]>
Commit | Line | Data |
---|---|---|
e0732705 CS |
1 | /* |
2 | * lxc: linux Container library | |
3 | * | |
4 | * (C) Copyright IBM Corp. 2007, 2008 | |
5 | * | |
6 | * Authors: | |
9afe19d6 | 7 | * Daniel Lezcano <daniel.lezcano at free.fr> |
e0732705 CS |
8 | * |
9 | * This library is free software; you can redistribute it and/or | |
10 | * modify it under the terms of the GNU Lesser General Public | |
11 | * License as published by the Free Software Foundation; either | |
12 | * version 2.1 of the License, or (at your option) any later version. | |
13 | * | |
14 | * This library is distributed in the hope that it will be useful, | |
15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
17 | * Lesser General Public License for more details. | |
18 | * | |
19 | * You should have received a copy of the GNU Lesser General Public | |
20 | * License along with this library; if not, write to the Free Software | |
250b1eec | 21 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA |
e0732705 CS |
22 | */ |
23 | ||
24 | #define _GNU_SOURCE | |
e0732705 CS |
25 | #include <errno.h> |
26 | #include <fcntl.h> | |
e5adb2b5 | 27 | #include <termios.h> |
c476bdce | 28 | #include <grp.h> |
6f4f1937 CB |
29 | #include <pwd.h> |
30 | #include <signal.h> | |
31 | #include <stdio.h> | |
32 | #include <stdlib.h> | |
33 | #include <string.h> | |
34 | #include <unistd.h> | |
35 | #include <linux/unistd.h> | |
36 | #include <sys/mount.h> | |
e0732705 CS |
37 | #include <sys/param.h> |
38 | #include <sys/prctl.h> | |
5ec27989 | 39 | #include <sys/socket.h> |
1ba0013f | 40 | #include <sys/syscall.h> |
905022f7 | 41 | #include <sys/wait.h> |
6f4f1937 CB |
42 | |
43 | #include <lxc/lxccontainer.h> | |
e0732705 | 44 | |
955e2a02 | 45 | #ifndef HAVE_DECL_PR_CAPBSET_DROP |
e0732705 CS |
46 | #define PR_CAPBSET_DROP 24 |
47 | #endif | |
48 | ||
955e2a02 CB |
49 | #ifndef HAVE_DECL_PR_SET_NO_NEW_PRIVS |
50 | #define PR_SET_NO_NEW_PRIVS 38 | |
51 | #endif | |
52 | ||
53 | #ifndef HAVE_DECL_PR_GET_NO_NEW_PRIVS | |
54 | #define PR_GET_NO_NEW_PRIVS 39 | |
55 | #endif | |
56 | ||
81f466d0 | 57 | #include "af_unix.h" |
e0732705 CS |
58 | #include "attach.h" |
59 | #include "caps.h" | |
9c4693b8 | 60 | #include "cgroup.h" |
6f4f1937 | 61 | #include "commands.h" |
2c4ea790 | 62 | #include "conf.h" |
6f4f1937 | 63 | #include "config.h" |
9b8e3c96 | 64 | #include "confile.h" |
6f4f1937 CB |
65 | #include "log.h" |
66 | #include "lsm/lsm.h" | |
67 | #include "lxclock.h" | |
68 | #include "lxcseccomp.h" | |
ba2be1a8 | 69 | #include "mainloop.h" |
6f4f1937 | 70 | #include "namespace.h" |
0ed9b1bc | 71 | #include "terminal.h" |
6f4f1937 | 72 | #include "utils.h" |
9c4693b8 CS |
73 | |
74 | #if HAVE_SYS_PERSONALITY_H | |
75 | #include <sys/personality.h> | |
76 | #endif | |
e0732705 | 77 | |
a3da2f3b | 78 | #ifndef SOCK_CLOEXEC |
6f4f1937 | 79 | #define SOCK_CLOEXEC 02000000 |
a3da2f3b SG |
80 | #endif |
81 | ||
d6a3c917 SG |
82 | #ifndef MS_REC |
83 | #define MS_REC 16384 | |
84 | #endif | |
85 | ||
86 | #ifndef MS_SLAVE | |
6f4f1937 | 87 | #define MS_SLAVE (1 << 19) |
d6a3c917 SG |
88 | #endif |
89 | ||
ac2cecc4 | 90 | lxc_log_define(attach, lxc); |
e0732705 | 91 | |
8ce83369 | 92 | /* /proc/pid-to-str/status\0 = (5 + 21 + 7 + 1) */ |
eab15c1e | 93 | #define __PROC_STATUS_LEN (5 + (LXC_NUMSTRLEN64) + 7 + 1) |
74a3920a | 94 | static struct lxc_proc_context_info *lxc_proc_get_context_info(pid_t pid) |
e0732705 | 95 | { |
6f4f1937 CB |
96 | int ret; |
97 | bool found; | |
e0732705 | 98 | FILE *proc_file; |
8ce83369 | 99 | char proc_fn[__PROC_STATUS_LEN]; |
e0732705 | 100 | size_t line_bufsz = 0; |
6f4f1937 | 101 | char *line = NULL; |
8ce83369 | 102 | struct lxc_proc_context_info *info = NULL; |
e0732705 | 103 | |
8ce83369 CB |
104 | /* Read capabilities. */ |
105 | ret = snprintf(proc_fn, __PROC_STATUS_LEN, "/proc/%d/status", pid); | |
106 | if (ret < 0 || ret >= __PROC_STATUS_LEN) | |
107 | goto on_error; | |
e0732705 CS |
108 | |
109 | proc_file = fopen(proc_fn, "r"); | |
110 | if (!proc_file) { | |
ea918412 | 111 | SYSERROR("Could not open %s", proc_fn); |
8ce83369 | 112 | goto on_error; |
e0732705 CS |
113 | } |
114 | ||
8ce83369 CB |
115 | info = calloc(1, sizeof(*info)); |
116 | if (!info) { | |
ea918412 | 117 | SYSERROR("Could not allocate memory"); |
17ac5301 | 118 | fclose(proc_file); |
8ce83369 CB |
119 | return NULL; |
120 | } | |
121 | ||
122 | found = false; | |
ea918412 | 123 | |
e0732705 CS |
124 | while (getline(&line, &line_bufsz, proc_file) != -1) { |
125 | ret = sscanf(line, "CapBnd: %llx", &info->capability_mask); | |
8ce83369 CB |
126 | if (ret != EOF && ret == 1) { |
127 | found = true; | |
e0732705 CS |
128 | break; |
129 | } | |
130 | } | |
131 | ||
f10fad2f | 132 | free(line); |
e0732705 CS |
133 | fclose(proc_file); |
134 | ||
135 | if (!found) { | |
ea918412 | 136 | ERROR("Could not read capability bounding set from %s", |
137 | proc_fn); | |
8ce83369 | 138 | goto on_error; |
e0732705 CS |
139 | } |
140 | ||
fe4de9a6 | 141 | info->lsm_label = lsm_process_label_get(pid); |
877f3a04 CB |
142 | info->ns_inherited = 0; |
143 | memset(info->ns_fd, -1, sizeof(int) * LXC_NS_MAX); | |
e0732705 | 144 | |
e0732705 CS |
145 | return info; |
146 | ||
8ce83369 | 147 | on_error: |
460a1cf0 | 148 | free(info); |
e0732705 CS |
149 | return NULL; |
150 | } | |
151 | ||
877f3a04 CB |
152 | static inline void lxc_proc_close_ns_fd(struct lxc_proc_context_info *ctx) |
153 | { | |
154 | int i; | |
155 | ||
156 | for (i = 0; i < LXC_NS_MAX; i++) { | |
157 | if (ctx->ns_fd[i] < 0) | |
158 | continue; | |
ea918412 | 159 | |
877f3a04 CB |
160 | close(ctx->ns_fd[i]); |
161 | ctx->ns_fd[i] = -EBADF; | |
162 | } | |
163 | } | |
164 | ||
fe4de9a6 DE |
165 | static void lxc_proc_put_context_info(struct lxc_proc_context_info *ctx) |
166 | { | |
f10fad2f | 167 | free(ctx->lsm_label); |
08ea9270 CB |
168 | ctx->lsm_label = NULL; |
169 | ||
170 | if (ctx->container) { | |
2c4ea790 | 171 | lxc_container_put(ctx->container); |
08ea9270 CB |
172 | ctx->container = NULL; |
173 | } | |
174 | ||
877f3a04 | 175 | lxc_proc_close_ns_fd(ctx); |
fe4de9a6 DE |
176 | free(ctx); |
177 | } | |
178 | ||
299d1198 CB |
179 | /** |
180 | * in_same_namespace - Check whether two processes are in the same namespace. | |
181 | * @pid1 - PID of the first process. | |
182 | * @pid2 - PID of the second process. | |
183 | * @ns - Name of the namespace to check. Must correspond to one of the names | |
184 | * for the namespaces as shown in /proc/<pid/ns/ | |
185 | * | |
186 | * If the two processes are not in the same namespace returns an fd to the | |
187 | * namespace of the second process identified by @pid2. If the two processes are | |
188 | * in the same namespace returns -EINVAL, -1 if an error occurred. | |
189 | */ | |
190 | static int in_same_namespace(pid_t pid1, pid_t pid2, const char *ns) | |
191 | { | |
192 | int ns_fd1 = -1, ns_fd2 = -1, ret = -1; | |
ea918412 | 193 | int saved_errno = errno; |
299d1198 CB |
194 | struct stat ns_st1, ns_st2; |
195 | ||
196 | ns_fd1 = lxc_preserve_ns(pid1, ns); | |
134284c3 CB |
197 | if (ns_fd1 < 0) { |
198 | /* The kernel does not support this namespace. This is not an | |
199 | * error. | |
200 | */ | |
201 | if (errno == ENOENT) | |
202 | return -EINVAL; | |
203 | ||
ea918412 | 204 | saved_errno = errno; |
299d1198 | 205 | goto out; |
134284c3 | 206 | } |
299d1198 CB |
207 | |
208 | ns_fd2 = lxc_preserve_ns(pid2, ns); | |
ea918412 | 209 | if (ns_fd2 < 0) { |
210 | saved_errno = errno; | |
299d1198 | 211 | goto out; |
ea918412 | 212 | } |
299d1198 CB |
213 | |
214 | ret = fstat(ns_fd1, &ns_st1); | |
ea918412 | 215 | if (ret < 0) { |
216 | saved_errno = errno; | |
299d1198 | 217 | goto out; |
ea918412 | 218 | } |
299d1198 CB |
219 | |
220 | ret = fstat(ns_fd2, &ns_st2); | |
ea918412 | 221 | if (ret < 0) { |
222 | saved_errno = errno; | |
299d1198 | 223 | goto out; |
ea918412 | 224 | } |
299d1198 CB |
225 | |
226 | /* processes are in the same namespace */ | |
ea918412 | 227 | if ((ns_st1.st_dev == ns_st2.st_dev ) && (ns_st1.st_ino == ns_st2.st_ino)) { |
228 | ret = -EINVAL; | |
299d1198 | 229 | goto out; |
ea918412 | 230 | } |
299d1198 CB |
231 | |
232 | /* processes are in different namespaces */ | |
233 | ret = ns_fd2; | |
234 | ns_fd2 = -1; | |
235 | ||
236 | out: | |
299d1198 CB |
237 | if (ns_fd1 >= 0) |
238 | close(ns_fd1); | |
ea918412 | 239 | |
299d1198 CB |
240 | if (ns_fd2 >= 0) |
241 | close(ns_fd2); | |
242 | ||
ea918412 | 243 | errno = saved_errno; |
299d1198 CB |
244 | return ret; |
245 | } | |
246 | ||
877f3a04 | 247 | static int lxc_attach_to_ns(pid_t pid, struct lxc_proc_context_info *ctx) |
99d50954 | 248 | { |
ea918412 | 249 | int i; |
99d50954 | 250 | |
26818618 | 251 | for (i = 0; i < LXC_NS_MAX; i++) { |
877f3a04 | 252 | if (ctx->ns_fd[i] < 0) |
26818618 CB |
253 | continue; |
254 | ||
ea918412 | 255 | if (setns(ctx->ns_fd[i], ns_info[i].clone_flag) < 0) { |
299d1198 | 256 | SYSERROR("Failed to attach to %s namespace of %d", |
ea918412 | 257 | ns_info[i].proc_name, pid); |
99d50954 CS |
258 | return -1; |
259 | } | |
260 | ||
299d1198 | 261 | DEBUG("Attached to %s namespace of %d", ns_info[i].proc_name, pid); |
99d50954 CS |
262 | } |
263 | ||
264 | return 0; | |
265 | } | |
266 | ||
74a3920a | 267 | static int lxc_attach_remount_sys_proc(void) |
7a0b0b56 CS |
268 | { |
269 | int ret; | |
270 | ||
271 | ret = unshare(CLONE_NEWNS); | |
272 | if (ret < 0) { | |
ea918412 | 273 | SYSERROR("Failed to unshare mount namespace"); |
7a0b0b56 CS |
274 | return -1; |
275 | } | |
276 | ||
2c6f3fc9 | 277 | if (detect_shared_rootfs()) { |
6f4f1937 | 278 | if (mount(NULL, "/", NULL, MS_SLAVE | MS_REC, NULL)) { |
ea918412 | 279 | SYSERROR("Failed to make / rslave"); |
2c6f3fc9 SH |
280 | ERROR("Continuing..."); |
281 | } | |
282 | } | |
283 | ||
8ce83369 | 284 | /* Assume /proc is always mounted, so remount it. */ |
7a0b0b56 CS |
285 | ret = umount2("/proc", MNT_DETACH); |
286 | if (ret < 0) { | |
ea918412 | 287 | SYSERROR("Failed to unmount /proc"); |
7a0b0b56 CS |
288 | return -1; |
289 | } | |
290 | ||
291 | ret = mount("none", "/proc", "proc", 0, NULL); | |
292 | if (ret < 0) { | |
ea918412 | 293 | SYSERROR("Failed to remount /proc"); |
7a0b0b56 CS |
294 | return -1; |
295 | } | |
296 | ||
8ce83369 CB |
297 | /* Try to umount /sys. If it's not a mount point, we'll get EINVAL, then |
298 | * we ignore it because it may not have been mounted in the first place. | |
7a0b0b56 CS |
299 | */ |
300 | ret = umount2("/sys", MNT_DETACH); | |
301 | if (ret < 0 && errno != EINVAL) { | |
ea918412 | 302 | SYSERROR("Failed to unmount /sys"); |
7a0b0b56 CS |
303 | return -1; |
304 | } else if (ret == 0) { | |
8ce83369 | 305 | /* Remount it. */ |
7a0b0b56 CS |
306 | ret = mount("none", "/sys", "sysfs", 0, NULL); |
307 | if (ret < 0) { | |
ea918412 | 308 | SYSERROR("Failed to remount /sys"); |
7a0b0b56 CS |
309 | return -1; |
310 | } | |
311 | } | |
312 | ||
313 | return 0; | |
314 | } | |
315 | ||
74a3920a | 316 | static int lxc_attach_drop_privs(struct lxc_proc_context_info *ctx) |
e0732705 | 317 | { |
6f4f1937 | 318 | int cap, last_cap; |
e0732705 | 319 | |
6f4f1937 | 320 | last_cap = lxc_caps_last_cap(); |
e0732705 CS |
321 | for (cap = 0; cap <= last_cap; cap++) { |
322 | if (ctx->capability_mask & (1LL << cap)) | |
323 | continue; | |
324 | ||
325 | if (prctl(PR_CAPBSET_DROP, cap, 0, 0, 0)) { | |
94ac256f | 326 | SYSERROR("Failed to drop capability %d", cap); |
e0732705 CS |
327 | return -1; |
328 | } | |
ea918412 | 329 | |
94ac256f | 330 | TRACE("Dropped capability %d", cap); |
e0732705 CS |
331 | } |
332 | ||
333 | return 0; | |
334 | } | |
905022f7 | 335 | |
7385273f | 336 | static int lxc_attach_set_environment(struct lxc_proc_context_info *init_ctx, |
337 | enum lxc_attach_env_policy_t policy, | |
6f4f1937 | 338 | char **extra_env, char **extra_keep) |
b3a39ba6 | 339 | { |
3d55242a | 340 | int ret; |
7385273f | 341 | struct lxc_list *iterator; |
342 | ||
799f96fd | 343 | if (policy == LXC_ATTACH_CLEAR_ENV) { |
3d5e9f48 | 344 | int path_kept = 0; |
6f4f1937 | 345 | char **extra_keep_store = NULL; |
3d5e9f48 CS |
346 | |
347 | if (extra_keep) { | |
348 | size_t count, i; | |
349 | ||
3d55242a CB |
350 | for (count = 0; extra_keep[count]; count++) |
351 | ; | |
3d5e9f48 CS |
352 | |
353 | extra_keep_store = calloc(count, sizeof(char *)); | |
3d55242a | 354 | if (!extra_keep_store) |
3d5e9f48 | 355 | return -1; |
3d55242a | 356 | |
3d5e9f48 CS |
357 | for (i = 0; i < count; i++) { |
358 | char *v = getenv(extra_keep[i]); | |
359 | if (v) { | |
360 | extra_keep_store[i] = strdup(v); | |
361 | if (!extra_keep_store[i]) { | |
3d5e9f48 CS |
362 | while (i > 0) |
363 | free(extra_keep_store[--i]); | |
ea918412 | 364 | |
3d5e9f48 CS |
365 | free(extra_keep_store); |
366 | return -1; | |
367 | } | |
3d55242a | 368 | |
3d5e9f48 CS |
369 | if (strcmp(extra_keep[i], "PATH") == 0) |
370 | path_kept = 1; | |
371 | } | |
3d5e9f48 CS |
372 | } |
373 | } | |
374 | ||
799f96fd | 375 | if (clearenv()) { |
a9cab7e3 | 376 | if (extra_keep_store) { |
3d55242a CB |
377 | char **p; |
378 | ||
a9cab7e3 CS |
379 | for (p = extra_keep_store; *p; p++) |
380 | free(*p); | |
3d55242a | 381 | |
a9cab7e3 CS |
382 | free(extra_keep_store); |
383 | } | |
3d55242a | 384 | |
ea918412 | 385 | ERROR("Failed to clear environment"); |
3d5e9f48 CS |
386 | return -1; |
387 | } | |
388 | ||
389 | if (extra_keep_store) { | |
390 | size_t i; | |
6f4f1937 | 391 | |
3d5e9f48 | 392 | for (i = 0; extra_keep[i]; i++) { |
acd4922e | 393 | if (extra_keep_store[i]) { |
3d55242a CB |
394 | ret = setenv(extra_keep[i], extra_keep_store[i], 1); |
395 | if (ret < 0) | |
a24c5678 | 396 | SYSWARN("Failed to set environment variable"); |
acd4922e | 397 | } |
ea918412 | 398 | |
3d5e9f48 CS |
399 | free(extra_keep_store[i]); |
400 | } | |
ea918412 | 401 | |
3d5e9f48 CS |
402 | free(extra_keep_store); |
403 | } | |
404 | ||
8ce83369 CB |
405 | /* Always set a default path; shells and execlp tend to be fine |
406 | * without it, but there is a disturbing number of C programs | |
407 | * out there that just assume that getenv("PATH") is never NULL | |
408 | * and then die a painful segfault death. | |
409 | */ | |
3d55242a CB |
410 | if (!path_kept) { |
411 | ret = setenv("PATH", "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", 1); | |
412 | if (ret < 0) | |
a24c5678 | 413 | SYSWARN("Failed to set environment variable"); |
3d55242a | 414 | } |
b3a39ba6 DW |
415 | } |
416 | ||
3d55242a CB |
417 | ret = putenv("container=lxc"); |
418 | if (ret < 0) { | |
a24c5678 | 419 | SYSWARN("Failed to set environment variable"); |
b3a39ba6 DW |
420 | return -1; |
421 | } | |
422 | ||
7385273f | 423 | /* Set container environment variables.*/ |
424 | if (init_ctx && init_ctx->container && init_ctx->container->lxc_conf) { | |
425 | lxc_list_for_each(iterator, &init_ctx->container->lxc_conf->environment) { | |
3d55242a CB |
426 | char *env_tmp; |
427 | ||
428 | env_tmp = strdup((char *)iterator->elem); | |
429 | if (!env_tmp) | |
7385273f | 430 | return -1; |
7385273f | 431 | |
3d55242a CB |
432 | ret = putenv(env_tmp); |
433 | if (ret < 0) { | |
434 | SYSERROR("Failed to set environment variable: %s", (char *)iterator->elem); | |
7385273f | 435 | return -1; |
436 | } | |
437 | } | |
438 | } | |
439 | ||
8ce83369 | 440 | /* Set extra environment variables. */ |
3d5e9f48 CS |
441 | if (extra_env) { |
442 | for (; *extra_env; extra_env++) { | |
3d55242a | 443 | char *p; |
ea918412 | 444 | |
8ce83369 CB |
445 | /* We just assume the user knows what they are doing, so |
446 | * we don't do any checks. | |
447 | */ | |
3d55242a CB |
448 | p = strdup(*extra_env); |
449 | if (!p) | |
3d5e9f48 | 450 | return -1; |
3d55242a CB |
451 | |
452 | ret = putenv(p); | |
453 | if (ret < 0) | |
a24c5678 | 454 | SYSWARN("Failed to set environment variable"); |
3d5e9f48 CS |
455 | } |
456 | } | |
457 | ||
b3a39ba6 DW |
458 | return 0; |
459 | } | |
460 | ||
74a3920a | 461 | static char *lxc_attach_getpwshell(uid_t uid) |
905022f7 | 462 | { |
6f4f1937 | 463 | int fd, ret; |
905022f7 CS |
464 | pid_t pid; |
465 | int pipes[2]; | |
3fa23ac3 CB |
466 | FILE *pipe_f; |
467 | bool found = false; | |
468 | size_t line_bufsz = 0; | |
469 | char *line = NULL, *result = NULL; | |
905022f7 | 470 | |
8ce83369 CB |
471 | /* We need to fork off a process that runs the getent program, and we |
472 | * need to capture its output, so we use a pipe for that purpose. | |
905022f7 | 473 | */ |
3fa23ac3 | 474 | ret = pipe2(pipes, O_CLOEXEC); |
905022f7 CS |
475 | if (ret < 0) |
476 | return NULL; | |
477 | ||
478 | pid = fork(); | |
479 | if (pid < 0) { | |
480 | close(pipes[0]); | |
481 | close(pipes[1]); | |
482 | return NULL; | |
483 | } | |
484 | ||
3fa23ac3 | 485 | if (!pid) { |
905022f7 CS |
486 | char uid_buf[32]; |
487 | char *arguments[] = { | |
488 | "getent", | |
489 | "passwd", | |
490 | uid_buf, | |
491 | NULL | |
492 | }; | |
493 | ||
494 | close(pipes[0]); | |
495 | ||
8ce83369 | 496 | /* We want to capture stdout. */ |
3fa23ac3 | 497 | ret = dup2(pipes[1], STDOUT_FILENO); |
905022f7 | 498 | close(pipes[1]); |
3fa23ac3 | 499 | if (ret < 0) |
ea918412 | 500 | _exit(EXIT_FAILURE); |
905022f7 | 501 | |
8ce83369 CB |
502 | /* Get rid of stdin/stderr, so we try to associate it with |
503 | * /dev/null. | |
905022f7 | 504 | */ |
3fa23ac3 | 505 | fd = open_devnull(); |
905022f7 | 506 | if (fd < 0) { |
3fa23ac3 CB |
507 | close(STDIN_FILENO); |
508 | close(STDERR_FILENO); | |
905022f7 | 509 | } else { |
3fa23ac3 CB |
510 | (void)dup3(fd, STDIN_FILENO, O_CLOEXEC); |
511 | (void)dup3(fd, STDOUT_FILENO, O_CLOEXEC); | |
905022f7 CS |
512 | close(fd); |
513 | } | |
514 | ||
8ce83369 | 515 | /* Finish argument list. */ |
3fa23ac3 CB |
516 | ret = snprintf(uid_buf, sizeof(uid_buf), "%ld", (long)uid); |
517 | if (ret <= 0 || ret >= sizeof(uid_buf)) | |
ea918412 | 518 | _exit(EXIT_FAILURE); |
905022f7 | 519 | |
8ce83369 | 520 | /* Try to run getent program. */ |
3fa23ac3 | 521 | (void)execvp("getent", arguments); |
ea918412 | 522 | _exit(EXIT_FAILURE); |
905022f7 | 523 | } |
3fa23ac3 CB |
524 | |
525 | close(pipes[1]); | |
526 | ||
527 | pipe_f = fdopen(pipes[0], "r"); | |
528 | while (getline(&line, &line_bufsz, pipe_f) != -1) { | |
529 | int i; | |
530 | long value; | |
531 | char *token; | |
532 | char *endptr = NULL, *saveptr = NULL; | |
533 | ||
534 | /* If we already found something, just continue to read | |
535 | * until the pipe doesn't deliver any more data, but | |
536 | * don't modify the existing data structure. | |
537 | */ | |
538 | if (found) | |
539 | continue; | |
540 | ||
541 | /* Trim line on the right hand side. */ | |
542 | for (i = strlen(line); i > 0 && (line[i - 1] == '\n' || line[i - 1] == '\r'); --i) | |
543 | line[i - 1] = '\0'; | |
544 | ||
545 | /* Split into tokens: first: user name. */ | |
546 | token = strtok_r(line, ":", &saveptr); | |
547 | if (!token) | |
548 | continue; | |
549 | ||
550 | /* next: dummy password field */ | |
551 | token = strtok_r(NULL, ":", &saveptr); | |
552 | if (!token) | |
553 | continue; | |
554 | ||
555 | /* next: user id */ | |
556 | token = strtok_r(NULL, ":", &saveptr); | |
557 | value = token ? strtol(token, &endptr, 10) : 0; | |
558 | if (!token || !endptr || *endptr || value == LONG_MIN || | |
ea918412 | 559 | value == LONG_MAX) |
3fa23ac3 CB |
560 | continue; |
561 | ||
562 | /* dummy sanity check: user id matches */ | |
563 | if ((uid_t)value != uid) | |
564 | continue; | |
565 | ||
566 | /* skip fields: gid, gecos, dir, go to next field 'shell' */ | |
567 | for (i = 0; i < 4; i++) { | |
568 | token = strtok_r(NULL, ":", &saveptr); | |
569 | if (!token) | |
570 | continue; | |
571 | } | |
ea918412 | 572 | |
3fa23ac3 CB |
573 | if (!token) |
574 | continue; | |
ea918412 | 575 | |
3fa23ac3 CB |
576 | free(result); |
577 | result = strdup(token); | |
578 | ||
579 | /* Sanity check that there are no fields after that. */ | |
580 | token = strtok_r(NULL, ":", &saveptr); | |
581 | if (token) | |
582 | continue; | |
583 | ||
584 | found = true; | |
585 | } | |
ea918412 | 586 | |
3fa23ac3 CB |
587 | free(line); |
588 | fclose(pipe_f); | |
589 | ||
590 | ret = wait_for_pid(pid); | |
591 | if (ret < 0) { | |
592 | free(result); | |
593 | return NULL; | |
594 | } | |
595 | ||
596 | if (!found) { | |
597 | free(result); | |
598 | return NULL; | |
599 | } | |
600 | ||
601 | return result; | |
905022f7 | 602 | } |
cb3e61fa | 603 | |
6f4f1937 | 604 | static void lxc_attach_get_init_uidgid(uid_t *init_uid, gid_t *init_gid) |
cb3e61fa CS |
605 | { |
606 | FILE *proc_file; | |
8ce83369 CB |
607 | char proc_fn[__PROC_STATUS_LEN]; |
608 | int ret; | |
cb3e61fa CS |
609 | char *line = NULL; |
610 | size_t line_bufsz = 0; | |
cb3e61fa CS |
611 | long value = -1; |
612 | uid_t uid = (uid_t)-1; | |
613 | gid_t gid = (gid_t)-1; | |
614 | ||
7fb45c93 CB |
615 | ret = snprintf(proc_fn, __PROC_STATUS_LEN, "/proc/%d/status", 1); |
616 | if (ret < 0 || ret >= __PROC_STATUS_LEN) | |
617 | return; | |
cb3e61fa CS |
618 | |
619 | proc_file = fopen(proc_fn, "r"); | |
620 | if (!proc_file) | |
621 | return; | |
622 | ||
623 | while (getline(&line, &line_bufsz, proc_file) != -1) { | |
8ce83369 CB |
624 | /* Format is: real, effective, saved set user, fs we only care |
625 | * about real uid. | |
cb3e61fa CS |
626 | */ |
627 | ret = sscanf(line, "Uid: %ld", &value); | |
8ce83369 | 628 | if (ret != EOF && ret == 1) { |
6f4f1937 | 629 | uid = (uid_t)value; |
cb3e61fa CS |
630 | } else { |
631 | ret = sscanf(line, "Gid: %ld", &value); | |
8ce83369 | 632 | if (ret != EOF && ret == 1) |
6f4f1937 | 633 | gid = (gid_t)value; |
cb3e61fa | 634 | } |
ea918412 | 635 | |
cb3e61fa CS |
636 | if (uid != (uid_t)-1 && gid != (gid_t)-1) |
637 | break; | |
638 | } | |
639 | ||
640 | fclose(proc_file); | |
641 | free(line); | |
642 | ||
8ce83369 | 643 | /* Only override arguments if we found something. */ |
cb3e61fa CS |
644 | if (uid != (uid_t)-1) |
645 | *init_uid = uid; | |
ea918412 | 646 | |
cb3e61fa CS |
647 | if (gid != (gid_t)-1) |
648 | *init_gid = gid; | |
649 | ||
650 | /* TODO: we should also parse supplementary groups and use | |
8ce83369 CB |
651 | * setgroups() to set them. |
652 | */ | |
cb3e61fa | 653 | } |
9c4693b8 | 654 | |
8ce83369 | 655 | /* Help the optimizer along if it doesn't know that exit always exits. */ |
6f4f1937 CB |
656 | #define rexit(c) \ |
657 | do { \ | |
658 | int __c = (c); \ | |
659 | _exit(__c); \ | |
660 | return __c; \ | |
661 | } while (0) | |
9c4693b8 | 662 | |
8ce83369 | 663 | /* Define default options if no options are supplied by the user. */ |
9c4693b8 CS |
664 | static lxc_attach_options_t attach_static_default_options = LXC_ATTACH_OPTIONS_DEFAULT; |
665 | ||
d4db3d14 | 666 | static bool fetch_seccomp(struct lxc_container *c, lxc_attach_options_t *options) |
2c4ea790 | 667 | { |
d4db3d14 CB |
668 | int ret; |
669 | bool bret; | |
bd7b4e28 | 670 | char *path; |
2eef2bda | 671 | |
6f4f1937 CB |
672 | if (!(options->namespaces & CLONE_NEWNS) || |
673 | !(options->attach_flags & LXC_ATTACH_LSM)) { | |
bd4307f0 CB |
674 | free(c->lxc_conf->seccomp); |
675 | c->lxc_conf->seccomp = NULL; | |
2c4ea790 | 676 | return true; |
bd4307f0 | 677 | } |
bd7b4e28 | 678 | |
2e812c16 | 679 | /* Remove current setting. */ |
d4db3d14 | 680 | if (!c->set_config_item(c, "lxc.seccomp.profile", "") && |
ea918412 | 681 | !c->set_config_item(c, "lxc.seccomp", "")) |
2c4ea790 | 682 | return false; |
bd7b4e28 | 683 | |
8ce83369 | 684 | /* Fetch the current profile path over the cmd interface. */ |
0b427da0 | 685 | path = c->get_running_config_item(c, "lxc.seccomp.profile"); |
bd7b4e28 | 686 | if (!path) { |
d4db3d14 | 687 | INFO("Failed to retrieve lxc.seccomp.profile"); |
ea918412 | 688 | |
0b427da0 | 689 | path = c->get_running_config_item(c, "lxc.seccomp"); |
d4db3d14 CB |
690 | if (!path) { |
691 | INFO("Failed to retrieve lxc.seccomp"); | |
692 | return true; | |
693 | } | |
bd7b4e28 SG |
694 | } |
695 | ||
8ce83369 | 696 | /* Copy the value into the new lxc_conf. */ |
d4db3d14 | 697 | bret = c->set_config_item(c, "lxc.seccomp.profile", path); |
bd7b4e28 | 698 | free(path); |
d4db3d14 CB |
699 | if (!bret) |
700 | return false; | |
bd7b4e28 | 701 | |
8ce83369 | 702 | /* Attempt to parse the resulting config. */ |
d4db3d14 CB |
703 | ret = lxc_read_seccomp_config(c->lxc_conf); |
704 | if (ret < 0) { | |
705 | ERROR("Failed to retrieve seccomp policy"); | |
2c4ea790 SH |
706 | return false; |
707 | } | |
708 | ||
d4db3d14 | 709 | INFO("Retrieved seccomp policy"); |
2e812c16 CB |
710 | return true; |
711 | } | |
712 | ||
6f4f1937 | 713 | static bool no_new_privs(struct lxc_container *c, lxc_attach_options_t *options) |
2e812c16 | 714 | { |
bcbef733 | 715 | bool bret; |
2e812c16 CB |
716 | char *val; |
717 | ||
2e812c16 | 718 | /* Remove current setting. */ |
bcbef733 CB |
719 | if (!c->set_config_item(c, "lxc.no_new_privs", "")) { |
720 | INFO("Failed to unset lxc.no_new_privs"); | |
2e812c16 | 721 | return false; |
bcbef733 | 722 | } |
2e812c16 CB |
723 | |
724 | /* Retrieve currently active setting. */ | |
725 | val = c->get_running_config_item(c, "lxc.no_new_privs"); | |
726 | if (!val) { | |
bcbef733 | 727 | INFO("Failed to retrieve lxc.no_new_privs"); |
2e812c16 CB |
728 | return false; |
729 | } | |
730 | ||
731 | /* Set currently active setting. */ | |
bcbef733 | 732 | bret = c->set_config_item(c, "lxc.no_new_privs", val); |
2e812c16 | 733 | free(val); |
bcbef733 | 734 | return bret; |
2c4ea790 SH |
735 | } |
736 | ||
9b8e3c96 SH |
737 | static signed long get_personality(const char *name, const char *lxcpath) |
738 | { | |
6f4f1937 | 739 | char *p; |
9b8e3c96 SH |
740 | signed long ret; |
741 | ||
6f4f1937 | 742 | p = lxc_cmd_get_config_item(name, "lxc.arch", lxcpath); |
9b8e3c96 SH |
743 | if (!p) |
744 | return -1; | |
6f4f1937 | 745 | |
9b8e3c96 SH |
746 | ret = lxc_config_parse_arch(p); |
747 | free(p); | |
6f4f1937 | 748 | |
9b8e3c96 SH |
749 | return ret; |
750 | } | |
751 | ||
a998454a CB |
752 | struct attach_clone_payload { |
753 | int ipc_socket; | |
9e84479f | 754 | int terminal_slave_fd; |
a998454a CB |
755 | lxc_attach_options_t *options; |
756 | struct lxc_proc_context_info *init_ctx; | |
757 | lxc_attach_exec_t exec_function; | |
758 | void *exec_payload; | |
759 | }; | |
760 | ||
ba2be1a8 CB |
761 | static void lxc_put_attach_clone_payload(struct attach_clone_payload *p) |
762 | { | |
763 | if (p->ipc_socket >= 0) { | |
764 | shutdown(p->ipc_socket, SHUT_RDWR); | |
765 | close(p->ipc_socket); | |
766 | p->ipc_socket = -EBADF; | |
767 | } | |
768 | ||
9e84479f CB |
769 | if (p->terminal_slave_fd >= 0) { |
770 | close(p->terminal_slave_fd); | |
771 | p->terminal_slave_fd = -EBADF; | |
ba2be1a8 CB |
772 | } |
773 | ||
b21da190 | 774 | if (p->init_ctx) { |
ba2be1a8 | 775 | lxc_proc_put_context_info(p->init_ctx); |
b21da190 CB |
776 | p->init_ctx = NULL; |
777 | } | |
ba2be1a8 CB |
778 | } |
779 | ||
a998454a CB |
780 | static int attach_child_main(struct attach_clone_payload *payload) |
781 | { | |
57de839f | 782 | int fd, lsm_fd, ret; |
a998454a CB |
783 | uid_t new_uid; |
784 | gid_t new_gid; | |
a998454a CB |
785 | lxc_attach_options_t* options = payload->options; |
786 | struct lxc_proc_context_info* init_ctx = payload->init_ctx; | |
57de839f CB |
787 | bool needs_lsm = (options->namespaces & CLONE_NEWNS) && |
788 | (options->attach_flags & LXC_ATTACH_LSM) && | |
789 | init_ctx->lsm_label; | |
a998454a CB |
790 | |
791 | /* A description of the purpose of this functionality is provided in the | |
792 | * lxc-attach(1) manual page. We have to remount here and not in the | |
793 | * parent process, otherwise /proc may not properly reflect the new pid | |
794 | * namespace. | |
795 | */ | |
796 | if (!(options->namespaces & CLONE_NEWNS) && | |
797 | (options->attach_flags & LXC_ATTACH_REMOUNT_PROC_SYS)) { | |
798 | ret = lxc_attach_remount_sys_proc(); | |
b75c344c CB |
799 | if (ret < 0) |
800 | goto on_error; | |
ea918412 | 801 | |
b75c344c | 802 | TRACE("Remounted \"/proc\" and \"/sys\""); |
a998454a CB |
803 | } |
804 | ||
b75c344c | 805 | /* Now perform additional attachments. */ |
a998454a | 806 | #if HAVE_SYS_PERSONALITY_H |
a998454a | 807 | if (options->attach_flags & LXC_ATTACH_SET_PERSONALITY) { |
b75c344c CB |
808 | long new_personality; |
809 | ||
810 | if (options->personality < 0) | |
811 | new_personality = init_ctx->personality; | |
812 | else | |
813 | new_personality = options->personality; | |
ea918412 | 814 | |
a998454a | 815 | ret = personality(new_personality); |
b75c344c CB |
816 | if (ret < 0) |
817 | goto on_error; | |
ea918412 | 818 | |
b75c344c | 819 | TRACE("Set new personality"); |
a998454a CB |
820 | } |
821 | #endif | |
822 | ||
823 | if (options->attach_flags & LXC_ATTACH_DROP_CAPABILITIES) { | |
824 | ret = lxc_attach_drop_privs(init_ctx); | |
b75c344c CB |
825 | if (ret < 0) |
826 | goto on_error; | |
ea918412 | 827 | |
b75c344c | 828 | TRACE("Dropped capabilities"); |
a998454a CB |
829 | } |
830 | ||
831 | /* Always set the environment (specify (LXC_ATTACH_KEEP_ENV, NULL, NULL) | |
832 | * if you want this to be a no-op). | |
833 | */ | |
7385273f | 834 | ret = lxc_attach_set_environment(init_ctx, |
835 | options->env_policy, | |
a998454a CB |
836 | options->extra_env_vars, |
837 | options->extra_keep_env); | |
b75c344c CB |
838 | if (ret < 0) |
839 | goto on_error; | |
ea918412 | 840 | |
b75c344c | 841 | TRACE("Set up environment"); |
a998454a | 842 | |
57de839f CB |
843 | /* This remark only affects fully unprivileged containers: |
844 | * Receive fd for LSM security module before we set{g,u}id(). The reason | |
845 | * is that on set{g,u}id() the kernel will a) make us undumpable and b) | |
846 | * we will change our effective uid. This means our effective uid will | |
847 | * be different from the effective uid of the process that created us | |
848 | * which means that this processs no longer has capabilities in our | |
849 | * namespace including CAP_SYS_PTRACE. This means we will not be able to | |
850 | * read and /proc/<pid> files for the process anymore when /proc is | |
851 | * mounted with hidepid={1,2}. So let's get the lsm label fd before the | |
852 | * set{g,u}id(). | |
853 | */ | |
854 | if (needs_lsm) { | |
b75c344c | 855 | ret = lxc_abstract_unix_recv_fds(payload->ipc_socket, &lsm_fd, 1, NULL, 0); |
9044b79e | 856 | if (ret <= 0) { |
857 | if (ret < 0) | |
858 | SYSERROR("Failed to receive lsm label fd"); | |
859 | ||
b75c344c | 860 | goto on_error; |
9044b79e | 861 | } |
862 | ||
57de839f CB |
863 | TRACE("Received LSM label file descriptor %d from parent", lsm_fd); |
864 | } | |
865 | ||
08ea9270 | 866 | if (options->stdin_fd > 0 && isatty(options->stdin_fd)) { |
cd0a2b2f | 867 | ret = lxc_make_controlling_terminal(options->stdin_fd); |
08ea9270 CB |
868 | if (ret < 0) |
869 | goto on_error; | |
870 | } | |
871 | ||
a998454a CB |
872 | /* Set {u,g}id. */ |
873 | new_uid = 0; | |
874 | new_gid = 0; | |
ea918412 | 875 | |
a998454a CB |
876 | /* Ignore errors, we will fall back to root in that case (/proc was not |
877 | * mounted etc.). | |
878 | */ | |
879 | if (options->namespaces & CLONE_NEWUSER) | |
880 | lxc_attach_get_init_uidgid(&new_uid, &new_gid); | |
881 | ||
882 | if (options->uid != (uid_t)-1) | |
883 | new_uid = options->uid; | |
ea918412 | 884 | |
a998454a CB |
885 | if (options->gid != (gid_t)-1) |
886 | new_gid = options->gid; | |
887 | ||
a998454a | 888 | /* Try to set the {u,g}id combination. */ |
b75c344c CB |
889 | if (new_uid != 0 || new_gid != 0 || options->namespaces & CLONE_NEWUSER) { |
890 | ret = lxc_switch_uid_gid(new_uid, new_gid); | |
891 | if (ret < 0) | |
892 | goto on_error; | |
a998454a CB |
893 | } |
894 | ||
24927339 | 895 | ret = lxc_setgroups(0, NULL); |
96ec54ac | 896 | if (ret < 0 && errno != EPERM) |
24927339 CB |
897 | goto on_error; |
898 | ||
a998454a CB |
899 | if ((init_ctx->container && init_ctx->container->lxc_conf && |
900 | init_ctx->container->lxc_conf->no_new_privs) || | |
901 | (options->attach_flags & LXC_ATTACH_NO_NEW_PRIVS)) { | |
b75c344c CB |
902 | ret = prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0); |
903 | if (ret < 0) | |
904 | goto on_error; | |
ea918412 | 905 | |
b75c344c | 906 | TRACE("Set PR_SET_NO_NEW_PRIVS"); |
a998454a CB |
907 | } |
908 | ||
57de839f | 909 | if (needs_lsm) { |
d3ba7c98 | 910 | bool on_exec; |
a998454a CB |
911 | |
912 | /* Change into our new LSM profile. */ | |
d3ba7c98 | 913 | on_exec = options->attach_flags & LXC_ATTACH_LSM_EXEC ? true : false; |
ea918412 | 914 | |
d3ba7c98 | 915 | ret = lsm_process_label_set_at(lsm_fd, init_ctx->lsm_label, on_exec); |
57de839f | 916 | close(lsm_fd); |
b75c344c CB |
917 | if (ret < 0) |
918 | goto on_error; | |
ea918412 | 919 | |
d3ba7c98 | 920 | TRACE("Set %s LSM label to \"%s\"", lsm_name(), init_ctx->lsm_label); |
a998454a CB |
921 | } |
922 | ||
923 | if (init_ctx->container && init_ctx->container->lxc_conf && | |
b75c344c CB |
924 | init_ctx->container->lxc_conf->seccomp) { |
925 | ret = lxc_seccomp_load(init_ctx->container->lxc_conf); | |
926 | if (ret < 0) | |
927 | goto on_error; | |
ea918412 | 928 | |
b75c344c | 929 | TRACE("Loaded seccomp profile"); |
a998454a | 930 | } |
ea918412 | 931 | |
b75c344c CB |
932 | shutdown(payload->ipc_socket, SHUT_RDWR); |
933 | close(payload->ipc_socket); | |
ba2be1a8 CB |
934 | payload->ipc_socket = -EBADF; |
935 | lxc_proc_put_context_info(init_ctx); | |
d35b372a | 936 | payload->init_ctx = NULL; |
a998454a CB |
937 | |
938 | /* The following is done after the communication socket is shut down. | |
939 | * That way, all errors that might (though unlikely) occur up until this | |
940 | * point will have their messages printed to the original stderr (if | |
941 | * logging is so configured) and not the fd the user supplied, if any. | |
942 | */ | |
943 | ||
944 | /* Fd handling for stdin, stdout and stderr; ignore errors here, user | |
945 | * may want to make sure the fds are closed, for example. | |
946 | */ | |
08ea9270 | 947 | if (options->stdin_fd >= 0 && options->stdin_fd != STDIN_FILENO) |
00c72a93 | 948 | (void)dup2(options->stdin_fd, STDIN_FILENO); |
08ea9270 CB |
949 | |
950 | if (options->stdout_fd >= 0 && options->stdout_fd != STDOUT_FILENO) | |
00c72a93 | 951 | (void)dup2(options->stdout_fd, STDOUT_FILENO); |
08ea9270 CB |
952 | |
953 | if (options->stderr_fd >= 0 && options->stderr_fd != STDERR_FILENO) | |
00c72a93 | 954 | (void)dup2(options->stderr_fd, STDERR_FILENO); |
a998454a CB |
955 | |
956 | /* close the old fds */ | |
08ea9270 | 957 | if (options->stdin_fd > STDERR_FILENO) |
a998454a | 958 | close(options->stdin_fd); |
08ea9270 CB |
959 | |
960 | if (options->stdout_fd > STDERR_FILENO) | |
a998454a | 961 | close(options->stdout_fd); |
08ea9270 CB |
962 | |
963 | if (options->stderr_fd > STDERR_FILENO) | |
a998454a CB |
964 | close(options->stderr_fd); |
965 | ||
966 | /* Try to remove FD_CLOEXEC flag from stdin/stdout/stderr, but also | |
967 | * here, ignore errors. | |
968 | */ | |
b75c344c | 969 | for (fd = STDIN_FILENO; fd <= STDERR_FILENO; fd++) { |
3f62938a | 970 | ret = fd_cloexec(fd, false); |
b75c344c CB |
971 | if (ret < 0) { |
972 | SYSERROR("Failed to clear FD_CLOEXEC from file descriptor %d", fd); | |
973 | goto on_error; | |
974 | } | |
a998454a CB |
975 | } |
976 | ||
9e84479f CB |
977 | if (options->attach_flags & LXC_ATTACH_TERMINAL) { |
978 | ret = lxc_terminal_prepare_login(payload->terminal_slave_fd); | |
ba2be1a8 | 979 | if (ret < 0) { |
9e84479f | 980 | SYSERROR("Failed to prepare terminal file descriptor %d", payload->terminal_slave_fd); |
ba2be1a8 CB |
981 | goto on_error; |
982 | } | |
ea918412 | 983 | |
9e84479f | 984 | TRACE("Prepared terminal file descriptor %d", payload->terminal_slave_fd); |
ba2be1a8 CB |
985 | } |
986 | ||
a998454a CB |
987 | /* We're done, so we can now do whatever the user intended us to do. */ |
988 | rexit(payload->exec_function(payload->exec_payload)); | |
b75c344c CB |
989 | |
990 | on_error: | |
ba2be1a8 | 991 | lxc_put_attach_clone_payload(payload); |
b75c344c | 992 | rexit(EXIT_FAILURE); |
a998454a CB |
993 | } |
994 | ||
9e84479f CB |
995 | static int lxc_attach_terminal(struct lxc_conf *conf, |
996 | struct lxc_terminal *terminal) | |
ba2be1a8 CB |
997 | { |
998 | int ret; | |
999 | ||
9e84479f | 1000 | lxc_terminal_init(terminal); |
ba2be1a8 | 1001 | |
9e84479f | 1002 | ret = lxc_terminal_create(terminal); |
ba2be1a8 | 1003 | if (ret < 0) { |
ea918412 | 1004 | ERROR("Failed to create terminal"); |
ba2be1a8 CB |
1005 | return -1; |
1006 | } | |
1007 | ||
1008 | /* Shift ttys to container. */ | |
9e84479f | 1009 | ret = lxc_terminal_map_ids(conf, terminal); |
ba2be1a8 | 1010 | if (ret < 0) { |
9e84479f | 1011 | ERROR("Failed to chown terminal"); |
ba2be1a8 CB |
1012 | goto on_error; |
1013 | } | |
1014 | ||
1015 | return 0; | |
1016 | ||
1017 | on_error: | |
9e84479f CB |
1018 | lxc_terminal_delete(terminal); |
1019 | lxc_terminal_conf_free(terminal); | |
ba2be1a8 CB |
1020 | return -1; |
1021 | } | |
1022 | ||
9e84479f CB |
1023 | static int lxc_attach_terminal_mainloop_init(struct lxc_terminal *terminal, |
1024 | struct lxc_epoll_descr *descr) | |
ba2be1a8 CB |
1025 | { |
1026 | int ret; | |
1027 | ||
1028 | ret = lxc_mainloop_open(descr); | |
1029 | if (ret < 0) { | |
1030 | ERROR("Failed to create mainloop"); | |
1031 | return -1; | |
1032 | } | |
1033 | ||
9e84479f | 1034 | ret = lxc_terminal_mainloop_add(descr, terminal); |
ba2be1a8 CB |
1035 | if (ret < 0) { |
1036 | ERROR("Failed to add handlers to mainloop"); | |
1037 | lxc_mainloop_close(descr); | |
1038 | return -1; | |
1039 | } | |
1040 | ||
1041 | return 0; | |
1042 | } | |
1043 | ||
9e84479f | 1044 | static inline void lxc_attach_terminal_close_master(struct lxc_terminal *terminal) |
ba2be1a8 | 1045 | { |
9e84479f | 1046 | if (terminal->master < 0) |
ba2be1a8 CB |
1047 | return; |
1048 | ||
9e84479f CB |
1049 | close(terminal->master); |
1050 | terminal->master = -EBADF; | |
ba2be1a8 CB |
1051 | } |
1052 | ||
9e84479f | 1053 | static inline void lxc_attach_terminal_close_slave(struct lxc_terminal *terminal) |
ba2be1a8 | 1054 | { |
9e84479f | 1055 | if (terminal->slave < 0) |
ba2be1a8 CB |
1056 | return; |
1057 | ||
9e84479f CB |
1058 | close(terminal->slave); |
1059 | terminal->slave = -EBADF; | |
ba2be1a8 CB |
1060 | } |
1061 | ||
9e84479f | 1062 | static inline void lxc_attach_terminal_close_peer(struct lxc_terminal *terminal) |
ba2be1a8 | 1063 | { |
9e84479f | 1064 | if (terminal->peer < 0) |
ba2be1a8 CB |
1065 | return; |
1066 | ||
9e84479f CB |
1067 | close(terminal->peer); |
1068 | terminal->peer = -EBADF; | |
ba2be1a8 CB |
1069 | } |
1070 | ||
9e84479f | 1071 | static inline void lxc_attach_terminal_close_log(struct lxc_terminal *terminal) |
ba2be1a8 | 1072 | { |
9e84479f | 1073 | if (terminal->log_fd < 0) |
ba2be1a8 CB |
1074 | return; |
1075 | ||
9e84479f CB |
1076 | close(terminal->log_fd); |
1077 | terminal->log_fd = -EBADF; | |
ba2be1a8 CB |
1078 | } |
1079 | ||
6f4f1937 CB |
1080 | int lxc_attach(const char *name, const char *lxcpath, |
1081 | lxc_attach_exec_t exec_function, void *exec_payload, | |
1082 | lxc_attach_options_t *options, pid_t *attached_process) | |
9c4693b8 | 1083 | { |
877f3a04 | 1084 | int i, ret, status; |
9c4693b8 | 1085 | int ipc_sockets[2]; |
6f4f1937 | 1086 | char *cwd, *new_cwd; |
9b8e3c96 | 1087 | signed long personality; |
ba2be1a8 | 1088 | pid_t attached_pid, init_pid, pid; |
6f4f1937 | 1089 | struct lxc_proc_context_info *init_ctx; |
9e84479f | 1090 | struct lxc_terminal terminal; |
1cce35e6 | 1091 | struct lxc_conf *conf; |
a998454a | 1092 | struct attach_clone_payload payload = {0}; |
9c4693b8 | 1093 | |
877f3a04 CB |
1094 | ret = access("/proc/self/ns", X_OK); |
1095 | if (ret) { | |
ea918412 | 1096 | SYSERROR("Does this kernel version support namespaces?"); |
877f3a04 CB |
1097 | return -1; |
1098 | } | |
1099 | ||
9c4693b8 CS |
1100 | if (!options) |
1101 | options = &attach_static_default_options; | |
1102 | ||
1103 | init_pid = lxc_cmd_get_init_pid(name, lxcpath); | |
1104 | if (init_pid < 0) { | |
ae026f55 | 1105 | ERROR("Failed to get init pid"); |
9c4693b8 CS |
1106 | return -1; |
1107 | } | |
1108 | ||
1109 | init_ctx = lxc_proc_get_context_info(init_pid); | |
1110 | if (!init_ctx) { | |
6f4f1937 | 1111 | ERROR("Failed to get context of init process: %ld", (long)init_pid); |
9c4693b8 CS |
1112 | return -1; |
1113 | } | |
1114 | ||
9b8e3c96 SH |
1115 | personality = get_personality(name, lxcpath); |
1116 | if (init_ctx->personality < 0) { | |
6f4f1937 | 1117 | ERROR("Failed to get personality of the container"); |
9b8e3c96 SH |
1118 | lxc_proc_put_context_info(init_ctx); |
1119 | return -1; | |
1120 | } | |
1121 | init_ctx->personality = personality; | |
1122 | ||
ff07d7bb | 1123 | init_ctx->container = lxc_container_new(name, lxcpath); |
62de1db6 CB |
1124 | if (!init_ctx->container) { |
1125 | lxc_proc_put_context_info(init_ctx); | |
ff07d7bb | 1126 | return -1; |
62de1db6 | 1127 | } |
ff07d7bb | 1128 | |
ba773996 CB |
1129 | if (!init_ctx->container->lxc_conf) { |
1130 | init_ctx->container->lxc_conf = lxc_conf_init(); | |
62de1db6 CB |
1131 | if (!init_ctx->container->lxc_conf) { |
1132 | lxc_proc_put_context_info(init_ctx); | |
ea918412 | 1133 | return -1; |
62de1db6 | 1134 | } |
ba773996 | 1135 | } |
1cce35e6 | 1136 | conf = init_ctx->container->lxc_conf; |
ba773996 | 1137 | |
bd4307f0 | 1138 | if (!fetch_seccomp(init_ctx->container, options)) |
ae026f55 | 1139 | WARN("Failed to get seccomp policy"); |
2c4ea790 | 1140 | |
bd4307f0 | 1141 | if (!no_new_privs(init_ctx->container, options)) |
ae026f55 | 1142 | WARN("Could not determine whether PR_SET_NO_NEW_PRIVS is set"); |
2e812c16 | 1143 | |
9c4693b8 CS |
1144 | cwd = getcwd(NULL, 0); |
1145 | ||
8ce83369 CB |
1146 | /* Determine which namespaces the container was created with |
1147 | * by asking lxc-start, if necessary. | |
9c4693b8 CS |
1148 | */ |
1149 | if (options->namespaces == -1) { | |
1150 | options->namespaces = lxc_cmd_get_clone_flags(name, lxcpath); | |
1151 | /* call failed */ | |
1152 | if (options->namespaces == -1) { | |
8ce83369 | 1153 | ERROR("Failed to automatically determine the " |
877f3a04 | 1154 | "namespaces which the container uses"); |
9c4693b8 | 1155 | free(cwd); |
fe4de9a6 | 1156 | lxc_proc_put_context_info(init_ctx); |
9c4693b8 CS |
1157 | return -1; |
1158 | } | |
877f3a04 CB |
1159 | |
1160 | for (i = 0; i < LXC_NS_MAX; i++) { | |
1161 | if (ns_info[i].clone_flag & CLONE_NEWCGROUP) | |
1162 | if (!(options->attach_flags & LXC_ATTACH_MOVE_TO_CGROUP) || | |
1163 | !cgns_supported()) | |
1164 | continue; | |
1165 | ||
1166 | if (ns_info[i].clone_flag & options->namespaces) | |
1167 | continue; | |
1168 | ||
1169 | init_ctx->ns_inherited |= ns_info[i].clone_flag; | |
1170 | } | |
1171 | } | |
1172 | ||
0059379f | 1173 | pid = lxc_raw_getpid(); |
ea918412 | 1174 | |
877f3a04 | 1175 | for (i = 0; i < LXC_NS_MAX; i++) { |
ea918412 | 1176 | int j; |
877f3a04 CB |
1177 | |
1178 | if (options->namespaces & ns_info[i].clone_flag) | |
1179 | init_ctx->ns_fd[i] = lxc_preserve_ns(init_pid, ns_info[i].proc_name); | |
1180 | else if (init_ctx->ns_inherited & ns_info[i].clone_flag) | |
1181 | init_ctx->ns_fd[i] = in_same_namespace(pid, init_pid, ns_info[i].proc_name); | |
1182 | else | |
1183 | continue; | |
ea918412 | 1184 | |
877f3a04 CB |
1185 | if (init_ctx->ns_fd[i] >= 0) |
1186 | continue; | |
1187 | ||
1188 | if (init_ctx->ns_fd[i] == -EINVAL) { | |
1189 | DEBUG("Inheriting %s namespace from %d", | |
1190 | ns_info[i].proc_name, pid); | |
1191 | init_ctx->ns_inherited &= ~ns_info[i].clone_flag; | |
1192 | continue; | |
1193 | } | |
1194 | ||
1195 | /* We failed to preserve the namespace. */ | |
ea918412 | 1196 | SYSERROR("Failed to attach to %s namespace of %d", |
1197 | ns_info[i].proc_name, pid); | |
1198 | ||
877f3a04 CB |
1199 | /* Close all already opened file descriptors before we return an |
1200 | * error, so we don't leak them. | |
1201 | */ | |
1202 | for (j = 0; j < i; j++) | |
1203 | close(init_ctx->ns_fd[j]); | |
1204 | ||
877f3a04 CB |
1205 | free(cwd); |
1206 | lxc_proc_put_context_info(init_ctx); | |
1207 | return -1; | |
9c4693b8 CS |
1208 | } |
1209 | ||
9e84479f CB |
1210 | if (options->attach_flags & LXC_ATTACH_TERMINAL) { |
1211 | ret = lxc_attach_terminal(conf, &terminal); | |
ba2be1a8 | 1212 | if (ret < 0) { |
9e84479f | 1213 | ERROR("Failed to setup new terminal"); |
ba2be1a8 CB |
1214 | free(cwd); |
1215 | lxc_proc_put_context_info(init_ctx); | |
1216 | return -1; | |
1217 | } | |
1218 | ||
9e84479f | 1219 | terminal.log_fd = options->log_fd; |
c948657b | 1220 | } else { |
9e84479f | 1221 | lxc_terminal_init(&terminal); |
ba2be1a8 CB |
1222 | } |
1223 | ||
8ce83369 CB |
1224 | /* Create a socket pair for IPC communication; set SOCK_CLOEXEC in order |
1225 | * to make sure we don't irritate other threads that want to fork+exec | |
1226 | * away | |
9c4693b8 CS |
1227 | * |
1228 | * IMPORTANT: if the initial process is multithreaded and another call | |
1229 | * just fork()s away without exec'ing directly after, the socket fd will | |
1230 | * exist in the forked process from the other thread and any close() in | |
8ce83369 CB |
1231 | * our own child process will not really cause the socket to close |
1232 | * properly, potentiall causing the parent to hang. | |
9c4693b8 CS |
1233 | * |
1234 | * For this reason, while IPC is still active, we have to use shutdown() | |
8ce83369 CB |
1235 | * if the child exits prematurely in order to signal that the socket is |
1236 | * closed and cannot assume that the child exiting will automatically do | |
1237 | * that. | |
9c4693b8 CS |
1238 | * |
1239 | * IPC mechanism: (X is receiver) | |
1240 | * initial process intermediate attached | |
1241 | * X <--- send pid of | |
1242 | * attached proc, | |
1243 | * then exit | |
1244 | * send 0 ------------------------------------> X | |
1245 | * [do initialization] | |
1246 | * X <------------------------------------ send 1 | |
1247 | * [add to cgroup, ...] | |
1248 | * send 2 ------------------------------------> X | |
81f466d0 CB |
1249 | * [set LXC_ATTACH_NO_NEW_PRIVS] |
1250 | * X <------------------------------------ send 3 | |
1251 | * [open LSM label fd] | |
1252 | * send 4 ------------------------------------> X | |
1253 | * [set LSM label] | |
9c4693b8 CS |
1254 | * close socket close socket |
1255 | * run program | |
1256 | */ | |
1257 | ret = socketpair(PF_LOCAL, SOCK_STREAM | SOCK_CLOEXEC, 0, ipc_sockets); | |
1258 | if (ret < 0) { | |
ae026f55 | 1259 | SYSERROR("Could not set up required IPC mechanism for attaching"); |
9c4693b8 | 1260 | free(cwd); |
fe4de9a6 | 1261 | lxc_proc_put_context_info(init_ctx); |
9c4693b8 CS |
1262 | return -1; |
1263 | } | |
1264 | ||
e3f0e436 CB |
1265 | /* Create intermediate subprocess, two reasons: |
1266 | * 1. We can't setns() in the child itself, since we want to make | |
8ce83369 | 1267 | * sure we are properly attached to the pidns. |
e3f0e436 | 1268 | * 2. Also, the initial thread has to put the attached process |
8ce83369 CB |
1269 | * into the cgroup, which we can only do if we didn't already |
1270 | * setns() (otherwise, user namespaces will hate us). | |
9c4693b8 CS |
1271 | */ |
1272 | pid = fork(); | |
9c4693b8 | 1273 | if (pid < 0) { |
ae026f55 | 1274 | SYSERROR("Failed to create first subprocess"); |
9c4693b8 | 1275 | free(cwd); |
fe4de9a6 | 1276 | lxc_proc_put_context_info(init_ctx); |
9c4693b8 CS |
1277 | return -1; |
1278 | } | |
1279 | ||
1280 | if (pid) { | |
ba2be1a8 | 1281 | int ret_parent = -1; |
9c4693b8 | 1282 | pid_t to_cleanup_pid = pid; |
ba2be1a8 | 1283 | struct lxc_epoll_descr descr = {0}; |
9c4693b8 | 1284 | |
ba2be1a8 | 1285 | /* close unneeded file descriptors */ |
9c4693b8 CS |
1286 | close(ipc_sockets[1]); |
1287 | free(cwd); | |
ba2be1a8 | 1288 | lxc_proc_close_ns_fd(init_ctx); |
9e84479f CB |
1289 | if (options->attach_flags & LXC_ATTACH_TERMINAL) |
1290 | lxc_attach_terminal_close_slave(&terminal); | |
9c4693b8 | 1291 | |
8ce83369 | 1292 | /* Attach to cgroup, if requested. */ |
f4364484 | 1293 | if (options->attach_flags & LXC_ATTACH_MOVE_TO_CGROUP) { |
2202afc9 CB |
1294 | struct cgroup_ops *cgroup_ops; |
1295 | ||
1296 | cgroup_ops = cgroup_init(NULL); | |
1297 | if (!cgroup_ops) | |
1298 | goto on_error; | |
1299 | ||
1300 | if (!cgroup_ops->attach(cgroup_ops, name, lxcpath, pid)) | |
8ce83369 | 1301 | goto on_error; |
2202afc9 CB |
1302 | |
1303 | cgroup_exit(cgroup_ops); | |
1304 | TRACE("Moved intermediate process %d into container's cgroups", pid); | |
f4364484 SG |
1305 | } |
1306 | ||
bb2ada6f | 1307 | /* Setup /proc limits */ |
1cce35e6 CB |
1308 | if (!lxc_list_empty(&conf->procs)) { |
1309 | ret = setup_proc_filesystem(&conf->procs, pid); | |
bb2ada6f CB |
1310 | if (ret < 0) |
1311 | goto on_error; | |
1312 | } | |
1313 | ||
c6d09e15 | 1314 | /* Setup resource limits */ |
1cce35e6 CB |
1315 | if (!lxc_list_empty(&conf->limits)) { |
1316 | ret = setup_resource_limits(&conf->limits, pid); | |
ba2be1a8 CB |
1317 | if (ret < 0) |
1318 | goto on_error; | |
1319 | } | |
1320 | ||
9e84479f CB |
1321 | if (options->attach_flags & LXC_ATTACH_TERMINAL) { |
1322 | ret = lxc_attach_terminal_mainloop_init(&terminal, &descr); | |
ba2be1a8 | 1323 | if (ret < 0) |
6f4f1937 | 1324 | goto on_error; |
ea918412 | 1325 | |
9e84479f | 1326 | TRACE("Initialized terminal mainloop"); |
ba2be1a8 | 1327 | } |
c6d09e15 | 1328 | |
8ce83369 | 1329 | /* Let the child process know to go ahead. */ |
f4364484 SG |
1330 | status = 0; |
1331 | ret = lxc_write_nointr(ipc_sockets[0], &status, sizeof(status)); | |
94ac256f | 1332 | if (ret != sizeof(status)) |
ba2be1a8 | 1333 | goto close_mainloop; |
ea918412 | 1334 | |
94ac256f | 1335 | TRACE("Told intermediate process to start initializing"); |
f4364484 | 1336 | |
8ce83369 | 1337 | /* Get pid of attached process from intermediate process. */ |
94ac256f CB |
1338 | ret = lxc_read_nointr(ipc_sockets[0], &attached_pid, sizeof(attached_pid)); |
1339 | if (ret != sizeof(attached_pid)) | |
ba2be1a8 | 1340 | goto close_mainloop; |
ea918412 | 1341 | |
94ac256f | 1342 | TRACE("Received pid %d of attached process in parent pid namespace", attached_pid); |
9c4693b8 | 1343 | |
8ce83369 | 1344 | /* Ignore SIGKILL (CTRL-C) and SIGQUIT (CTRL-\) - issue #313. */ |
62183f1a SH |
1345 | if (options->stdin_fd == 0) { |
1346 | signal(SIGINT, SIG_IGN); | |
1347 | signal(SIGQUIT, SIG_IGN); | |
1348 | } | |
2eef2bda | 1349 | |
8ce83369 | 1350 | /* Reap intermediate process. */ |
9c4693b8 CS |
1351 | ret = wait_for_pid(pid); |
1352 | if (ret < 0) | |
ba2be1a8 | 1353 | goto close_mainloop; |
ea918412 | 1354 | |
94ac256f | 1355 | TRACE("Intermediate process %d exited", pid); |
9c4693b8 | 1356 | |
8ce83369 | 1357 | /* We will always have to reap the attached process now. */ |
9c4693b8 CS |
1358 | to_cleanup_pid = attached_pid; |
1359 | ||
81f466d0 | 1360 | /* Open LSM fd and send it to child. */ |
6f4f1937 CB |
1361 | if ((options->namespaces & CLONE_NEWNS) && |
1362 | (options->attach_flags & LXC_ATTACH_LSM) && | |
1363 | init_ctx->lsm_label) { | |
94ac256f | 1364 | int ret = -1; |
47ce2cb7 CB |
1365 | int labelfd; |
1366 | bool on_exec; | |
6f4f1937 | 1367 | |
47ce2cb7 CB |
1368 | on_exec = options->attach_flags & LXC_ATTACH_LSM_EXEC ? true : false; |
1369 | labelfd = lsm_process_label_fd_get(attached_pid, on_exec); | |
81f466d0 | 1370 | if (labelfd < 0) |
ba2be1a8 | 1371 | goto close_mainloop; |
ea918412 | 1372 | |
94ac256f | 1373 | TRACE("Opened LSM label file descriptor %d", labelfd); |
81f466d0 CB |
1374 | |
1375 | /* Send child fd of the LSM security module to write to. */ | |
ae467c54 | 1376 | ret = lxc_abstract_unix_send_fds(ipc_sockets[0], &labelfd, 1, NULL, 0); |
81f466d0 | 1377 | if (ret <= 0) { |
9044b79e | 1378 | if (ret < 0) |
1379 | SYSERROR("Failed to send lsm label fd"); | |
1380 | ||
1381 | close(labelfd); | |
ba2be1a8 | 1382 | goto close_mainloop; |
81f466d0 | 1383 | } |
9044b79e | 1384 | |
1385 | close(labelfd); | |
94ac256f | 1386 | TRACE("Sent LSM label file descriptor %d to child", labelfd); |
81f466d0 CB |
1387 | } |
1388 | ||
8ce83369 CB |
1389 | /* We're done, the child process should now execute whatever it |
1390 | * is that the user requested. The parent can now track it with | |
1391 | * waitpid() or similar. | |
9c4693b8 CS |
1392 | */ |
1393 | ||
1394 | *attached_process = attached_pid; | |
9c4693b8 | 1395 | |
ba2be1a8 | 1396 | /* Now shut down communication with child, we're done. */ |
9c4693b8 CS |
1397 | shutdown(ipc_sockets[0], SHUT_RDWR); |
1398 | close(ipc_sockets[0]); | |
ba2be1a8 CB |
1399 | ipc_sockets[0] = -1; |
1400 | ||
1401 | ret_parent = 0; | |
1402 | to_cleanup_pid = -1; | |
ea918412 | 1403 | |
9e84479f | 1404 | if (options->attach_flags & LXC_ATTACH_TERMINAL) { |
ba2be1a8 CB |
1405 | ret = lxc_mainloop(&descr, -1); |
1406 | if (ret < 0) { | |
1407 | ret_parent = -1; | |
1408 | to_cleanup_pid = attached_pid; | |
1409 | } | |
1410 | } | |
1411 | ||
1412 | close_mainloop: | |
9e84479f | 1413 | if (options->attach_flags & LXC_ATTACH_TERMINAL) |
ba2be1a8 CB |
1414 | lxc_mainloop_close(&descr); |
1415 | ||
1416 | on_error: | |
1417 | if (ipc_sockets[0] >= 0) { | |
1418 | shutdown(ipc_sockets[0], SHUT_RDWR); | |
1419 | close(ipc_sockets[0]); | |
1420 | } | |
1421 | ||
1422 | if (to_cleanup_pid > 0) | |
6f4f1937 | 1423 | (void)wait_for_pid(to_cleanup_pid); |
ba2be1a8 | 1424 | |
9e84479f CB |
1425 | if (options->attach_flags & LXC_ATTACH_TERMINAL) { |
1426 | lxc_terminal_delete(&terminal); | |
1427 | lxc_terminal_conf_free(&terminal); | |
ba2be1a8 | 1428 | } |
ea918412 | 1429 | |
fe4de9a6 | 1430 | lxc_proc_put_context_info(init_ctx); |
ba2be1a8 | 1431 | return ret_parent; |
9c4693b8 CS |
1432 | } |
1433 | ||
ba2be1a8 | 1434 | /* close unneeded file descriptors */ |
9c4693b8 | 1435 | close(ipc_sockets[0]); |
ba2be1a8 | 1436 | ipc_sockets[0] = -EBADF; |
ea918412 | 1437 | |
9e84479f CB |
1438 | if (options->attach_flags & LXC_ATTACH_TERMINAL) { |
1439 | lxc_attach_terminal_close_master(&terminal); | |
1440 | lxc_attach_terminal_close_peer(&terminal); | |
1441 | lxc_attach_terminal_close_log(&terminal); | |
ba2be1a8 | 1442 | } |
9c4693b8 | 1443 | |
8ce83369 | 1444 | /* Wait for the parent to have setup cgroups. */ |
94ac256f | 1445 | ret = lxc_read_nointr(ipc_sockets[1], &status, sizeof(status)); |
ba2be1a8 | 1446 | if (ret != sizeof(status)) { |
f4364484 | 1447 | shutdown(ipc_sockets[1], SHUT_RDWR); |
62de1db6 | 1448 | lxc_proc_put_context_info(init_ctx); |
f4364484 SG |
1449 | rexit(-1); |
1450 | } | |
ea918412 | 1451 | |
94ac256f | 1452 | TRACE("Intermediate process starting to initialize"); |
f4364484 | 1453 | |
8ce83369 CB |
1454 | /* Attach now, create another subprocess later, since pid namespaces |
1455 | * only really affect the children of the current process. | |
9c4693b8 | 1456 | */ |
877f3a04 | 1457 | ret = lxc_attach_to_ns(init_pid, init_ctx); |
9c4693b8 | 1458 | if (ret < 0) { |
94ac256f | 1459 | ERROR("Failed to enter namespaces"); |
9c4693b8 | 1460 | shutdown(ipc_sockets[1], SHUT_RDWR); |
62de1db6 | 1461 | lxc_proc_put_context_info(init_ctx); |
9c4693b8 CS |
1462 | rexit(-1); |
1463 | } | |
ea918412 | 1464 | |
877f3a04 CB |
1465 | /* close namespace file descriptors */ |
1466 | lxc_proc_close_ns_fd(init_ctx); | |
9c4693b8 | 1467 | |
8ce83369 | 1468 | /* Attach succeeded, try to cwd. */ |
9c4693b8 CS |
1469 | if (options->initial_cwd) |
1470 | new_cwd = options->initial_cwd; | |
1471 | else | |
1472 | new_cwd = cwd; | |
d6d979bc CB |
1473 | if (new_cwd) { |
1474 | ret = chdir(new_cwd); | |
1475 | if (ret < 0) | |
1476 | WARN("Could not change directory to \"%s\"", new_cwd); | |
1477 | } | |
9c4693b8 CS |
1478 | free(cwd); |
1479 | ||
a998454a CB |
1480 | /* Create attached process. */ |
1481 | payload.ipc_socket = ipc_sockets[1]; | |
1482 | payload.options = options; | |
1483 | payload.init_ctx = init_ctx; | |
9e84479f | 1484 | payload.terminal_slave_fd = terminal.slave; |
a998454a CB |
1485 | payload.exec_function = exec_function; |
1486 | payload.exec_payload = exec_payload; | |
9c4693b8 | 1487 | |
a998454a CB |
1488 | pid = lxc_raw_clone(CLONE_PARENT); |
1489 | if (pid < 0) { | |
94ac256f | 1490 | SYSERROR("Failed to clone attached process"); |
9c4693b8 | 1491 | shutdown(ipc_sockets[1], SHUT_RDWR); |
62de1db6 | 1492 | lxc_proc_put_context_info(init_ctx); |
9c4693b8 CS |
1493 | rexit(-1); |
1494 | } | |
a998454a CB |
1495 | |
1496 | if (pid == 0) { | |
1497 | ret = attach_child_main(&payload); | |
1498 | if (ret < 0) | |
1499 | ERROR("Failed to exec"); | |
ea918412 | 1500 | |
a998454a CB |
1501 | _exit(EXIT_FAILURE); |
1502 | } | |
ea918412 | 1503 | |
9e84479f CB |
1504 | if (options->attach_flags & LXC_ATTACH_TERMINAL) |
1505 | lxc_attach_terminal_close_slave(&terminal); | |
9c4693b8 | 1506 | |
8ce83369 | 1507 | /* Tell grandparent the pid of the pid of the newly created child. */ |
9c4693b8 CS |
1508 | ret = lxc_write_nointr(ipc_sockets[1], &pid, sizeof(pid)); |
1509 | if (ret != sizeof(pid)) { | |
8ce83369 CB |
1510 | /* If this really happens here, this is very unfortunate, since |
1511 | * the parent will not know the pid of the attached process and | |
1512 | * will not be able to wait for it (and we won't either due to | |
1513 | * CLONE_PARENT) so the parent won't be able to reap it and the | |
1514 | * attached process will remain a zombie. | |
9c4693b8 | 1515 | */ |
9c4693b8 | 1516 | shutdown(ipc_sockets[1], SHUT_RDWR); |
62de1db6 | 1517 | lxc_proc_put_context_info(init_ctx); |
9c4693b8 CS |
1518 | rexit(-1); |
1519 | } | |
ea918412 | 1520 | |
94ac256f | 1521 | TRACE("Sending pid %d of attached process", pid); |
9c4693b8 | 1522 | |
8ce83369 | 1523 | /* The rest is in the hands of the initial and the attached process. */ |
62de1db6 | 1524 | lxc_proc_put_context_info(init_ctx); |
9c4693b8 CS |
1525 | rexit(0); |
1526 | } | |
1527 | ||
9c4693b8 CS |
1528 | int lxc_attach_run_command(void* payload) |
1529 | { | |
1530 | lxc_attach_command_t* cmd = (lxc_attach_command_t*)payload; | |
1531 | ||
1532 | execvp(cmd->program, cmd->argv); | |
ea918412 | 1533 | |
1534 | SYSERROR("Failed to exec \"%s\"", cmd->program); | |
9c4693b8 CS |
1535 | return -1; |
1536 | } | |
1537 | ||
1538 | int lxc_attach_run_shell(void* payload) | |
1539 | { | |
1540 | uid_t uid; | |
cb7aa5e8 DJ |
1541 | struct passwd pwent; |
1542 | struct passwd *pwentp = NULL; | |
9c4693b8 | 1543 | char *user_shell; |
cb7aa5e8 DJ |
1544 | char *buf; |
1545 | size_t bufsize; | |
1546 | int ret; | |
9c4693b8 | 1547 | |
8ce83369 | 1548 | /* Ignore payload parameter. */ |
9c4693b8 CS |
1549 | (void)payload; |
1550 | ||
1551 | uid = getuid(); | |
cb7aa5e8 DJ |
1552 | |
1553 | bufsize = sysconf(_SC_GETPW_R_SIZE_MAX); | |
1554 | if (bufsize == -1) | |
1555 | bufsize = 1024; | |
1556 | ||
1557 | buf = malloc(bufsize); | |
1558 | if (buf) { | |
1559 | ret = getpwuid_r(uid, &pwent, buf, bufsize, &pwentp); | |
1560 | if (!pwentp) { | |
1561 | if (ret == 0) | |
ea918412 | 1562 | WARN("Could not find matched password record"); |
cb7aa5e8 DJ |
1563 | |
1564 | WARN("Failed to get password record - %u", uid); | |
1565 | } | |
1566 | } | |
9c4693b8 | 1567 | |
8ce83369 CB |
1568 | /* This probably happens because of incompatible nss implementations in |
1569 | * host and container (remember, this code is still using the host's | |
1570 | * glibc but our mount namespace is in the container) we may try to get | |
1571 | * the information by spawning a [getent passwd uid] process and parsing | |
1572 | * the result. | |
9c4693b8 | 1573 | */ |
cb7aa5e8 | 1574 | if (!pwentp) |
9c4693b8 CS |
1575 | user_shell = lxc_attach_getpwshell(uid); |
1576 | else | |
cb7aa5e8 | 1577 | user_shell = pwent.pw_shell; |
ea918412 | 1578 | |
9c4693b8 | 1579 | if (user_shell) |
acf47e1b | 1580 | execlp(user_shell, user_shell, (char *)NULL); |
9c4693b8 | 1581 | |
8ce83369 CB |
1582 | /* Executed if either no passwd entry or execvp fails, we will fall back |
1583 | * on /bin/sh as a default shell. | |
9c4693b8 | 1584 | */ |
acf47e1b | 1585 | execlp("/bin/sh", "/bin/sh", (char *)NULL); |
ea918412 | 1586 | |
edeb1836 | 1587 | SYSERROR("Failed to execute shell"); |
cb7aa5e8 | 1588 | if (!pwentp) |
edeb1836 | 1589 | free(user_shell); |
ea918412 | 1590 | |
cb7aa5e8 | 1591 | free(buf); |
9c4693b8 CS |
1592 | return -1; |
1593 | } |