= 0 && options->stderr_fd != STDERR_FILENO) | |
00c72a93 | 947 | (void)dup2(options->stderr_fd, STDERR_FILENO); |
a998454a CB |
948 | |
949 | /* close the old fds */ | |
08ea9270 | 950 | if (options->stdin_fd > STDERR_FILENO) |
a998454a | 951 | close(options->stdin_fd); |
08ea9270 CB |
952 | |
953 | if (options->stdout_fd > STDERR_FILENO) | |
a998454a | 954 | close(options->stdout_fd); |
08ea9270 CB |
955 | |
956 | if (options->stderr_fd > STDERR_FILENO) | |
a998454a CB |
957 | close(options->stderr_fd); |
958 | ||
959 | /* Try to remove FD_CLOEXEC flag from stdin/stdout/stderr, but also | |
960 | * here, ignore errors. | |
961 | */ | |
b75c344c | 962 | for (fd = STDIN_FILENO; fd <= STDERR_FILENO; fd++) { |
3f62938a | 963 | ret = fd_cloexec(fd, false); |
b75c344c CB |
964 | if (ret < 0) { |
965 | SYSERROR("Failed to clear FD_CLOEXEC from file descriptor %d", fd); | |
966 | goto on_error; | |
967 | } | |
a998454a CB |
968 | } |
969 | ||
9e84479f CB |
970 | if (options->attach_flags & LXC_ATTACH_TERMINAL) { |
971 | ret = lxc_terminal_prepare_login(payload->terminal_slave_fd); | |
ba2be1a8 | 972 | if (ret < 0) { |
9e84479f | 973 | SYSERROR("Failed to prepare terminal file descriptor %d", payload->terminal_slave_fd); |
ba2be1a8 CB |
974 | goto on_error; |
975 | } | |
ea918412 | 976 | |
9e84479f | 977 | TRACE("Prepared terminal file descriptor %d", payload->terminal_slave_fd); |
ba2be1a8 CB |
978 | } |
979 | ||
a998454a | 980 | /* We're done, so we can now do whatever the user intended us to do. */ |
c7ac2e1c | 981 | _exit(payload->exec_function(payload->exec_payload)); |
b75c344c CB |
982 | |
983 | on_error: | |
ba2be1a8 | 984 | lxc_put_attach_clone_payload(payload); |
c7ac2e1c | 985 | _exit(EXIT_FAILURE); |
a998454a CB |
986 | } |
987 | ||
9e84479f CB |
988 | static int lxc_attach_terminal(struct lxc_conf *conf, |
989 | struct lxc_terminal *terminal) | |
ba2be1a8 CB |
990 | { |
991 | int ret; | |
992 | ||
9e84479f | 993 | lxc_terminal_init(terminal); |
ba2be1a8 | 994 | |
9e84479f | 995 | ret = lxc_terminal_create(terminal); |
ba2be1a8 | 996 | if (ret < 0) { |
ea918412 | 997 | ERROR("Failed to create terminal"); |
ba2be1a8 CB |
998 | return -1; |
999 | } | |
1000 | ||
1001 | /* Shift ttys to container. */ | |
9e84479f | 1002 | ret = lxc_terminal_map_ids(conf, terminal); |
ba2be1a8 | 1003 | if (ret < 0) { |
9e84479f | 1004 | ERROR("Failed to chown terminal"); |
ba2be1a8 CB |
1005 | goto on_error; |
1006 | } | |
1007 | ||
1008 | return 0; | |
1009 | ||
1010 | on_error: | |
9e84479f CB |
1011 | lxc_terminal_delete(terminal); |
1012 | lxc_terminal_conf_free(terminal); | |
ba2be1a8 CB |
1013 | return -1; |
1014 | } | |
1015 | ||
9e84479f CB |
1016 | static int lxc_attach_terminal_mainloop_init(struct lxc_terminal *terminal, |
1017 | struct lxc_epoll_descr *descr) | |
ba2be1a8 CB |
1018 | { |
1019 | int ret; | |
1020 | ||
1021 | ret = lxc_mainloop_open(descr); | |
1022 | if (ret < 0) { | |
1023 | ERROR("Failed to create mainloop"); | |
1024 | return -1; | |
1025 | } | |
1026 | ||
9e84479f | 1027 | ret = lxc_terminal_mainloop_add(descr, terminal); |
ba2be1a8 CB |
1028 | if (ret < 0) { |
1029 | ERROR("Failed to add handlers to mainloop"); | |
1030 | lxc_mainloop_close(descr); | |
1031 | return -1; | |
1032 | } | |
1033 | ||
1034 | return 0; | |
1035 | } | |
1036 | ||
9e84479f | 1037 | static inline void lxc_attach_terminal_close_master(struct lxc_terminal *terminal) |
ba2be1a8 | 1038 | { |
9e84479f | 1039 | if (terminal->master < 0) |
ba2be1a8 CB |
1040 | return; |
1041 | ||
9e84479f CB |
1042 | close(terminal->master); |
1043 | terminal->master = -EBADF; | |
ba2be1a8 CB |
1044 | } |
1045 | ||
9e84479f | 1046 | static inline void lxc_attach_terminal_close_slave(struct lxc_terminal *terminal) |
ba2be1a8 | 1047 | { |
9e84479f | 1048 | if (terminal->slave < 0) |
ba2be1a8 CB |
1049 | return; |
1050 | ||
9e84479f CB |
1051 | close(terminal->slave); |
1052 | terminal->slave = -EBADF; | |
ba2be1a8 CB |
1053 | } |
1054 | ||
9e84479f | 1055 | static inline void lxc_attach_terminal_close_peer(struct lxc_terminal *terminal) |
ba2be1a8 | 1056 | { |
9e84479f | 1057 | if (terminal->peer < 0) |
ba2be1a8 CB |
1058 | return; |
1059 | ||
9e84479f CB |
1060 | close(terminal->peer); |
1061 | terminal->peer = -EBADF; | |
ba2be1a8 CB |
1062 | } |
1063 | ||
9e84479f | 1064 | static inline void lxc_attach_terminal_close_log(struct lxc_terminal *terminal) |
ba2be1a8 | 1065 | { |
9e84479f | 1066 | if (terminal->log_fd < 0) |
ba2be1a8 CB |
1067 | return; |
1068 | ||
9e84479f CB |
1069 | close(terminal->log_fd); |
1070 | terminal->log_fd = -EBADF; | |
ba2be1a8 CB |
1071 | } |
1072 | ||
6f4f1937 CB |
1073 | int lxc_attach(const char *name, const char *lxcpath, |
1074 | lxc_attach_exec_t exec_function, void *exec_payload, | |
1075 | lxc_attach_options_t *options, pid_t *attached_process) | |
9c4693b8 | 1076 | { |
877f3a04 | 1077 | int i, ret, status; |
9c4693b8 | 1078 | int ipc_sockets[2]; |
6f4f1937 | 1079 | char *cwd, *new_cwd; |
9b8e3c96 | 1080 | signed long personality; |
ba2be1a8 | 1081 | pid_t attached_pid, init_pid, pid; |
6f4f1937 | 1082 | struct lxc_proc_context_info *init_ctx; |
9e84479f | 1083 | struct lxc_terminal terminal; |
1cce35e6 | 1084 | struct lxc_conf *conf; |
a998454a | 1085 | struct attach_clone_payload payload = {0}; |
9c4693b8 | 1086 | |
877f3a04 CB |
1087 | ret = access("/proc/self/ns", X_OK); |
1088 | if (ret) { | |
ea918412 | 1089 | SYSERROR("Does this kernel version support namespaces?"); |
877f3a04 CB |
1090 | return -1; |
1091 | } | |
1092 | ||
9c4693b8 CS |
1093 | if (!options) |
1094 | options = &attach_static_default_options; | |
1095 | ||
1096 | init_pid = lxc_cmd_get_init_pid(name, lxcpath); | |
1097 | if (init_pid < 0) { | |
ae026f55 | 1098 | ERROR("Failed to get init pid"); |
9c4693b8 CS |
1099 | return -1; |
1100 | } | |
1101 | ||
1102 | init_ctx = lxc_proc_get_context_info(init_pid); | |
1103 | if (!init_ctx) { | |
6f4f1937 | 1104 | ERROR("Failed to get context of init process: %ld", (long)init_pid); |
9c4693b8 CS |
1105 | return -1; |
1106 | } | |
1107 | ||
9b8e3c96 SH |
1108 | personality = get_personality(name, lxcpath); |
1109 | if (init_ctx->personality < 0) { | |
6f4f1937 | 1110 | ERROR("Failed to get personality of the container"); |
9b8e3c96 SH |
1111 | lxc_proc_put_context_info(init_ctx); |
1112 | return -1; | |
1113 | } | |
1114 | init_ctx->personality = personality; | |
1115 | ||
ff07d7bb | 1116 | init_ctx->container = lxc_container_new(name, lxcpath); |
62de1db6 CB |
1117 | if (!init_ctx->container) { |
1118 | lxc_proc_put_context_info(init_ctx); | |
ff07d7bb | 1119 | return -1; |
62de1db6 | 1120 | } |
ff07d7bb | 1121 | |
ba773996 CB |
1122 | if (!init_ctx->container->lxc_conf) { |
1123 | init_ctx->container->lxc_conf = lxc_conf_init(); | |
62de1db6 CB |
1124 | if (!init_ctx->container->lxc_conf) { |
1125 | lxc_proc_put_context_info(init_ctx); | |
ea918412 | 1126 | return -1; |
62de1db6 | 1127 | } |
ba773996 | 1128 | } |
1cce35e6 | 1129 | conf = init_ctx->container->lxc_conf; |
ba773996 | 1130 | |
bd4307f0 | 1131 | if (!fetch_seccomp(init_ctx->container, options)) |
ae026f55 | 1132 | WARN("Failed to get seccomp policy"); |
2c4ea790 | 1133 | |
bd4307f0 | 1134 | if (!no_new_privs(init_ctx->container, options)) |
ae026f55 | 1135 | WARN("Could not determine whether PR_SET_NO_NEW_PRIVS is set"); |
2e812c16 | 1136 | |
9c4693b8 CS |
1137 | cwd = getcwd(NULL, 0); |
1138 | ||
8ce83369 CB |
1139 | /* Determine which namespaces the container was created with |
1140 | * by asking lxc-start, if necessary. | |
9c4693b8 CS |
1141 | */ |
1142 | if (options->namespaces == -1) { | |
1143 | options->namespaces = lxc_cmd_get_clone_flags(name, lxcpath); | |
1144 | /* call failed */ | |
1145 | if (options->namespaces == -1) { | |
8ce83369 | 1146 | ERROR("Failed to automatically determine the " |
877f3a04 | 1147 | "namespaces which the container uses"); |
9c4693b8 | 1148 | free(cwd); |
fe4de9a6 | 1149 | lxc_proc_put_context_info(init_ctx); |
9c4693b8 CS |
1150 | return -1; |
1151 | } | |
877f3a04 CB |
1152 | |
1153 | for (i = 0; i < LXC_NS_MAX; i++) { | |
1154 | if (ns_info[i].clone_flag & CLONE_NEWCGROUP) | |
1155 | if (!(options->attach_flags & LXC_ATTACH_MOVE_TO_CGROUP) || | |
1156 | !cgns_supported()) | |
1157 | continue; | |
1158 | ||
1159 | if (ns_info[i].clone_flag & options->namespaces) | |
1160 | continue; | |
1161 | ||
1162 | init_ctx->ns_inherited |= ns_info[i].clone_flag; | |
1163 | } | |
1164 | } | |
1165 | ||
0059379f | 1166 | pid = lxc_raw_getpid(); |
ea918412 | 1167 | |
877f3a04 | 1168 | for (i = 0; i < LXC_NS_MAX; i++) { |
ea918412 | 1169 | int j; |
877f3a04 CB |
1170 | |
1171 | if (options->namespaces & ns_info[i].clone_flag) | |
1172 | init_ctx->ns_fd[i] = lxc_preserve_ns(init_pid, ns_info[i].proc_name); | |
1173 | else if (init_ctx->ns_inherited & ns_info[i].clone_flag) | |
1174 | init_ctx->ns_fd[i] = in_same_namespace(pid, init_pid, ns_info[i].proc_name); | |
1175 | else | |
1176 | continue; | |
ea918412 | 1177 | |
877f3a04 CB |
1178 | if (init_ctx->ns_fd[i] >= 0) |
1179 | continue; | |
1180 | ||
1181 | if (init_ctx->ns_fd[i] == -EINVAL) { | |
1182 | DEBUG("Inheriting %s namespace from %d", | |
1183 | ns_info[i].proc_name, pid); | |
1184 | init_ctx->ns_inherited &= ~ns_info[i].clone_flag; | |
1185 | continue; | |
1186 | } | |
1187 | ||
1188 | /* We failed to preserve the namespace. */ | |
ea918412 | 1189 | SYSERROR("Failed to attach to %s namespace of %d", |
1190 | ns_info[i].proc_name, pid); | |
1191 | ||
877f3a04 CB |
1192 | /* Close all already opened file descriptors before we return an |
1193 | * error, so we don't leak them. | |
1194 | */ | |
1195 | for (j = 0; j < i; j++) | |
1196 | close(init_ctx->ns_fd[j]); | |
1197 | ||
877f3a04 CB |
1198 | free(cwd); |
1199 | lxc_proc_put_context_info(init_ctx); | |
1200 | return -1; | |
9c4693b8 CS |
1201 | } |
1202 | ||
9e84479f CB |
1203 | if (options->attach_flags & LXC_ATTACH_TERMINAL) { |
1204 | ret = lxc_attach_terminal(conf, &terminal); | |
ba2be1a8 | 1205 | if (ret < 0) { |
9e84479f | 1206 | ERROR("Failed to setup new terminal"); |
ba2be1a8 CB |
1207 | free(cwd); |
1208 | lxc_proc_put_context_info(init_ctx); | |
1209 | return -1; | |
1210 | } | |
1211 | ||
9e84479f | 1212 | terminal.log_fd = options->log_fd; |
c948657b | 1213 | } else { |
9e84479f | 1214 | lxc_terminal_init(&terminal); |
ba2be1a8 CB |
1215 | } |
1216 | ||
8ce83369 CB |
1217 | /* Create a socket pair for IPC communication; set SOCK_CLOEXEC in order |
1218 | * to make sure we don't irritate other threads that want to fork+exec | |
1219 | * away | |
9c4693b8 CS |
1220 | * |
1221 | * IMPORTANT: if the initial process is multithreaded and another call | |
1222 | * just fork()s away without exec'ing directly after, the socket fd will | |
1223 | * exist in the forked process from the other thread and any close() in | |
8ce83369 CB |
1224 | * our own child process will not really cause the socket to close |
1225 | * properly, potentiall causing the parent to hang. | |
9c4693b8 CS |
1226 | * |
1227 | * For this reason, while IPC is still active, we have to use shutdown() | |
8ce83369 CB |
1228 | * if the child exits prematurely in order to signal that the socket is |
1229 | * closed and cannot assume that the child exiting will automatically do | |
1230 | * that. | |
9c4693b8 CS |
1231 | * |
1232 | * IPC mechanism: (X is receiver) | |
1233 | * initial process intermediate attached | |
1234 | * X <--- send pid of | |
1235 | * attached proc, | |
1236 | * then exit | |
1237 | * send 0 ------------------------------------> X | |
1238 | * [do initialization] | |
1239 | * X <------------------------------------ send 1 | |
1240 | * [add to cgroup, ...] | |
1241 | * send 2 ------------------------------------> X | |
81f466d0 CB |
1242 | * [set LXC_ATTACH_NO_NEW_PRIVS] |
1243 | * X <------------------------------------ send 3 | |
1244 | * [open LSM label fd] | |
1245 | * send 4 ------------------------------------> X | |
1246 | * [set LSM label] | |
9c4693b8 CS |
1247 | * close socket close socket |
1248 | * run program | |
1249 | */ | |
1250 | ret = socketpair(PF_LOCAL, SOCK_STREAM | SOCK_CLOEXEC, 0, ipc_sockets); | |
1251 | if (ret < 0) { | |
ae026f55 | 1252 | SYSERROR("Could not set up required IPC mechanism for attaching"); |
9c4693b8 | 1253 | free(cwd); |
fe4de9a6 | 1254 | lxc_proc_put_context_info(init_ctx); |
9c4693b8 CS |
1255 | return -1; |
1256 | } | |
1257 | ||
e3f0e436 CB |
1258 | /* Create intermediate subprocess, two reasons: |
1259 | * 1. We can't setns() in the child itself, since we want to make | |
8ce83369 | 1260 | * sure we are properly attached to the pidns. |
e3f0e436 | 1261 | * 2. Also, the initial thread has to put the attached process |
8ce83369 CB |
1262 | * into the cgroup, which we can only do if we didn't already |
1263 | * setns() (otherwise, user namespaces will hate us). | |
9c4693b8 CS |
1264 | */ |
1265 | pid = fork(); | |
9c4693b8 | 1266 | if (pid < 0) { |
ae026f55 | 1267 | SYSERROR("Failed to create first subprocess"); |
9c4693b8 | 1268 | free(cwd); |
fe4de9a6 | 1269 | lxc_proc_put_context_info(init_ctx); |
9c4693b8 CS |
1270 | return -1; |
1271 | } | |
1272 | ||
1273 | if (pid) { | |
ba2be1a8 | 1274 | int ret_parent = -1; |
9c4693b8 | 1275 | pid_t to_cleanup_pid = pid; |
ba2be1a8 | 1276 | struct lxc_epoll_descr descr = {0}; |
9c4693b8 | 1277 | |
ba2be1a8 | 1278 | /* close unneeded file descriptors */ |
9c4693b8 CS |
1279 | close(ipc_sockets[1]); |
1280 | free(cwd); | |
ba2be1a8 | 1281 | lxc_proc_close_ns_fd(init_ctx); |
9e84479f CB |
1282 | if (options->attach_flags & LXC_ATTACH_TERMINAL) |
1283 | lxc_attach_terminal_close_slave(&terminal); | |
9c4693b8 | 1284 | |
8ce83369 | 1285 | /* Attach to cgroup, if requested. */ |
f4364484 | 1286 | if (options->attach_flags & LXC_ATTACH_MOVE_TO_CGROUP) { |
2202afc9 CB |
1287 | struct cgroup_ops *cgroup_ops; |
1288 | ||
1289 | cgroup_ops = cgroup_init(NULL); | |
1290 | if (!cgroup_ops) | |
1291 | goto on_error; | |
1292 | ||
1293 | if (!cgroup_ops->attach(cgroup_ops, name, lxcpath, pid)) | |
8ce83369 | 1294 | goto on_error; |
2202afc9 CB |
1295 | |
1296 | cgroup_exit(cgroup_ops); | |
1297 | TRACE("Moved intermediate process %d into container's cgroups", pid); | |
f4364484 SG |
1298 | } |
1299 | ||
bb2ada6f | 1300 | /* Setup /proc limits */ |
1cce35e6 CB |
1301 | if (!lxc_list_empty(&conf->procs)) { |
1302 | ret = setup_proc_filesystem(&conf->procs, pid); | |
bb2ada6f CB |
1303 | if (ret < 0) |
1304 | goto on_error; | |
1305 | } | |
1306 | ||
c6d09e15 | 1307 | /* Setup resource limits */ |
1cce35e6 CB |
1308 | if (!lxc_list_empty(&conf->limits)) { |
1309 | ret = setup_resource_limits(&conf->limits, pid); | |
ba2be1a8 CB |
1310 | if (ret < 0) |
1311 | goto on_error; | |
1312 | } | |
1313 | ||
9e84479f CB |
1314 | if (options->attach_flags & LXC_ATTACH_TERMINAL) { |
1315 | ret = lxc_attach_terminal_mainloop_init(&terminal, &descr); | |
ba2be1a8 | 1316 | if (ret < 0) |
6f4f1937 | 1317 | goto on_error; |
ea918412 | 1318 | |
9e84479f | 1319 | TRACE("Initialized terminal mainloop"); |
ba2be1a8 | 1320 | } |
c6d09e15 | 1321 | |
8ce83369 | 1322 | /* Let the child process know to go ahead. */ |
f4364484 SG |
1323 | status = 0; |
1324 | ret = lxc_write_nointr(ipc_sockets[0], &status, sizeof(status)); | |
94ac256f | 1325 | if (ret != sizeof(status)) |
ba2be1a8 | 1326 | goto close_mainloop; |
ea918412 | 1327 | |
94ac256f | 1328 | TRACE("Told intermediate process to start initializing"); |
f4364484 | 1329 | |
8ce83369 | 1330 | /* Get pid of attached process from intermediate process. */ |
94ac256f CB |
1331 | ret = lxc_read_nointr(ipc_sockets[0], &attached_pid, sizeof(attached_pid)); |
1332 | if (ret != sizeof(attached_pid)) | |
ba2be1a8 | 1333 | goto close_mainloop; |
ea918412 | 1334 | |
94ac256f | 1335 | TRACE("Received pid %d of attached process in parent pid namespace", attached_pid); |
9c4693b8 | 1336 | |
8ce83369 | 1337 | /* Ignore SIGKILL (CTRL-C) and SIGQUIT (CTRL-\) - issue #313. */ |
62183f1a SH |
1338 | if (options->stdin_fd == 0) { |
1339 | signal(SIGINT, SIG_IGN); | |
1340 | signal(SIGQUIT, SIG_IGN); | |
1341 | } | |
2eef2bda | 1342 | |
8ce83369 | 1343 | /* Reap intermediate process. */ |
9c4693b8 CS |
1344 | ret = wait_for_pid(pid); |
1345 | if (ret < 0) | |
ba2be1a8 | 1346 | goto close_mainloop; |
ea918412 | 1347 | |
94ac256f | 1348 | TRACE("Intermediate process %d exited", pid); |
9c4693b8 | 1349 | |
8ce83369 | 1350 | /* We will always have to reap the attached process now. */ |
9c4693b8 CS |
1351 | to_cleanup_pid = attached_pid; |
1352 | ||
81f466d0 | 1353 | /* Open LSM fd and send it to child. */ |
6f4f1937 CB |
1354 | if ((options->namespaces & CLONE_NEWNS) && |
1355 | (options->attach_flags & LXC_ATTACH_LSM) && | |
1356 | init_ctx->lsm_label) { | |
94ac256f | 1357 | int ret = -1; |
47ce2cb7 CB |
1358 | int labelfd; |
1359 | bool on_exec; | |
6f4f1937 | 1360 | |
47ce2cb7 CB |
1361 | on_exec = options->attach_flags & LXC_ATTACH_LSM_EXEC ? true : false; |
1362 | labelfd = lsm_process_label_fd_get(attached_pid, on_exec); | |
81f466d0 | 1363 | if (labelfd < 0) |
ba2be1a8 | 1364 | goto close_mainloop; |
ea918412 | 1365 | |
94ac256f | 1366 | TRACE("Opened LSM label file descriptor %d", labelfd); |
81f466d0 CB |
1367 | |
1368 | /* Send child fd of the LSM security module to write to. */ | |
ae467c54 | 1369 | ret = lxc_abstract_unix_send_fds(ipc_sockets[0], &labelfd, 1, NULL, 0); |
81f466d0 | 1370 | if (ret <= 0) { |
9044b79e | 1371 | if (ret < 0) |
1372 | SYSERROR("Failed to send lsm label fd"); | |
1373 | ||
1374 | close(labelfd); | |
ba2be1a8 | 1375 | goto close_mainloop; |
81f466d0 | 1376 | } |
9044b79e | 1377 | |
1378 | close(labelfd); | |
94ac256f | 1379 | TRACE("Sent LSM label file descriptor %d to child", labelfd); |
81f466d0 CB |
1380 | } |
1381 | ||
8ce83369 CB |
1382 | /* We're done, the child process should now execute whatever it |
1383 | * is that the user requested. The parent can now track it with | |
1384 | * waitpid() or similar. | |
9c4693b8 CS |
1385 | */ |
1386 | ||
1387 | *attached_process = attached_pid; | |
9c4693b8 | 1388 | |
ba2be1a8 | 1389 | /* Now shut down communication with child, we're done. */ |
9c4693b8 CS |
1390 | shutdown(ipc_sockets[0], SHUT_RDWR); |
1391 | close(ipc_sockets[0]); | |
ba2be1a8 CB |
1392 | ipc_sockets[0] = -1; |
1393 | ||
1394 | ret_parent = 0; | |
1395 | to_cleanup_pid = -1; | |
ea918412 | 1396 | |
9e84479f | 1397 | if (options->attach_flags & LXC_ATTACH_TERMINAL) { |
ba2be1a8 CB |
1398 | ret = lxc_mainloop(&descr, -1); |
1399 | if (ret < 0) { | |
1400 | ret_parent = -1; | |
1401 | to_cleanup_pid = attached_pid; | |
1402 | } | |
1403 | } | |
1404 | ||
1405 | close_mainloop: | |
9e84479f | 1406 | if (options->attach_flags & LXC_ATTACH_TERMINAL) |
ba2be1a8 CB |
1407 | lxc_mainloop_close(&descr); |
1408 | ||
1409 | on_error: | |
1410 | if (ipc_sockets[0] >= 0) { | |
1411 | shutdown(ipc_sockets[0], SHUT_RDWR); | |
1412 | close(ipc_sockets[0]); | |
1413 | } | |
1414 | ||
1415 | if (to_cleanup_pid > 0) | |
6f4f1937 | 1416 | (void)wait_for_pid(to_cleanup_pid); |
ba2be1a8 | 1417 | |
9e84479f CB |
1418 | if (options->attach_flags & LXC_ATTACH_TERMINAL) { |
1419 | lxc_terminal_delete(&terminal); | |
1420 | lxc_terminal_conf_free(&terminal); | |
ba2be1a8 | 1421 | } |
ea918412 | 1422 | |
fe4de9a6 | 1423 | lxc_proc_put_context_info(init_ctx); |
ba2be1a8 | 1424 | return ret_parent; |
9c4693b8 CS |
1425 | } |
1426 | ||
ba2be1a8 | 1427 | /* close unneeded file descriptors */ |
9c4693b8 | 1428 | close(ipc_sockets[0]); |
ba2be1a8 | 1429 | ipc_sockets[0] = -EBADF; |
ea918412 | 1430 | |
9e84479f CB |
1431 | if (options->attach_flags & LXC_ATTACH_TERMINAL) { |
1432 | lxc_attach_terminal_close_master(&terminal); | |
1433 | lxc_attach_terminal_close_peer(&terminal); | |
1434 | lxc_attach_terminal_close_log(&terminal); | |
ba2be1a8 | 1435 | } |
9c4693b8 | 1436 | |
8ce83369 | 1437 | /* Wait for the parent to have setup cgroups. */ |
94ac256f | 1438 | ret = lxc_read_nointr(ipc_sockets[1], &status, sizeof(status)); |
ba2be1a8 | 1439 | if (ret != sizeof(status)) { |
f4364484 | 1440 | shutdown(ipc_sockets[1], SHUT_RDWR); |
62de1db6 | 1441 | lxc_proc_put_context_info(init_ctx); |
c7ac2e1c | 1442 | _exit(EXIT_FAILURE); |
f4364484 | 1443 | } |
ea918412 | 1444 | |
94ac256f | 1445 | TRACE("Intermediate process starting to initialize"); |
f4364484 | 1446 | |
8ce83369 CB |
1447 | /* Attach now, create another subprocess later, since pid namespaces |
1448 | * only really affect the children of the current process. | |
9c4693b8 | 1449 | */ |
877f3a04 | 1450 | ret = lxc_attach_to_ns(init_pid, init_ctx); |
9c4693b8 | 1451 | if (ret < 0) { |
94ac256f | 1452 | ERROR("Failed to enter namespaces"); |
9c4693b8 | 1453 | shutdown(ipc_sockets[1], SHUT_RDWR); |
62de1db6 | 1454 | lxc_proc_put_context_info(init_ctx); |
c7ac2e1c | 1455 | _exit(EXIT_FAILURE); |
9c4693b8 | 1456 | } |
ea918412 | 1457 | |
877f3a04 CB |
1458 | /* close namespace file descriptors */ |
1459 | lxc_proc_close_ns_fd(init_ctx); | |
9c4693b8 | 1460 | |
8ce83369 | 1461 | /* Attach succeeded, try to cwd. */ |
9c4693b8 CS |
1462 | if (options->initial_cwd) |
1463 | new_cwd = options->initial_cwd; | |
1464 | else | |
1465 | new_cwd = cwd; | |
d6d979bc CB |
1466 | if (new_cwd) { |
1467 | ret = chdir(new_cwd); | |
1468 | if (ret < 0) | |
1469 | WARN("Could not change directory to \"%s\"", new_cwd); | |
1470 | } | |
9c4693b8 CS |
1471 | free(cwd); |
1472 | ||
a998454a CB |
1473 | /* Create attached process. */ |
1474 | payload.ipc_socket = ipc_sockets[1]; | |
1475 | payload.options = options; | |
1476 | payload.init_ctx = init_ctx; | |
9e84479f | 1477 | payload.terminal_slave_fd = terminal.slave; |
a998454a CB |
1478 | payload.exec_function = exec_function; |
1479 | payload.exec_payload = exec_payload; | |
9c4693b8 | 1480 | |
a998454a CB |
1481 | pid = lxc_raw_clone(CLONE_PARENT); |
1482 | if (pid < 0) { | |
94ac256f | 1483 | SYSERROR("Failed to clone attached process"); |
9c4693b8 | 1484 | shutdown(ipc_sockets[1], SHUT_RDWR); |
62de1db6 | 1485 | lxc_proc_put_context_info(init_ctx); |
c7ac2e1c | 1486 | _exit(EXIT_FAILURE); |
9c4693b8 | 1487 | } |
a998454a CB |
1488 | |
1489 | if (pid == 0) { | |
1490 | ret = attach_child_main(&payload); | |
1491 | if (ret < 0) | |
1492 | ERROR("Failed to exec"); | |
ea918412 | 1493 | |
a998454a CB |
1494 | _exit(EXIT_FAILURE); |
1495 | } | |
ea918412 | 1496 | |
9e84479f CB |
1497 | if (options->attach_flags & LXC_ATTACH_TERMINAL) |
1498 | lxc_attach_terminal_close_slave(&terminal); | |
9c4693b8 | 1499 | |
8ce83369 | 1500 | /* Tell grandparent the pid of the pid of the newly created child. */ |
9c4693b8 CS |
1501 | ret = lxc_write_nointr(ipc_sockets[1], &pid, sizeof(pid)); |
1502 | if (ret != sizeof(pid)) { | |
8ce83369 CB |
1503 | /* If this really happens here, this is very unfortunate, since |
1504 | * the parent will not know the pid of the attached process and | |
1505 | * will not be able to wait for it (and we won't either due to | |
1506 | * CLONE_PARENT) so the parent won't be able to reap it and the | |
1507 | * attached process will remain a zombie. | |
9c4693b8 | 1508 | */ |
9c4693b8 | 1509 | shutdown(ipc_sockets[1], SHUT_RDWR); |
62de1db6 | 1510 | lxc_proc_put_context_info(init_ctx); |
c7ac2e1c | 1511 | _exit(EXIT_FAILURE); |
9c4693b8 | 1512 | } |
ea918412 | 1513 | |
94ac256f | 1514 | TRACE("Sending pid %d of attached process", pid); |
9c4693b8 | 1515 | |
8ce83369 | 1516 | /* The rest is in the hands of the initial and the attached process. */ |
62de1db6 | 1517 | lxc_proc_put_context_info(init_ctx); |
c7ac2e1c | 1518 | _exit(0); |
9c4693b8 CS |
1519 | } |
1520 | ||
9c4693b8 CS |
1521 | int lxc_attach_run_command(void* payload) |
1522 | { | |
1523 | lxc_attach_command_t* cmd = (lxc_attach_command_t*)payload; | |
1524 | ||
1525 | execvp(cmd->program, cmd->argv); | |
ea918412 | 1526 | |
1527 | SYSERROR("Failed to exec \"%s\"", cmd->program); | |
9c4693b8 CS |
1528 | return -1; |
1529 | } | |
1530 | ||
1531 | int lxc_attach_run_shell(void* payload) | |
1532 | { | |
1533 | uid_t uid; | |
cb7aa5e8 DJ |
1534 | struct passwd pwent; |
1535 | struct passwd *pwentp = NULL; | |
9c4693b8 | 1536 | char *user_shell; |
cb7aa5e8 DJ |
1537 | char *buf; |
1538 | size_t bufsize; | |
1539 | int ret; | |
9c4693b8 | 1540 | |
8ce83369 | 1541 | /* Ignore payload parameter. */ |
9c4693b8 CS |
1542 | (void)payload; |
1543 | ||
1544 | uid = getuid(); | |
cb7aa5e8 DJ |
1545 | |
1546 | bufsize = sysconf(_SC_GETPW_R_SIZE_MAX); | |
1547 | if (bufsize == -1) | |
1548 | bufsize = 1024; | |
1549 | ||
1550 | buf = malloc(bufsize); | |
1551 | if (buf) { | |
1552 | ret = getpwuid_r(uid, &pwent, buf, bufsize, &pwentp); | |
1553 | if (!pwentp) { | |
1554 | if (ret == 0) | |
ea918412 | 1555 | WARN("Could not find matched password record"); |
cb7aa5e8 DJ |
1556 | |
1557 | WARN("Failed to get password record - %u", uid); | |
1558 | } | |
1559 | } | |
9c4693b8 | 1560 | |
8ce83369 CB |
1561 | /* This probably happens because of incompatible nss implementations in |
1562 | * host and container (remember, this code is still using the host's | |
1563 | * glibc but our mount namespace is in the container) we may try to get | |
1564 | * the information by spawning a [getent passwd uid] process and parsing | |
1565 | * the result. | |
9c4693b8 | 1566 | */ |
cb7aa5e8 | 1567 | if (!pwentp) |
9c4693b8 CS |
1568 | user_shell = lxc_attach_getpwshell(uid); |
1569 | else | |
cb7aa5e8 | 1570 | user_shell = pwent.pw_shell; |
ea918412 | 1571 | |
9c4693b8 | 1572 | if (user_shell) |
acf47e1b | 1573 | execlp(user_shell, user_shell, (char *)NULL); |
9c4693b8 | 1574 | |
8ce83369 CB |
1575 | /* Executed if either no passwd entry or execvp fails, we will fall back |
1576 | * on /bin/sh as a default shell. | |
9c4693b8 | 1577 | */ |
acf47e1b | 1578 | execlp("/bin/sh", "/bin/sh", (char *)NULL); |
ea918412 | 1579 | |
edeb1836 | 1580 | SYSERROR("Failed to execute shell"); |
cb7aa5e8 | 1581 | if (!pwentp) |
edeb1836 | 1582 | free(user_shell); |
ea918412 | 1583 | |
cb7aa5e8 | 1584 | free(buf); |
9c4693b8 CS |
1585 | return -1; |
1586 | } |