[mirror_lxc.git] / src / lxc / commands.c

/*
 * lxc: linux Container library
 *
 * (C) Copyright IBM Corp. 2007, 2009
 *
 * Authors:
 * Daniel Lezcano <dlezcano at fr.ibm.com>
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
 */

#include <stdio.h>
#include <errno.h>
#include <unistd.h>
#include <signal.h>
#include <fcntl.h>
#include <sys/socket.h>
#include <sys/un.h>
#include <sys/poll.h>
#include <sys/param.h>
#include <malloc.h>
#include <stdlib.h>

#include <lxc/log.h>
#include <lxc/conf.h>
#include <lxc/start.h>	/* for struct lxc_handler */
#include <lxc/utils.h>

#include "commands.h"
#include "mainloop.h"
#include "af_unix.h"
#include "config.h"

/*
 * This file provides the different functions to have the client
 * and the server to communicate
 *
 * Each command is transactional, the client send a request to
 * the server and the server answer the request with a message
 * giving the request's status (zero or a negative errno value).
 *
 * Each command is wrapped in a ancillary message in order to pass
 * a credential making possible to the server to check if the client
 * is allowed to ask for this command or not.
 *
 */

lxc_log_define(lxc_commands, lxc);

static int fill_sock_name(char *path, int len, const char *name,
			  const char *inpath)
{
	const char *lxcpath = NULL;
	int ret;

	if (!inpath) {
		lxcpath = default_lxc_path();
		if (!lxcpath) {
			ERROR("Out of memory getting lxcpath");
			return -1;
		}
	}
	ret = snprintf(path, len, "%s/%s/command", lxcpath ? lxcpath : inpath, name);

	if (ret < 0 || ret >= len) {
		ERROR("Name too long");
		return -1;
	}
	return 0;
}

static int receive_answer(int sock, struct lxc_answer *answer)
{
	int ret;

	ret = lxc_af_unix_recv_fd(sock, &answer->fd, answer, sizeof(*answer));
	if (ret < 0)
		ERROR("failed to receive answer for the command");

	return ret;
}

static int __lxc_command(const char *name, struct lxc_command *command,
			 int *stopped, int stay_connected, const char *lxcpath)
{
	int sock, ret = -1;
	char path[sizeof(((struct sockaddr_un *)0)->sun_path)] = { 0 };
	char *offset = &path[1];
	int len;

	len = sizeof(path)-1;
	if (fill_sock_name(offset, len, name, lxcpath))
		return -1;

	sock = lxc_af_unix_connect(path);
	if (sock < 0 && errno == ECONNREFUSED) {
		*stopped = 1;
		return -1;
	}

	if (sock < 0) {
		SYSERROR("failed to connect to '@%s'", offset);
		return -1;
	}

	ret = lxc_af_unix_send_credential(sock, &command->request,
					sizeof(command->request));
	if (ret < 0) {
		SYSERROR("failed to send request to '@%s'", offset);
		goto out;
	}

	if (ret != sizeof(command->request)) {
		SYSERROR("message partially sent to '@%s'", offset);
		goto out;
	}

	ret = receive_answer(sock, &command->answer);
out:
	if (!stay_connected || ret < 0)
		close(sock);

	return ret;
}

extern int lxc_command(const char *name,
		       struct lxc_command *command, int *stopped,
		       const char *lxcpath)
{
	return __lxc_command(name, command, stopped, 0, lxcpath);
}

extern int lxc_command_connected(const char *name,
				 struct lxc_command *command, int *stopped,
				 const char *lxcpath)
{
	return __lxc_command(name, command, stopped, 1, lxcpath);
}


pid_t get_init_pid(const char *name, const char *lxcpath)
{
	struct lxc_command command = {
		.request = { .type = LXC_COMMAND_PID },
	};

	int ret, stopped = 0;

	ret = lxc_command(name, &command, &stopped, lxcpath);
	if (ret < 0 && stopped)
		return -1;

	if (ret < 0) {
		ERROR("failed to send command");
		return -1;
	}

	if (command.answer.ret) {
		ERROR("failed to retrieve the init pid: %s",
		      strerror(-command.answer.ret));
		return -1;
	}

	return command.answer.pid;
}

int lxc_get_clone_flags(const char *name, const char *lxcpath)
{
	struct lxc_command command = {
		.request = { .type = LXC_COMMAND_CLONE_FLAGS },
	};

	int ret, stopped = 0;

	ret = lxc_command(name, &command, &stopped, lxcpath);
	if (ret < 0 && stopped)
		return -1;

	if (ret < 0) {
		ERROR("failed to send command");
		return -1;
	}

	return command.answer.ret;
}

extern void lxc_console_remove_fd(int, struct lxc_tty_info *);
extern int  lxc_console_callback(int, struct lxc_request *, struct lxc_handler *);
extern int  lxc_stop_callback(int, struct lxc_request *, struct lxc_handler *);
extern int  lxc_state_callback(int, struct lxc_request *, struct lxc_handler *);
extern int  lxc_pid_callback(int, struct lxc_request *, struct lxc_handler *);
extern int  lxc_clone_flags_callback(int, struct lxc_request *, struct lxc_handler *);

static int trigger_command(int fd, struct lxc_request *request,
			   struct lxc_handler *handler)
{
	typedef int (*callback)(int, struct lxc_request *, struct lxc_handler *);

	callback cb[LXC_COMMAND_MAX] = {
		[LXC_COMMAND_TTY]         = lxc_console_callback,
		[LXC_COMMAND_STOP]        = lxc_stop_callback,
		[LXC_COMMAND_STATE]       = lxc_state_callback,
		[LXC_COMMAND_PID]         = lxc_pid_callback,
		[LXC_COMMAND_CLONE_FLAGS] = lxc_clone_flags_callback,
	};

	if (request->type < 0 || request->type >= LXC_COMMAND_MAX)
		return -1;

	return cb[request->type](fd, request, handler);
}

static void command_fd_cleanup(int fd, struct lxc_handler *handler,
			       struct lxc_epoll_descr *descr)
{
	lxc_console_remove_fd(fd, &handler->conf->tty_info);
	lxc_mainloop_del_handler(descr, fd);
	close(fd);
}

static int command_handler(int fd, void *data, struct lxc_epoll_descr *descr)
{
	int ret;
	struct lxc_request request;
	struct lxc_handler *handler = data;

	ret = lxc_af_unix_rcv_credential(fd, &request, sizeof(request));
	if (ret == -EACCES) {
		/* we don't care for the peer, just send and close */
		struct lxc_answer answer = { .ret = ret };
		send(fd, &answer, sizeof(answer), 0);
		goto out_close;
	}

	if (ret < 0) {
		SYSERROR("failed to receive data on command socket");
		goto out_close;
	}

	if (!ret) {
		DEBUG("peer has disconnected");
		goto out_close;
	}

	if (ret != sizeof(request)) {
		WARN("partial request, ignored");
		goto out_close;
	}

	ret = trigger_command(fd, &request, handler);
	if (ret) {
		/* this is not an error, but only a request to close fd */
		ret = 0;
		goto out_close;
	}

out:
	return ret;
out_close:
	command_fd_cleanup(fd, handler, descr);
	goto out;
}

static int incoming_command_handler(int fd, void *data,
				    struct lxc_epoll_descr *descr)
{
	int opt = 1, ret = -1, connection;

	connection = accept(fd, NULL, 0);
	if (connection < 0) {
		SYSERROR("failed to accept connection");
		return -1;
	}

	if (fcntl(connection, F_SETFD, FD_CLOEXEC)) {
		SYSERROR("failed to set close-on-exec on incoming connection");
		goto out_close;
	}

	if (setsockopt(connection, SOL_SOCKET,
		       SO_PASSCRED, &opt, sizeof(opt))) {
		SYSERROR("failed to enable credential on socket");
		goto out_close;
	}

	ret = lxc_mainloop_add_handler(descr, connection, command_handler, data);
	if (ret) {
		ERROR("failed to add handler");
		goto out_close;
	}

out:
	return ret;

out_close:
	close(connection);
	goto out;
}

extern int lxc_command_init(const char *name, struct lxc_handler *handler,
			    const char *lxcpath)
{
	int fd;
	char path[sizeof(((struct sockaddr_un *)0)->sun_path)] = { 0 };
	char *offset = &path[1];
	int len;

	len = sizeof(path)-1;
	if (fill_sock_name(offset, len, name, lxcpath))
		return -1;

	fd = lxc_af_unix_open(path, SOCK_STREAM, 0);
	if (fd < 0) {
		ERROR("failed (%d) to create the command service point %s", errno, offset);
		if (errno == EADDRINUSE) {
			ERROR("##");
			ERROR("# The container appears to be already running!");
			ERROR("##");
		}
		return -1;
	}

	if (fcntl(fd, F_SETFD, FD_CLOEXEC)) {
		SYSERROR("failed to set sigfd to close-on-exec");
		close(fd);
		return -1;
	}

	handler->conf->maincmd_fd = fd;
	return 0;
}

extern int lxc_command_mainloop_add(const char *name,
				    struct lxc_epoll_descr *descr,
				    struct lxc_handler *handler)
{
	int ret, fd = handler->conf->maincmd_fd;

	ret = lxc_mainloop_add_handler(descr, fd, incoming_command_handler,
				       handler);
	if (ret) {
		ERROR("failed to add handler for command socket");
		close(fd);
	}

	return ret;
}
Commit	Line	Data
724e753c MN	1	/*
	2	* lxc: linux Container library
	3	*
	4	* (C) Copyright IBM Corp. 2007, 2009
	5	*
	6	* Authors:
	7	* Daniel Lezcano <dlezcano at fr.ibm.com>
	8	*
	9	* This library is free software; you can redistribute it and/or
	10	* modify it under the terms of the GNU Lesser General Public
	11	* License as published by the Free Software Foundation; either
	12	* version 2.1 of the License, or (at your option) any later version.
	13	*
	14	* This library is distributed in the hope that it will be useful,
	15	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	16	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	17	* Lesser General Public License for more details.
	18	*
	19	* You should have received a copy of the GNU Lesser General Public
	20	* License along with this library; if not, write to the Free Software
	21	* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
	22	*/
	23
	24	#include <stdio.h>
	25	#include <errno.h>
	26	#include <unistd.h>
	27	#include <signal.h>
91480a0f	28	#include <fcntl.h>
724e753c MN	29	#include <sys/socket.h>
	30	#include <sys/un.h>
	31	#include <sys/poll.h>
	32	#include <sys/param.h>
2a59a681 SH	33	#include <malloc.h>
2a59a681 SH	34	#include <stdlib.h>
724e753c	35
00b3c2e2 CLG	36	#include <lxc/log.h>
	37	#include <lxc/conf.h>
	38	#include <lxc/start.h> /* for struct lxc_handler */
2a59a681	39	#include <lxc/utils.h>
724e753c MN	40
	41	#include "commands.h"
	42	#include "mainloop.h"
	43	#include "af_unix.h"
adaeaa99	44	#include "config.h"
724e753c	45
ded1d23f DL	46	/*
	47	* This file provides the different functions to have the client
	48	* and the server to communicate
	49	*
	50	* Each command is transactional, the client send a request to
	51	* the server and the server answer the request with a message
	52	* giving the request's status (zero or a negative errno value).
	53	*
	54	* Each command is wrapped in a ancillary message in order to pass
	55	* a credential making possible to the server to check if the client
	56	* is allowed to ask for this command or not.
	57	*
	58	*/
	59
724e753c MN	60	lxc_log_define(lxc_commands, lxc);
724e753c MN	61
13f5be62 SH	62	static int fill_sock_name(char path, int len, const char name,
	63	const char *inpath)
	64	{
67e571de	65	const char *lxcpath = NULL;
2a59a681	66	int ret;
13f5be62 SH	67
	68	if (!inpath) {
	69	lxcpath = default_lxc_path();
	70	if (!lxcpath) {
	71	ERROR("Out of memory getting lxcpath");
	72	return -1;
	73	}
2a59a681	74	}
13f5be62	75	ret = snprintf(path, len, "%s/%s/command", lxcpath ? lxcpath : inpath, name);
13f5be62	76
2a59a681 SH	77	if (ret < 0 \|\| ret >= len) {
	78	ERROR("Name too long");
	79	return -1;
	80	}
	81	return 0;
	82	}
ded1d23f	83
724e753c MN	84	static int receive_answer(int sock, struct lxc_answer *answer)
	85	{
	86	int ret;
	87
	88	ret = lxc_af_unix_recv_fd(sock, &answer->fd, answer, sizeof(*answer));
	89	if (ret < 0)
	90	ERROR("failed to receive answer for the command");
	91
	92	return ret;
	93	}
	94
43eb6f29	95	static int __lxc_command(const char name, struct lxc_command command,
13f5be62	96	int stopped, int stay_connected, const char lxcpath)
724e753c	97	{
724e753c	98	int sock, ret = -1;
46968ea3 DL	99	char path[sizeof(((struct sockaddr_un *)0)->sun_path)] = { 0 };
46968ea3 DL	100	char *offset = &path[1];
2a59a681	101	int len;
724e753c	102
9ba8130c	103	len = sizeof(path)-1;
13f5be62	104	if (fill_sock_name(offset, len, name, lxcpath))
9ba8130c	105	return -1;
724e753c	106
46968ea3	107	sock = lxc_af_unix_connect(path);
d97b36f8 DL	108	if (sock < 0 && errno == ECONNREFUSED) {
	109	*stopped = 1;
	110	return -1;
	111	}
	112
724e753c	113	if (sock < 0) {
d97b36f8	114	SYSERROR("failed to connect to '@%s'", offset);
724e753c MN	115	return -1;
	116	}
	117
	118	ret = lxc_af_unix_send_credential(sock, &command->request,
	119	sizeof(command->request));
	120	if (ret < 0) {
d97b36f8	121	SYSERROR("failed to send request to '@%s'", offset);
1362f2eb	122	goto out;
724e753c MN	123	}
	124
	125	if (ret != sizeof(command->request)) {
d97b36f8	126	SYSERROR("message partially sent to '@%s'", offset);
1362f2eb	127	goto out;
724e753c MN	128	}
	129
	130	ret = receive_answer(sock, &command->answer);
724e753c	131	out:
43eb6f29 DL	132	if (!stay_connected \|\| ret < 0)
	133	close(sock);
	134
1362f2eb	135	return ret;
724e753c MN	136	}
724e753c MN	137
43eb6f29	138	extern int lxc_command(const char *name,
13f5be62 SH	139	struct lxc_command command, int stopped,
13f5be62 SH	140	const char *lxcpath)
43eb6f29	141	{
13f5be62	142	return __lxc_command(name, command, stopped, 0, lxcpath);
43eb6f29 DL	143	}
	144
	145	extern int lxc_command_connected(const char *name,
13f5be62 SH	146	struct lxc_command command, int stopped,
13f5be62 SH	147	const char *lxcpath)
43eb6f29	148	{
13f5be62	149	return __lxc_command(name, command, stopped, 1, lxcpath);
43eb6f29 DL	150	}
	151
	152
13f5be62	153	pid_t get_init_pid(const char name, const char lxcpath)
26b2d152 MN	154	{
	155	struct lxc_command command = {
	156	.request = { .type = LXC_COMMAND_PID },
	157	};
	158
	159	int ret, stopped = 0;
	160
13f5be62	161	ret = lxc_command(name, &command, &stopped, lxcpath);
ebdd307d	162	if (ret < 0 && stopped)
26b2d152	163	return -1;
26b2d152 MN	164
	165	if (ret < 0) {
	166	ERROR("failed to send command");
	167	return -1;
	168	}
	169
	170	if (command.answer.ret) {
	171	ERROR("failed to retrieve the init pid: %s",
	172	strerror(-command.answer.ret));
	173	return -1;
	174	}
	175
	176	return command.answer.pid;
	177	}
	178
13f5be62	179	int lxc_get_clone_flags(const char name, const char lxcpath)
d5088cf2 CS	180	{
	181	struct lxc_command command = {
	182	.request = { .type = LXC_COMMAND_CLONE_FLAGS },
	183	};
	184
	185	int ret, stopped = 0;
	186
13f5be62	187	ret = lxc_command(name, &command, &stopped, lxcpath);
d5088cf2 CS	188	if (ret < 0 && stopped)
	189	return -1;
	190
	191	if (ret < 0) {
	192	ERROR("failed to send command");
	193	return -1;
	194	}
	195
	196	return command.answer.ret;
	197	}
	198
ded1d23f DL	199	extern void lxc_console_remove_fd(int, struct lxc_tty_info *);
	200	extern int lxc_console_callback(int, struct lxc_request , struct lxc_handler );
	201	extern int lxc_stop_callback(int, struct lxc_request , struct lxc_handler );
	202	extern int lxc_state_callback(int, struct lxc_request , struct lxc_handler );
81c75799	203	extern int lxc_pid_callback(int, struct lxc_request , struct lxc_handler );
d5088cf2	204	extern int lxc_clone_flags_callback(int, struct lxc_request , struct lxc_handler );
724e753c MN	205
724e753c MN	206	static int trigger_command(int fd, struct lxc_request *request,
ded1d23f	207	struct lxc_handler *handler)
724e753c	208	{
ded1d23f	209	typedef int (callback)(int, struct lxc_request , struct lxc_handler *);
724e753c MN	210
724e753c MN	211	callback cb[LXC_COMMAND_MAX] = {
d5088cf2 CS	212	[LXC_COMMAND_TTY] = lxc_console_callback,
	213	[LXC_COMMAND_STOP] = lxc_stop_callback,
	214	[LXC_COMMAND_STATE] = lxc_state_callback,
	215	[LXC_COMMAND_PID] = lxc_pid_callback,
	216	[LXC_COMMAND_CLONE_FLAGS] = lxc_clone_flags_callback,
724e753c MN	217	};
	218
	219	if (request->type < 0 \|\| request->type >= LXC_COMMAND_MAX)
	220	return -1;
	221
	222	return cb[request->type](fd, request, handler);
	223	}
	224
	225	static void command_fd_cleanup(int fd, struct lxc_handler *handler,
ded1d23f	226	struct lxc_epoll_descr *descr)
724e753c	227	{
fae349da	228	lxc_console_remove_fd(fd, &handler->conf->tty_info);
724e753c MN	229	lxc_mainloop_del_handler(descr, fd);
	230	close(fd);
	231	}
	232
ded1d23f	233	static int command_handler(int fd, void data, struct lxc_epoll_descr descr)
724e753c MN	234	{
	235	int ret;
	236	struct lxc_request request;
	237	struct lxc_handler *handler = data;
	238
	239	ret = lxc_af_unix_rcv_credential(fd, &request, sizeof(request));
0a3ec350	240	if (ret == -EACCES) {
3cc5de36 MN	241	/* we don't care for the peer, just send and close */
	242	struct lxc_answer answer = { .ret = ret };
	243	send(fd, &answer, sizeof(answer), 0);
	244	goto out_close;
ded1d23f DL	245	}
	246
	247	if (ret < 0) {
724e753c MN	248	SYSERROR("failed to receive data on command socket");
	249	goto out_close;
	250	}
	251
	252	if (!ret) {
	253	DEBUG("peer has disconnected");
	254	goto out_close;
	255	}
	256
	257	if (ret != sizeof(request)) {
	258	WARN("partial request, ignored");
	259	goto out_close;
	260	}
	261
	262	ret = trigger_command(fd, &request, handler);
	263	if (ret) {
	264	/* this is not an error, but only a request to close fd */
	265	ret = 0;
	266	goto out_close;
	267	}
	268
	269	out:
	270	return ret;
	271	out_close:
	272	command_fd_cleanup(fd, handler, descr);
	273	goto out;
	274	}
	275
	276	static int incoming_command_handler(int fd, void *data,
	277	struct lxc_epoll_descr *descr)
	278	{
ded1d23f	279	int opt = 1, ret = -1, connection;
724e753c MN	280
	281	connection = accept(fd, NULL, 0);
	282	if (connection < 0) {
	283	SYSERROR("failed to accept connection");
	284	return -1;
	285	}
	286
9ccb2dbc DL	287	if (fcntl(connection, F_SETFD, FD_CLOEXEC)) {
	288	SYSERROR("failed to set close-on-exec on incoming connection");
	289	goto out_close;
	290	}
	291
0a3ec350 DL	292	if (setsockopt(connection, SOL_SOCKET,
0a3ec350 DL	293	SO_PASSCRED, &opt, sizeof(opt))) {
724e753c MN	294	SYSERROR("failed to enable credential on socket");
	295	goto out_close;
	296	}
	297
	298	ret = lxc_mainloop_add_handler(descr, connection, command_handler, data);
	299	if (ret) {
	300	ERROR("failed to add handler");
	301	goto out_close;
	302	}
	303
	304	out:
	305	return ret;
	306
	307	out_close:
	308	close(connection);
	309	goto out;
	310	}
	311
13f5be62 SH	312	extern int lxc_command_init(const char name, struct lxc_handler handler,
13f5be62 SH	313	const char *lxcpath)
724e753c	314	{
d2e30e99	315	int fd;
46968ea3 DL	316	char path[sizeof(((struct sockaddr_un *)0)->sun_path)] = { 0 };
46968ea3 DL	317	char *offset = &path[1];
2a59a681	318	int len;
724e753c	319
9ba8130c	320	len = sizeof(path)-1;
13f5be62	321	if (fill_sock_name(offset, len, name, lxcpath))
9ba8130c	322	return -1;
724e753c	323
46968ea3	324	fd = lxc_af_unix_open(path, SOCK_STREAM, 0);
724e753c	325	if (fd < 0) {
97d3756c SH	326	ERROR("failed (%d) to create the command service point %s", errno, offset);
	327	if (errno == EADDRINUSE) {
	328	ERROR("##");
	329	ERROR("# The container appears to be already running!");
	330	ERROR("##");
	331	}
724e753c MN	332	return -1;
	333	}
	334
91480a0f DL	335	if (fcntl(fd, F_SETFD, FD_CLOEXEC)) {
	336	SYSERROR("failed to set sigfd to close-on-exec");
	337	close(fd);
	338	return -1;
	339	}
	340
d2e30e99 DE	341	handler->conf->maincmd_fd = fd;
	342	return 0;
	343	}
	344
	345	extern int lxc_command_mainloop_add(const char *name,
	346	struct lxc_epoll_descr *descr,
	347	struct lxc_handler *handler)
	348	{
	349	int ret, fd = handler->conf->maincmd_fd;
	350
0a3ec350 DL	351	ret = lxc_mainloop_add_handler(descr, fd, incoming_command_handler,
0a3ec350 DL	352	handler);
724e753c MN	353	if (ret) {
	354	ERROR("failed to add handler for command socket");
	355	close(fd);
	356	}
	357
	358	return ret;
	359	}