]> git.proxmox.com Git - mirror_lxc.git/blame - src/lxc/lxccontainer.c
projects / mirror_lxc.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Make get_ips timeout poll configurable
[mirror_lxc.git] / src / lxc / lxccontainer.c
CommitLineData
72d0e1cb
SG		 1/* liblxcapi
2 *
3 * Copyright © 2012 Serge Hallyn <serge.hallyn@ubuntu.com>.
4 * Copyright © 2012 Canonical Ltd.
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2, as
8 * published by the Free Software Foundation.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
18 */
19
9be53773 20#define _GNU_SOURCE
71454076 21#include <pthread.h>
9be53773
SH		 22#include <unistd.h>
23#include <sys/types.h>
24#include <sys/wait.h>
25#include <errno.h>
93dc5327 26#include <fcntl.h>
9be53773
SH		 27#include <sched.h>
28#include "config.h"
72d0e1cb
SG		 29#include "lxc.h"
30#include "state.h"
31#include "lxccontainer.h"
32#include "conf.h"
72d0e1cb 33#include "confile.h"
b5159817 34#include "console.h"
72d0e1cb
SG		 35#include "cgroup.h"
36#include "commands.h"
b6b918a1 37#include "version.h"
72d0e1cb 38#include "log.h"
9be53773 39#include "bdev.h"
6a44839f 40#include "utils.h"
2a59a681 41#include <lxc/utils.h>
e51d4895 42#include <lxc/monitor.h>
9c83a661 43#include <sched.h>
9c83a661
SG		 44#include <arpa/inet.h>
45#include <ifaddrs.h>
72d0e1cb
SG		 46
47lxc_log_define(lxc_container, lxc);
48
3e625e2d
SH		 49static bool file_exists(char *f)
50{
51 struct stat statbuf;
52
53 return stat(f, &statbuf) == 0;
54}
55
56/*
57 * A few functions to help detect when a container creation failed.
58 * If a container creation was killed partway through, then trying
59 * to actually start that container could harm the host. We detect
60 * this by creating a 'partial' file under the container directory,
61 * and keeping an advisory lock. When container creation completes,
62 * we remove that file. When we load or try to start a container, if
63 * we find that file, without a flock, we remove the container.
64 */
65int ongoing_create(struct lxc_container *c)
66{
67 int len = strlen(c->config_path) + strlen(c->name) + 10;
68 char *path = alloca(len);
69 int fd, ret;
93dc5327
SH		 70 struct flock lk;
71
3e625e2d
SH		 72 ret = snprintf(path, len, "%s/%s/partial", c->config_path, c->name);
73 if (ret < 0 || ret >= len) {
74 ERROR("Error writing partial pathname");
75 return -1;
76 }
77
78 if (!file_exists(path))
79 return 0;
80 if (process_lock())
81 return -1;
82 if ((fd = open(path, O_RDWR)) < 0) {
83 // give benefit of the doubt
84 SYSERROR("Error opening partial file");
85 process_unlock();
86 return 0;
87 }
93dc5327
SH		 88 lk.l_type = F_WRLCK;
89 lk.l_whence = SEEK_SET;
90 lk.l_start = 0;
91 lk.l_len = 0;
92 lk.l_pid = -1;
93 if (fcntl(fd, F_GETLK, &lk) == 0 && lk.l_pid != -1) {
3e625e2d
SH		 94 // create is still ongoing
95 close(fd);
96 process_unlock();
97 return 1;
98 }
99 // create completed but partial is still there.
100 close(fd);
101 process_unlock();
102 return 2;
103}
104
105int create_partial(struct lxc_container *c)
106{
107 // $lxcpath + '/' + $name + '/partial' + \0
108 int len = strlen(c->config_path) + strlen(c->name) + 10;
109 char *path = alloca(len);
110 int fd, ret;
93dc5327
SH		 111 struct flock lk;
112
3e625e2d
SH		 113 ret = snprintf(path, len, "%s/%s/partial", c->config_path, c->name);
114 if (ret < 0 || ret >= len) {
115 ERROR("Error writing partial pathname");
116 return -1;
117 }
1897e3bc 118 if (process_lock())
3e625e2d 119 return -1;
93dc5327 120 if ((fd=open(path, O_RDWR | O_CREAT | O_EXCL, 0755)) < 0) {
3e625e2d
SH		 121 SYSERROR("Erorr creating partial file");
122 process_unlock();
123 return -1;
124 }
93dc5327
SH		 125 lk.l_type = F_WRLCK;
126 lk.l_whence = SEEK_SET;
127 lk.l_start = 0;
128 lk.l_len = 0;
129 if (fcntl(fd, F_SETLKW, &lk) < 0) {
3e625e2d
SH		 130 SYSERROR("Error locking partial file %s", path);
131 close(fd);
132 process_unlock();
133 return -1;
134 }
135 process_unlock();
136
137 return fd;
138}
139
140void remove_partial(struct lxc_container *c, int fd)
141{
142 // $lxcpath + '/' + $name + '/partial' + \0
143 int len = strlen(c->config_path) + strlen(c->name) + 10;
144 char *path = alloca(len);
145 int ret;
146
147 close(fd);
148 ret = snprintf(path, len, "%s/%s/partial", c->config_path, c->name);
149 if (ret < 0 || ret >= len) {
150 ERROR("Error writing partial pathname");
151 return;
152 }
153 if (process_lock())
154 return;
155 if (unlink(path) < 0)
156 SYSERROR("Error unlink partial file %s", path);
157 process_unlock();
158}
159
72d0e1cb 160/* LOCKING
3bc449ed
SH		 161 * 1. container_mem_lock(c) protects the struct lxc_container from multiple threads.
162 * 2. container_disk_lock(c) protects the on-disk container data - in particular the
163 * container configuration file.
164 * The container_disk_lock also takes the container_mem_lock.
165 * 3. thread_mutex protects process data (ex: fd table) from multiple threads.
72d0e1cb
SG		 166 * NOTHING mutexes two independent programs with their own struct
167 * lxc_container for the same c->name, between API calls. For instance,
168 * c->config_read(); c->start(); Between those calls, data on disk
169 * could change (which shouldn't bother the caller unless for instance
170 * the rootfs get moved). c->config_read(); update; c->config_write();
171 * Two such updaters could race. The callers should therefore check their
172 * results. Trying to prevent that would necessarily expose us to deadlocks
173 * due to hung callers. So I prefer to keep the locks only within our own
174 * functions, not across functions.
175 *
3bc449ed 176 * If you're going to clone while holding a lxccontainer, increment
72d0e1cb
SG		 177 * c->numthreads (under privlock) before forking. When deleting,
178 * decrement numthreads under privlock, then if it hits 0 you can delete.
179 * Do not ever use a lxccontainer whose numthreads you did not bump.
180 */
181
182static void lxc_container_free(struct lxc_container *c)
183{
184 if (!c)
185 return;
186
187 if (c->configfile) {
188 free(c->configfile);
189 c->configfile = NULL;
190 }
191 if (c->error_string) {
192 free(c->error_string);
193 c->error_string = NULL;
194 }
d95db067 195 if (c->slock) {
df271a59 196 lxc_putlock(c->slock);
d95db067
DE		 197 c->slock = NULL;
198 }
72d0e1cb 199 if (c->privlock) {
df271a59 200 lxc_putlock(c->privlock);
72d0e1cb
SG		 201 c->privlock = NULL;
202 }
203 if (c->name) {
204 free(c->name);
205 c->name = NULL;
206 }
d95db067
DE		 207 if (c->lxc_conf) {
208 lxc_conf_free(c->lxc_conf);
209 c->lxc_conf = NULL;
210 }
2a59a681
SH		 211 if (c->config_path) {
212 free(c->config_path);
213 c->config_path = NULL;
214 }
72d0e1cb
SG		 215 free(c);
216}
217
43d1aa34
SH		 218/*
219 * Consider the following case:
220freer | racing get()er
221==================================================================
222lxc_container_put() | lxc_container_get()
223\ lxclock(c->privlock) | c->numthreads < 1? (no)
224\ c->numthreads = 0 | \ lxclock(c->privlock) -> waits
225\ lxcunlock() | \
226\ lxc_container_free() | \ lxclock() returns
227 | \ c->numthreads < 1 -> return 0
228\ \ (free stuff) |
229\ \ sem_destroy(privlock) |
230
231 * When the get()er checks numthreads the first time, one of the following
232 * is true:
233 * 1. freer has set numthreads = 0. get() returns 0
234 * 2. freer is between lxclock and setting numthreads to 0. get()er will
235 * sem_wait on privlock, get lxclock after freer() drops it, then see
236 * numthreads is 0 and exit without touching lxclock again..
237 * 3. freer has not yet locked privlock. If get()er runs first, then put()er
238 * will see --numthreads = 1 and not call lxc_container_free().
239*/
240
72d0e1cb
SG		 241int lxc_container_get(struct lxc_container *c)
242{
243 if (!c)
244 return 0;
245
43d1aa34
SH		 246 // if someone else has already started freeing the container, don't
247 // try to take the lock, which may be invalid
248 if (c->numthreads < 1)
249 return 0;
250
5cee8c50 251 if (container_mem_lock(c))
72d0e1cb
SG		 252 return 0;
253 if (c->numthreads < 1) {
254 // bail without trying to unlock, bc the privlock is now probably
255 // in freed memory
256 return 0;
257 }
258 c->numthreads++;
5cee8c50 259 container_mem_unlock(c);
72d0e1cb
SG		 260 return 1;
261}
262
263int lxc_container_put(struct lxc_container *c)
264{
265 if (!c)
266 return -1;
5cee8c50 267 if (container_mem_lock(c))
72d0e1cb
SG		 268 return -1;
269 if (--c->numthreads < 1) {
5cee8c50 270 container_mem_unlock(c);
72d0e1cb
SG		 271 lxc_container_free(c);
272 return 1;
273 }
5cee8c50 274 container_mem_unlock(c);
72d0e1cb
SG		 275 return 0;
276}
277
72d0e1cb
SG		 278static bool lxcapi_is_defined(struct lxc_container *c)
279{
280 struct stat statbuf;
281 bool ret = false;
282 int statret;
283
284 if (!c)
285 return false;
286
5cee8c50 287 if (container_mem_lock(c))
72d0e1cb
SG		 288 return false;
289 if (!c->configfile)
290 goto out;
291 statret = stat(c->configfile, &statbuf);
292 if (statret != 0)
293 goto out;
294 ret = true;
295
296out:
5cee8c50 297 container_mem_unlock(c);
72d0e1cb
SG		 298 return ret;
299}
300
301static const char *lxcapi_state(struct lxc_container *c)
302{
72d0e1cb
SG		 303 lxc_state_t s;
304
305 if (!c)
306 return NULL;
13f5be62 307 s = lxc_getstate(c->name, c->config_path);
39dc698c 308 return lxc_state2str(s);
72d0e1cb
SG		 309}
310
39dc698c 311static bool is_stopped(struct lxc_container *c)
794dd120
SH		 312{
313 lxc_state_t s;
13f5be62 314 s = lxc_getstate(c->name, c->config_path);
794dd120
SH		 315 return (s == STOPPED);
316}
317
72d0e1cb
SG		 318static bool lxcapi_is_running(struct lxc_container *c)
319{
320 const char *s;
321
322 if (!c)
323 return false;
324 s = lxcapi_state(c);
325 if (!s || strcmp(s, "STOPPED") == 0)
326 return false;
327 return true;
328}
329
330static bool lxcapi_freeze(struct lxc_container *c)
331{
332 int ret;
333 if (!c)
334 return false;
335
9123e471 336 ret = lxc_freeze(c->name, c->config_path);
72d0e1cb
SG		 337 if (ret)
338 return false;
339 return true;
340}
341
342static bool lxcapi_unfreeze(struct lxc_container *c)
343{
344 int ret;
345 if (!c)
346 return false;
347
9123e471 348 ret = lxc_unfreeze(c->name, c->config_path);
72d0e1cb
SG		 349 if (ret)
350 return false;
351 return true;
352}
353
b5159817 354static int lxcapi_console_getfd(struct lxc_container *c, int *ttynum, int *masterfd)
0115f8fd
DE		 355{
356 int ttyfd;
357 if (!c)
358 return -1;
359
b5159817 360 ttyfd = lxc_console_getfd(c, ttynum, masterfd);
0115f8fd
DE		 361 return ttyfd;
362}
363
b5159817
DE		 364static int lxcapi_console(struct lxc_container *c, int ttynum, int stdinfd,
365 int stdoutfd, int stderrfd, int escape)
366{
367 return lxc_console(c, ttynum, stdinfd, stdoutfd, stderrfd, escape);
368}
369
72d0e1cb
SG		 370static pid_t lxcapi_init_pid(struct lxc_container *c)
371{
72d0e1cb
SG		 372 if (!c)
373 return -1;
374
5cee8c50 375 return lxc_cmd_get_init_pid(c->name, c->config_path);
72d0e1cb
SG		 376}
377
12a50cc6 378static bool load_config_locked(struct lxc_container *c, const char *fname)
8eb5694b
SH		 379{
380 if (!c->lxc_conf)
381 c->lxc_conf = lxc_conf_init();
382 if (c->lxc_conf && !lxc_config_read(fname, c->lxc_conf))
383 return true;
384 return false;
385}
386
12a50cc6 387static bool lxcapi_load_config(struct lxc_container *c, const char *alt_file)
72d0e1cb 388{
39dc698c
SH		 389 bool ret = false, need_disklock = false;
390 int lret;
12a50cc6 391 const char *fname;
72d0e1cb
SG		 392 if (!c)
393 return false;
394
395 fname = c->configfile;
396 if (alt_file)
397 fname = alt_file;
398 if (!fname)
399 return false;
39dc698c
SH		 400 /*
401 * If we're reading something other than the container's config,
402 * we only need to lock the in-memory container. If loading the
403 * container's config file, take the disk lock.
404 */
405 if (strcmp(fname, c->configfile) == 0)
406 need_disklock = true;
407
408 if (need_disklock)
409 lret = container_disk_lock(c);
410 else
411 lret = container_mem_lock(c);
412 if (lret)
72d0e1cb 413 return false;
39dc698c 414
8eb5694b 415 ret = load_config_locked(c, fname);
39dc698c
SH		 416
417 if (need_disklock)
418 container_disk_unlock(c);
419 else
420 container_mem_unlock(c);
72d0e1cb
SG		 421 return ret;
422}
423
424static void lxcapi_want_daemonize(struct lxc_container *c)
425{
426 if (!c)
427 return;
f02abefe 428 if (container_mem_lock(c)) {
3bc449ed
SH		 429 ERROR("Error getting mem lock");
430 return;
431 }
72d0e1cb 432 c->daemonize = 1;
3bc449ed 433 container_mem_unlock(c);
72d0e1cb
SG		 434}
435
12a50cc6 436static bool lxcapi_wait(struct lxc_container *c, const char *state, int timeout)
7a44c8b4
SG		 437{
438 int ret;
439
440 if (!c)
441 return false;
442
67e571de 443 ret = lxc_wait(c->name, state, timeout, c->config_path);
7a44c8b4
SG		 444 return ret == 0;
445}
446
447
448static bool wait_on_daemonized_start(struct lxc_container *c)
449{
450 /* we'll probably want to make this timeout configurable? */
697fa639 451 int timeout = 5, ret, status;
7a44c8b4 452
697fa639
SH		 453 /*
454 * our child is going to fork again, then exit. reap the
455 * child
456 */
457 ret = wait(&status);
458 if (ret == -1 || !WIFEXITED(status) || WEXITSTATUS(status) != 0)
459 DEBUG("failed waiting for first dual-fork child");
7a44c8b4
SG		 460 return lxcapi_wait(c, "RUNNING", timeout);
461}
462
72d0e1cb
SG		 463/*
464 * I can't decide if it'd be more convenient for callers if we accept '...',
465 * or a null-terminated array (i.e. execl vs execv)
466 */
12a50cc6 467static bool lxcapi_start(struct lxc_container *c, int useinit, char * const argv[])
72d0e1cb
SG		 468{
469 int ret;
470 struct lxc_conf *conf;
471 int daemonize = 0;
472 char *default_args[] = {
473 "/sbin/init",
474 '\0',
475 };
476
477 /* container exists */
478 if (!c)
479 return false;
480 /* container has been setup */
481 if (!c->lxc_conf)
482 return false;
483
3e625e2d
SH		 484 if ((ret = ongoing_create(c)) < 0) {
485 ERROR("Error checking for incomplete creation");
486 return false;
487 }
488 if (ret == 2) {
489 ERROR("Error: %s creation was not completed", c->name);
490 c->destroy(c);
491 return false;
492 } else if (ret == 1) {
493 ERROR("Error: creation of %s is ongoing", c->name);
494 return false;
495 }
496
72d0e1cb
SG		 497 /* is this app meant to be run through lxcinit, as in lxc-execute? */
498 if (useinit && !argv)
499 return false;
500
5cee8c50 501 if (container_mem_lock(c))
72d0e1cb
SG		 502 return false;
503 conf = c->lxc_conf;
504 daemonize = c->daemonize;
5cee8c50 505 container_mem_unlock(c);
72d0e1cb
SG		 506
507 if (useinit) {
13f5be62 508 ret = lxc_execute(c->name, argv, 1, conf, c->config_path);
72d0e1cb
SG		 509 return ret == 0 ? true : false;
510 }
511
512 if (!argv)
513 argv = default_args;
514
515 /*
516 * say, I'm not sure - what locks do we want here? Any?
517 * Is liblxc's locking enough here to protect the on disk
518 * container? We don't want to exclude things like lxc_info
519 * while container is running...
520 */
521 if (daemonize) {
522 if (!lxc_container_get(c))
523 return false;
e51d4895 524 lxc_monitord_spawn(c->config_path);
71454076 525
5cee8c50 526 if (process_lock())
71454076 527 return false;
72d0e1cb
SG		 528 pid_t pid = fork();
529 if (pid < 0) {
530 lxc_container_put(c);
5cee8c50 531 process_unlock();
72d0e1cb
SG		 532 return false;
533 }
71454076
DE		 534 if (pid != 0) {
535 ret = wait_on_daemonized_start(c);
5cee8c50 536 process_unlock();
71454076
DE		 537 return ret;
538 }
5cee8c50 539 process_unlock();
697fa639
SH		 540 /* second fork to be reparented by init */
541 pid = fork();
542 if (pid < 0) {
543 SYSERROR("Error doing dual-fork");
544 return false;
545 }
546 if (pid != 0)
547 exit(0);
72d0e1cb 548 /* like daemon(), chdir to / and redirect 0,1,2 to /dev/null */
c278cef2
SH		 549 if (chdir("/")) {
550 SYSERROR("Error chdir()ing to /.");
551 return false;
552 }
72d0e1cb
SG		 553 close(0);
554 close(1);
555 close(2);
eddaaafd 556 open("/dev/zero", O_RDONLY);
72d0e1cb
SG		 557 open("/dev/null", O_RDWR);
558 open("/dev/null", O_RDWR);
559 setsid();
560 }
561
72d0e1cb
SG		 562reboot:
563 conf->reboot = 0;
13f5be62 564 ret = lxc_start(c->name, argv, conf, c->config_path);
72d0e1cb
SG		 565
566 if (conf->reboot) {
567 INFO("container requested reboot");
568 conf->reboot = 0;
72d0e1cb
SG		 569 goto reboot;
570 }
571
572 if (daemonize) {
573 lxc_container_put(c);
574 exit (ret == 0 ? true : false);
575 } else {
576 return (ret == 0 ? true : false);
577 }
578}
579
580/*
581 * note there MUST be an ending NULL
582 */
583static bool lxcapi_startl(struct lxc_container *c, int useinit, ...)
584{
585 va_list ap;
586 char **inargs = NULL, **temp;
587 int n_inargs = 0;
588 bool bret = false;
589
590 /* container exists */
591 if (!c)
592 return false;
593
594 /* build array of arguments if any */
595 va_start(ap, useinit);
596 while (1) {
597 char *arg;
598 arg = va_arg(ap, char *);
599 if (!arg)
600 break;
601 n_inargs++;
602 temp = realloc(inargs, n_inargs * sizeof(*inargs));
586d4e9b
SH		 603 if (!temp) {
604 va_end(ap);
72d0e1cb 605 goto out;
586d4e9b 606 }
72d0e1cb
SG		 607 inargs = temp;
608 inargs[n_inargs - 1] = strdup(arg); // not sure if it's safe not to copy
609 }
610 va_end(ap);
611
612 /* add trailing NULL */
613 if (n_inargs) {
614 n_inargs++;
615 temp = realloc(inargs, n_inargs * sizeof(*inargs));
616 if (!temp)
617 goto out;
618 inargs = temp;
619 inargs[n_inargs - 1] = NULL;
620 }
621
622 bret = lxcapi_start(c, useinit, inargs);
623
624out:
625 if (inargs) {
626 int i;
627 for (i = 0; i < n_inargs; i++) {
628 if (inargs[i])
629 free(inargs[i]);
630 }
631 free(inargs);
632 }
633
634 return bret;
635}
636
637static bool lxcapi_stop(struct lxc_container *c)
638{
639 int ret;
640
641 if (!c)
642 return false;
643
ef6e34ee 644 ret = lxc_cmd_stop(c->name, c->config_path);
72d0e1cb
SG		 645
646 return ret == 0;
72d0e1cb
SG		 647}
648
72d0e1cb
SG		 649/*
650 * create the standard expected container dir
651 */
652static bool create_container_dir(struct lxc_container *c)
653{
654 char *s;
655 int len, ret;
656
2a59a681 657 len = strlen(c->config_path) + strlen(c->name) + 2;
72d0e1cb
SG		 658 s = malloc(len);
659 if (!s)
660 return false;
2a59a681 661 ret = snprintf(s, len, "%s/%s", c->config_path, c->name);
72d0e1cb
SG		 662 if (ret < 0 || ret >= len) {
663 free(s);
664 return false;
665 }
666 ret = mkdir(s, 0755);
667 if (ret) {
668 if (errno == EEXIST)
669 ret = 0;
670 else
671 SYSERROR("failed to create container path for %s\n", c->name);
672 }
673 free(s);
674 return ret == 0;
675}
676
1897e3bc
SH		 677static const char *lxcapi_get_config_path(struct lxc_container *c);
678static bool lxcapi_set_config_item(struct lxc_container *c, const char *key, const char *v);
679
72d0e1cb 680/*
1897e3bc
SH		 681 * do_bdev_create: thin wrapper around bdev_create(). Like bdev_create(),
682 * it returns a mounted bdev on success, NULL on error.
72d0e1cb 683 */
1897e3bc
SH		 684static struct bdev *do_bdev_create(struct lxc_container *c, const char *type,
685 struct bdev_specs *specs)
686{
687 char *dest;
688 const char *lxcpath = lxcapi_get_config_path(c);
689 size_t len;
690 struct bdev *bdev;
691 int ret;
692
693 /* lxcpath/lxcname/rootfs */
694 len = strlen(c->name) + strlen(lxcpath) + 9;
695 dest = alloca(len);
696 ret = snprintf(dest, len, "%s/%s/rootfs", lxcpath, c->name);
697 if (ret < 0 || ret >= len)
698 return NULL;
699
700 bdev = bdev_create(dest, type, c->name, specs);
701 if (!bdev)
702 return NULL;
703 lxcapi_set_config_item(c, "lxc.rootfs", bdev->src);
704 return bdev;
705}
706
cbee8106
SH		 707/*
708 * Given the '-t' template option to lxc-create, figure out what to
709 * do. If the template is a full executable path, use that. If it
710 * is something like 'sshd', then return $templatepath/lxc-sshd. If
711 * no template was passed in, return NULL (this is ok).
712 * On error return (char *) -1.
713 */
714char *get_template_path(const char *t)
715{
716 int ret, len;
717 char *tpath;
718
719 if (!t)
720 return NULL;
721
722 if (t[0] == '/' && access(t, X_OK) == 0) {
723 tpath = strdup(t);
724 if (!tpath)
725 return (char *) -1;
726 return tpath;
727 }
728
729 len = strlen(LXCTEMPLATEDIR) + strlen(t) + strlen("/lxc-") + 1;
730 tpath = malloc(len);
731 if (!tpath)
732 return (char *) -1;
733 ret = snprintf(tpath, len, "%s/lxc-%s", LXCTEMPLATEDIR, t);
734 if (ret < 0 || ret >= len) {
735 free(tpath);
736 return (char *) -1;
737 }
738 if (access(tpath, X_OK) < 0) {
739 SYSERROR("bad template: %s\n", t);
740 free(tpath);
741 return (char *) -1;
742 }
743
744 return tpath;
745}
746
96b3cb40 747static char *lxcbasename(char *path)
72d0e1cb 748{
96b3cb40
SH		 749 char *p = path + strlen(path) - 1;
750 while (*p != '/' && p > path)
751 p--;
752 return p;
753}
72d0e1cb 754
dc23c1c8 755static bool create_run_template(struct lxc_container *c, char *tpath, bool quiet,
96b3cb40
SH		 756 char *const argv[])
757{
758 pid_t pid;
72d0e1cb 759
72d0e1cb 760 if (!tpath)
96b3cb40 761 return true;
72d0e1cb
SG		 762
763 pid = fork();
764 if (pid < 0) {
765 SYSERROR("failed to fork task for container creation template\n");
96b3cb40 766 return false;
72d0e1cb
SG		 767 }
768
769 if (pid == 0) { // child
1897e3bc
SH		 770 char *patharg, *namearg, *rootfsarg, *src;
771 struct bdev *bdev = NULL;
72d0e1cb 772 int i;
96b3cb40
SH		 773 int ret, len, nargs = 0;
774 char **newargv;
72d0e1cb 775
dc23c1c8
SH		 776 if (quiet) {
777 close(0);
778 close(1);
779 close(2);
780 open("/dev/zero", O_RDONLY);
781 open("/dev/null", O_RDWR);
782 open("/dev/null", O_RDWR);
783 }
1897e3bc
SH		 784 if (unshare(CLONE_NEWNS) < 0) {
785 ERROR("error unsharing mounts");
786 exit(1);
787 }
788
789 src = c->lxc_conf->rootfs.path;
790 /*
791 * for an overlayfs create, what the user wants is the template to fill
792 * in what will become the readonly lower layer. So don't mount for
793 * the template
794 */
795 if (strncmp(src, "overlayfs:", 10) == 0) {
796 src = overlayfs_getlower(src+10);
797 }
798 bdev = bdev_init(src, c->lxc_conf->rootfs.mount, NULL);
799 if (!bdev) {
800 ERROR("Error opening rootfs");
801 exit(1);
802 }
803
804 if (bdev->ops->mount(bdev) < 0) {
805 ERROR("Error mounting rootfs");
806 exit(1);
807 }
808
72d0e1cb
SG		 809 /*
810 * create our new array, pre-pend the template name and
811 * base args
812 */
813 if (argv)
1897e3bc
SH		 814 for (nargs = 0; argv[nargs]; nargs++) ;
815 nargs += 4; // template, path, rootfs and name args
72d0e1cb
SG		 816 newargv = malloc(nargs * sizeof(*newargv));
817 if (!newargv)
818 exit(1);
96b3cb40 819 newargv[0] = lxcbasename(tpath);
72d0e1cb 820
2a59a681 821 len = strlen(c->config_path) + strlen(c->name) + strlen("--path=") + 2;
72d0e1cb
SG		 822 patharg = malloc(len);
823 if (!patharg)
824 exit(1);
2a59a681 825 ret = snprintf(patharg, len, "--path=%s/%s", c->config_path, c->name);
72d0e1cb
SG		 826 if (ret < 0 || ret >= len)
827 exit(1);
828 newargv[1] = patharg;
829 len = strlen("--name=") + strlen(c->name) + 1;
830 namearg = malloc(len);
831 if (!namearg)
832 exit(1);
833 ret = snprintf(namearg, len, "--name=%s", c->name);
834 if (ret < 0 || ret >= len)
835 exit(1);
836 newargv[2] = namearg;
837
1897e3bc
SH		 838 len = strlen("--rootfs=") + 1 + strlen(bdev->dest);
839 rootfsarg = malloc(len);
840 if (!rootfsarg)
841 exit(1);
842 ret = snprintf(rootfsarg, len, "--rootfs=%s", bdev->dest);
843 if (ret < 0 || ret >= len)
844 exit(1);
845 newargv[3] = rootfsarg;
846
72d0e1cb
SG		 847 /* add passed-in args */
848 if (argv)
1897e3bc
SH		 849 for (i = 4; i < nargs; i++)
850 newargv[i] = argv[i-4];
72d0e1cb
SG		 851
852 /* add trailing NULL */
853 nargs++;
854 newargv = realloc(newargv, nargs * sizeof(*newargv));
855 if (!newargv)
856 exit(1);
857 newargv[nargs - 1] = NULL;
858
859 /* execute */
e6a19d26 860 execv(tpath, newargv);
72d0e1cb
SG		 861 SYSERROR("failed to execute template %s", tpath);
862 exit(1);
863 }
864
9be53773
SH		 865 if (wait_for_pid(pid) != 0) {
866 ERROR("container creation template for %s failed\n", c->name);
96b3cb40
SH		 867 return false;
868 }
869
870 return true;
871}
872
3ce74686
SH		 873bool prepend_lxc_header(char *path, const char *t, char *const argv[])
874{
875 size_t flen;
876 char *contents, *tpath;
3ce74686 877 FILE *f;
52026772
SH		 878#if HAVE_LIBGNUTLS
879 int i, ret;
3ce74686
SH		 880 unsigned char md_value[SHA_DIGEST_LENGTH];
881 bool have_tpath = false;
52026772 882#endif
3ce74686
SH		 883
884 if ((f = fopen(path, "r")) == NULL) {
885 SYSERROR("Opening old config");
886 return false;
887 }
888 if (fseek(f, 0, SEEK_END) < 0) {
889 SYSERROR("Seeking to end of old config file");
890 fclose(f);
891 return false;
892 }
893 if ((flen = ftell(f)) < 0) {
894 SYSERROR("telling size of old config");
895 fclose(f);
896 return false;
897 }
898 if (fseek(f, 0, SEEK_SET) < 0) {
899 SYSERROR("rewinding old config");
900 fclose(f);
901 return false;
902 }
903 if ((contents = malloc(flen + 1)) == NULL) {
904 SYSERROR("out of memory");
905 fclose(f);
906 return false;
907 }
908 if (fread(contents, 1, flen, f) != flen) {
909 SYSERROR("Reading old config");
910 free(contents);
911 fclose(f);
912 return false;
913 }
914 contents[flen] = '\0';
915 if (fclose(f) < 0) {
916 SYSERROR("closing old config");
917 free(contents);
918 return false;
919 }
920
921 if ((tpath = get_template_path(t)) < 0) {
922 ERROR("bad template: %s\n", t);
923 free(contents);
924 return false;
925 }
926
927#if HAVE_LIBGNUTLS
928 if (tpath) {
929 have_tpath = true;
930 ret = sha1sum_file(tpath, md_value);
931 if (ret < 0) {
932 ERROR("Error getting sha1sum of %s", tpath);
933 free(contents);
934 return false;
935 }
936 free(tpath);
937 }
938#endif
939
940 if ((f = fopen(path, "w")) == NULL) {
941 SYSERROR("reopening config for writing");
942 free(contents);
943 return false;
944 }
945 fprintf(f, "# Template used to create this container: %s\n", t);
946 if (argv) {
947 fprintf(f, "# Parameters passed to the template:");
948 while (*argv) {
949 fprintf(f, " %s", *argv);
950 argv++;
951 }
952 fprintf(f, "\n");
953 }
954#if HAVE_LIBGNUTLS
955 if (have_tpath) {
956 fprintf(f, "# Template script checksum (SHA-1): ");
957 for (i=0; i<SHA_DIGEST_LENGTH; i++)
958 fprintf(f, "%02x", md_value[i]);
959 fprintf(f, "\n");
960 }
961#endif
962 if (fwrite(contents, 1, flen, f) != flen) {
963 SYSERROR("Writing original contents");
964 free(contents);
965 fclose(f);
966 return false;
967 }
968 free(contents);
969 if (fclose(f) < 0) {
970 SYSERROR("Closing config file after write");
971 return false;
972 }
973 return true;
974}
975
96b3cb40
SH		 976static bool lxcapi_destroy(struct lxc_container *c);
977/*
978 * lxcapi_create:
979 * create a container with the given parameters.
980 * @c: container to be created. It has the lxcpath, name, and a starting
981 * configuration already set
982 * @t: the template to execute to instantiate the root filesystem and
983 * adjust the configuration.
984 * @bdevtype: backing store type to use. If NULL, dir will be used.
985 * @specs: additional parameters for the backing store, i.e. LVM vg to
986 * use.
987 *
988 * @argv: the arguments to pass to the template, terminated by NULL. If no
989 * arguments, you can just pass NULL.
990 */
991static bool lxcapi_create(struct lxc_container *c, const char *t,
dc23c1c8 992 const char *bdevtype, struct bdev_specs *specs, int flags,
96b3cb40
SH		 993 char *const argv[])
994{
995 bool bret = false;
996 pid_t pid;
cbee8106
SH		 997 char *tpath;
998 int partial_fd;
96b3cb40
SH		 999
1000 if (!c)
1001 return false;
1002
cbee8106 1003 if ((tpath = get_template_path(t)) < 0) {
96b3cb40
SH		 1004 ERROR("bad template: %s\n", t);
1005 goto out;
1006 }
1007
1008 if (!c->save_config(c, NULL)) {
1009 ERROR("failed to save starting configuration for %s\n", c->name);
1010 goto out;
1011 }
1012
1013 /* container is already created if we have a config and rootfs.path is accessible */
1014 if (lxcapi_is_defined(c) && c->lxc_conf && c->lxc_conf->rootfs.path && access(c->lxc_conf->rootfs.path, F_OK) == 0)
1015 goto out;
1016
1017 /* Mark that this container is being created */
1018 if ((partial_fd = create_partial(c)) < 0)
1019 goto out;
1020
1021 /* no need to get disk lock bc we have the partial locked */
1022
1023 /*
1024 * Create the backing store
1025 * Note we can't do this in the same task as we use to execute the
1026 * template because of the way zfs works.
1027 * After you 'zfs create', zfs mounts the fs only in the initial
1028 * namespace.
1029 */
1030 pid = fork();
1031 if (pid < 0) {
1032 SYSERROR("failed to fork task for container creation template\n");
8eb5694b
SH		 1033 goto out_unlock;
1034 }
1035
96b3cb40
SH		 1036 if (pid == 0) { // child
1037 struct bdev *bdev = NULL;
1038
1039 if (!(bdev = do_bdev_create(c, bdevtype, specs))) {
1040 ERROR("Error creating backing store type %s for %s",
1041 bdevtype ? bdevtype : "(none)", c->name);
1042 exit(1);
1043 }
1044
1045 /* save config file again to store the new rootfs location */
1046 if (!c->save_config(c, NULL)) {
1047 ERROR("failed to save starting configuration for %s\n", c->name);
1048 // parent task won't see bdev in config so we delete it
1049 bdev->ops->umount(bdev);
1050 bdev->ops->destroy(bdev);
1051 exit(1);
1052 }
1053 exit(0);
1054 }
1055 if (wait_for_pid(pid) != 0)
1056 goto out;
1057
1058 /* reload config to get the rootfs */
1059 if (c->lxc_conf)
1060 lxc_conf_free(c->lxc_conf);
1061 c->lxc_conf = NULL;
1062 if (!load_config_locked(c, c->configfile))
1063 goto out;
1064
dc23c1c8 1065 if (!create_run_template(c, tpath, !!(flags & LXC_CREATE_QUIET), argv))
96b3cb40
SH		 1066 goto out_unlock;
1067
8eb5694b
SH		 1068 // now clear out the lxc_conf we have, reload from the created
1069 // container
1070 if (c->lxc_conf)
1071 lxc_conf_free(c->lxc_conf);
1072 c->lxc_conf = NULL;
3ce74686
SH		 1073
1074 if (!prepend_lxc_header(c->configfile, tpath, argv)) {
1075 ERROR("Error prepending header to configuration file");
1076 goto out_unlock;
1077 }
8eb5694b 1078 bret = load_config_locked(c, c->configfile);
72d0e1cb
SG		 1079
1080out_unlock:
3e625e2d
SH		 1081 if (partial_fd >= 0)
1082 remove_partial(c, partial_fd);
72d0e1cb
SG		 1083out:
1084 if (tpath)
1085 free(tpath);
1897e3bc
SH		 1086 if (!bret && c)
1087 lxcapi_destroy(c);
72d0e1cb
SG		 1088 return bret;
1089}
1090
3e625e2d
SH		 1091static bool lxcapi_reboot(struct lxc_container *c)
1092{
1093 pid_t pid;
1094
1095 if (!c)
1096 return false;
1097 if (!c->is_running(c))
1098 return false;
1099 pid = c->init_pid(c);
1100 if (pid <= 0)
1101 return false;
1102 if (kill(pid, SIGINT) < 0)
1103 return false;
1104 return true;
1105
1106}
1107
72d0e1cb
SG		 1108static bool lxcapi_shutdown(struct lxc_container *c, int timeout)
1109{
1110 bool retv;
1111 pid_t pid;
1112
1113 if (!c)
1114 return false;
1115
1116 if (!timeout)
1117 timeout = -1;
1118 if (!c->is_running(c))
1119 return true;
1120 pid = c->init_pid(c);
1121 if (pid <= 0)
1122 return true;
1123 kill(pid, SIGPWR);
1124 retv = c->wait(c, "STOPPED", timeout);
f6144ed4 1125 if (!retv && timeout > 0) {
72d0e1cb
SG		 1126 c->stop(c);
1127 retv = c->wait(c, "STOPPED", 0); // 0 means don't wait
1128 }
1129 return retv;
1130}
1131
1897e3bc 1132static bool lxcapi_createl(struct lxc_container *c, const char *t,
dc23c1c8 1133 const char *bdevtype, struct bdev_specs *specs, int flags, ...)
72d0e1cb
SG		 1134{
1135 bool bret = false;
1136 char **args = NULL, **temp;
1137 va_list ap;
1138 int nargs = 0;
1139
1140 if (!c)
1141 return false;
1142
1143 /*
1144 * since we're going to wait for create to finish, I don't think we
1145 * need to get a copy of the arguments.
1146 */
dc23c1c8 1147 va_start(ap, flags);
72d0e1cb
SG		 1148 while (1) {
1149 char *arg;
1150 arg = va_arg(ap, char *);
1151 if (!arg)
1152 break;
1153 nargs++;
83cab6e0 1154 temp = realloc(args, (nargs+1) * sizeof(*args));
41670788
SH		 1155 if (!temp) {
1156 va_end(ap);
72d0e1cb 1157 goto out;
41670788 1158 }
72d0e1cb
SG		 1159 args = temp;
1160 args[nargs - 1] = arg;
1161 }
1162 va_end(ap);
63e414f8
SH		 1163 if (args)
1164 args[nargs] = NULL;
72d0e1cb 1165
dc23c1c8 1166 bret = c->create(c, t, bdevtype, specs, flags, args);
72d0e1cb
SG		 1167
1168out:
1169 if (args)
1170 free(args);
1171 return bret;
1172}
1173
12a50cc6 1174static bool lxcapi_clear_config_item(struct lxc_container *c, const char *key)
72d0e1cb
SG		 1175{
1176 int ret;
1177
1178 if (!c || !c->lxc_conf)
1179 return false;
5cee8c50 1180 if (container_mem_lock(c))
72d0e1cb 1181 return false;
72d0e1cb 1182 ret = lxc_clear_config_item(c->lxc_conf, key);
5cee8c50 1183 container_mem_unlock(c);
72d0e1cb
SG		 1184 return ret == 0;
1185}
1186
9c83a661
SG		 1187char** lxcapi_get_ips(struct lxc_container *c, char* interface, char* family, int scope)
1188{
1189 int count = 0;
1190 struct ifaddrs *interfaceArray = NULL, *tempIfAddr = NULL;
1191 char addressOutputBuffer[INET6_ADDRSTRLEN];
1192 void *tempAddrPtr = NULL;
1193 char **addresses = NULL, **temp;
1194 char *address = NULL;
1195 char new_netns_path[MAXPATHLEN];
1196 int old_netns = -1, new_netns = -1, ret = 0;
1197
1198 if (!c->is_running(c))
1199 goto out;
1200
1201 /* Save reference to old netns */
1202 old_netns = open("/proc/self/ns/net", O_RDONLY);
1203 if (old_netns < 0) {
1204 SYSERROR("failed to open /proc/self/ns/net");
1205 goto out;
1206 }
1207
1208 /* Switch to new netns */
1209 ret = snprintf(new_netns_path, MAXPATHLEN, "/proc/%d/ns/net", c->init_pid(c));
1210 if (ret < 0 || ret >= MAXPATHLEN)
1211 goto out;
1212
1213 new_netns = open(new_netns_path, O_RDONLY);
1214 if (new_netns < 0) {
1215 SYSERROR("failed to open %s", new_netns_path);
1216 goto out;
1217 }
1218
1219 if (setns(new_netns, CLONE_NEWNET)) {
1220 SYSERROR("failed to setns");
1221 goto out;
1222 }
1223
1224 /* Grab the list of interfaces */
1225 if (getifaddrs(&interfaceArray)) {
1226 SYSERROR("failed to get interfaces list");
1227 goto out;
1228 }
1229
1230 /* Iterate through the interfaces */
1231 for (tempIfAddr = interfaceArray; tempIfAddr != NULL; tempIfAddr = tempIfAddr->ifa_next) {
1232 if(tempIfAddr->ifa_addr->sa_family == AF_INET) {
1233 if (family && strcmp(family, "inet"))
1234 continue;
1235 tempAddrPtr = &((struct sockaddr_in *)tempIfAddr->ifa_addr)->sin_addr;
1236 }
1237 else {
1238 if (family && strcmp(family, "inet6"))
1239 continue;
1240
1241 if (((struct sockaddr_in6 *)tempIfAddr->ifa_addr)->sin6_scope_id != scope)
1242 continue;
1243
1244 tempAddrPtr = &((struct sockaddr_in6 *)tempIfAddr->ifa_addr)->sin6_addr;
1245 }
1246
1247 if (interface && strcmp(interface, tempIfAddr->ifa_name))
1248 continue;
1249 else if (!interface && strcmp("lo", tempIfAddr->ifa_name) == 0)
1250 continue;
1251
1252 address = (char *)inet_ntop(tempIfAddr->ifa_addr->sa_family,
1253 tempAddrPtr,
1254 addressOutputBuffer,
1255 sizeof(addressOutputBuffer));
1256 if (!address)
1257 continue;
1258
1259 count += 1;
1260 temp = realloc(addresses, count * sizeof(*addresses));
1261 if (!temp) {
1262 count--;
1263 goto out;
1264 }
1265 addresses = temp;
1266 addresses[count - 1] = strdup(address);
1267 }
1268
1269out:
1270 if(interfaceArray)
1271 freeifaddrs(interfaceArray);
1272
1273 /* Switch back to original netns */
1274 if (old_netns >= 0 && setns(old_netns, CLONE_NEWNET))
1275 SYSERROR("failed to setns");
1276 if (new_netns >= 0)
1277 close(new_netns);
1278 if (old_netns >= 0)
1279 close(old_netns);
1280
1281 /* Append NULL to the array */
1282 if (count) {
1283 count++;
1284 temp = realloc(addresses, count * sizeof(*addresses));
1285 if (!temp) {
fca3080f
DE		 1286 int i;
1287 for (i = 0; i < count-1; i++)
9c83a661
SG		 1288 free(addresses[i]);
1289 free(addresses);
1290 return NULL;
1291 }
1292 addresses = temp;
1293 addresses[count - 1] = NULL;
1294 }
1295
1296 return addresses;
1297}
1298
12a50cc6 1299static int lxcapi_get_config_item(struct lxc_container *c, const char *key, char *retv, int inlen)
72d0e1cb
SG		 1300{
1301 int ret;
1302
1303 if (!c || !c->lxc_conf)
1304 return -1;
5cee8c50 1305 if (container_mem_lock(c))
72d0e1cb 1306 return -1;
72d0e1cb 1307 ret = lxc_get_config_item(c->lxc_conf, key, retv, inlen);
5cee8c50 1308 container_mem_unlock(c);
72d0e1cb
SG		 1309 return ret;
1310}
1311
12a50cc6 1312static int lxcapi_get_keys(struct lxc_container *c, const char *key, char *retv, int inlen)
72d0e1cb
SG		 1313{
1314 if (!key)
1315 return lxc_listconfigs(retv, inlen);
1316 /*
1317 * Support 'lxc.network.<idx>', i.e. 'lxc.network.0'
1318 * This is an intelligent result to show which keys are valid given
1319 * the type of nic it is
1320 */
1321 if (!c || !c->lxc_conf)
1322 return -1;
5cee8c50 1323 if (container_mem_lock(c))
72d0e1cb
SG		 1324 return -1;
1325 int ret = -1;
1326 if (strncmp(key, "lxc.network.", 12) == 0)
1327 ret = lxc_list_nicconfigs(c->lxc_conf, key, retv, inlen);
5cee8c50 1328 container_mem_unlock(c);
72d0e1cb
SG		 1329 return ret;
1330}
1331
12a50cc6 1332static bool lxcapi_save_config(struct lxc_container *c, const char *alt_file)
72d0e1cb 1333{
39dc698c
SH		 1334 FILE *fout;
1335 bool ret = false, need_disklock = false;
1336 int lret;
1337
72d0e1cb
SG		 1338 if (!alt_file)
1339 alt_file = c->configfile;
1340 if (!alt_file)
1341 return false; // should we write to stdout if no file is specified?
39dc698c
SH		 1342
1343 // If we haven't yet loaded a config, load the stock config
1344 if (!c->lxc_conf) {
72d0e1cb
SG		 1345 if (!c->load_config(c, LXC_DEFAULT_CONFIG)) {
1346 ERROR("Error loading default configuration file %s while saving %s\n", LXC_DEFAULT_CONFIG, c->name);
1347 return false;
1348 }
39dc698c 1349 }
72d0e1cb 1350
5a3d2e1e
SG		 1351 if (!create_container_dir(c))
1352 return false;
1353
39dc698c
SH		 1354 /*
1355 * If we're writing to the container's config file, take the
1356 * disk lock. Otherwise just take the memlock to protect the
1357 * struct lxc_container while we're traversing it.
1358 */
1359 if (strcmp(c->configfile, alt_file) == 0)
1360 need_disklock = true;
1361
1362 if (need_disklock)
1363 lret = container_disk_lock(c);
1364 else
1365 lret = container_mem_lock(c);
1366
1367 if (lret)
72d0e1cb 1368 return false;
39dc698c
SH		 1369
1370 fout = fopen(alt_file, "w");
1371 if (!fout)
1372 goto out;
72d0e1cb
SG		 1373 write_config(fout, c->lxc_conf);
1374 fclose(fout);
39dc698c
SH		 1375 ret = true;
1376
1377out:
1378 if (need_disklock)
1379 container_disk_unlock(c);
1380 else
1381 container_mem_unlock(c);
1382 return ret;
72d0e1cb
SG		 1383}
1384
60bf62d4 1385// do we want the api to support --force, or leave that to the caller?
72d0e1cb
SG		 1386static bool lxcapi_destroy(struct lxc_container *c)
1387{
1897e3bc 1388 struct bdev *r = NULL;
60bf62d4 1389 bool ret = false;
72d0e1cb 1390
1897e3bc 1391 if (!c || !lxcapi_is_defined(c))
5a3d2e1e
SG		 1392 return false;
1393
3bc449ed 1394 if (container_disk_lock(c))
72d0e1cb 1395 return false;
72d0e1cb 1396
39dc698c 1397 if (!is_stopped(c)) {
60bf62d4
SH		 1398 // we should queue some sort of error - in c->error_string?
1399 ERROR("container %s is not stopped", c->name);
1400 goto out;
72d0e1cb
SG		 1401 }
1402
3bc449ed 1403 if (c->lxc_conf && c->lxc_conf->rootfs.path && c->lxc_conf->rootfs.mount)
1897e3bc 1404 r = bdev_init(c->lxc_conf->rootfs.path, c->lxc_conf->rootfs.mount, NULL);
60bf62d4
SH		 1405 if (r) {
1406 if (r->ops->destroy(r) < 0) {
1407 ERROR("Error destroying rootfs for %s", c->name);
1408 goto out;
1409 }
1410 }
1411
1412 const char *p1 = lxcapi_get_config_path(c);
1413 char *path = alloca(strlen(p1) + strlen(c->name) + 2);
1414 sprintf(path, "%s/%s", p1, c->name);
1415 if (lxc_rmdir_onedev(path) < 0) {
1416 ERROR("Error destroying container directory for %s", c->name);
1417 goto out;
1418 }
1419 ret = true;
1420
1421out:
3bc449ed 1422 container_disk_unlock(c);
60bf62d4 1423 return ret;
72d0e1cb
SG		 1424}
1425
12a50cc6 1426static bool lxcapi_set_config_item(struct lxc_container *c, const char *key, const char *v)
72d0e1cb
SG		 1427{
1428 int ret;
1429 bool b = false;
1430 struct lxc_config_t *config;
1431
1432 if (!c)
1433 return false;
1434
5cee8c50 1435 if (container_mem_lock(c))
72d0e1cb
SG		 1436 return false;
1437
1438 if (!c->lxc_conf)
1439 c->lxc_conf = lxc_conf_init();
1440 if (!c->lxc_conf)
1441 goto err;
1442 config = lxc_getconfig(key);
1443 if (!config)
1444 goto err;
1445 ret = config->cb(key, v, c->lxc_conf);
1446 if (!ret)
1447 b = true;
1448
1449err:
5cee8c50 1450 container_mem_unlock(c);
72d0e1cb
SG		 1451 return b;
1452}
1453
1454static char *lxcapi_config_file_name(struct lxc_container *c)
1455{
1456 if (!c || !c->configfile)
1457 return NULL;
1458 return strdup(c->configfile);
1459}
1460
2a59a681
SH		 1461static const char *lxcapi_get_config_path(struct lxc_container *c)
1462{
1463 if (!c || !c->config_path)
1464 return NULL;
1465 return (const char *)(c->config_path);
1466}
1467
afeecbba
SH		 1468/*
1469 * not for export
1470 * Just recalculate the c->configfile based on the
1471 * c->config_path, which must be set.
1472 * The lxc_container must be locked or not yet public.
1473 */
1474static bool set_config_filename(struct lxc_container *c)
1475{
1476 char *newpath;
1477 int len, ret;
1478
1479 if (!c->config_path)
1480 return false;
1481
1482 /* $lxc_path + "/" + c->name + "/" + "config" + '\0' */
1483 len = strlen(c->config_path) + strlen(c->name) + strlen("config") + 3;
1484 newpath = malloc(len);
1485 if (!newpath)
1486 return false;
1487
1488 ret = snprintf(newpath, len, "%s/%s/config", c->config_path, c->name);
1489 if (ret < 0 || ret >= len) {
1490 fprintf(stderr, "Error printing out config file name\n");
1491 free(newpath);
1492 return false;
1493 }
1494
1495 if (c->configfile)
1496 free(c->configfile);
1497 c->configfile = newpath;
1498
1499 return true;
1500}
1501
2a59a681
SH		 1502static bool lxcapi_set_config_path(struct lxc_container *c, const char *path)
1503{
1504 char *p;
1505 bool b = false;
afeecbba 1506 char *oldpath = NULL;
2a59a681
SH		 1507
1508 if (!c)
1509 return b;
1510
5cee8c50 1511 if (container_mem_lock(c))
2a59a681
SH		 1512 return b;
1513
1514 p = strdup(path);
afeecbba
SH		 1515 if (!p) {
1516 ERROR("Out of memory setting new lxc path");
2a59a681 1517 goto err;
afeecbba
SH		 1518 }
1519
2a59a681
SH		 1520 b = true;
1521 if (c->config_path)
afeecbba 1522 oldpath = c->config_path;
2a59a681 1523 c->config_path = p;
afeecbba
SH		 1524
1525 /* Since we've changed the config path, we have to change the
1526 * config file name too */
1527 if (!set_config_filename(c)) {
1528 ERROR("Out of memory setting new config filename");
1529 b = false;
1530 free(c->config_path);
1531 c->config_path = oldpath;
1532 oldpath = NULL;
1533 }
2a59a681 1534err:
afeecbba
SH		 1535 if (oldpath)
1536 free(oldpath);
5cee8c50 1537 container_mem_unlock(c);
2a59a681
SH		 1538 return b;
1539}
1540
1541
794dd120
SH		 1542static bool lxcapi_set_cgroup_item(struct lxc_container *c, const char *subsys, const char *value)
1543{
1544 int ret;
794dd120
SH		 1545
1546 if (!c)
1547 return false;
1548
3bc449ed 1549 if (is_stopped(c))
794dd120
SH		 1550 return false;
1551
3bc449ed
SH		 1552 if (container_disk_lock(c))
1553 return false;
794dd120 1554
ef091cef 1555 ret = lxc_cgroup_set(c->name, subsys, value, c->config_path);
3bc449ed
SH		 1556
1557 container_disk_unlock(c);
1558 return ret == 0;
794dd120
SH		 1559}
1560
1561static int lxcapi_get_cgroup_item(struct lxc_container *c, const char *subsys, char *retv, int inlen)
1562{
3bc449ed 1563 int ret;
794dd120
SH		 1564
1565 if (!c || !c->lxc_conf)
1566 return -1;
1567
3bc449ed 1568 if (is_stopped(c))
794dd120
SH		 1569 return -1;
1570
3bc449ed
SH		 1571 if (container_disk_lock(c))
1572 return -1;
794dd120 1573
ae5c8b8e 1574 ret = lxc_cgroup_get(c->name, subsys, retv, inlen, c->config_path);
794dd120 1575
3bc449ed 1576 container_disk_unlock(c);
794dd120
SH		 1577 return ret;
1578}
1579
67e571de 1580const char *lxc_get_default_config_path(void)
83c98d82
DE		 1581{
1582 return default_lxc_path();
1583}
794dd120 1584
a8428dfa
SH		 1585const char *lxc_get_default_lvm_vg(void)
1586{
1587 return default_lvm_vg();
1588}
1589
1590const char *lxc_get_default_zfs_root(void)
1591{
1592 return default_zfs_root();
1593}
1594
b6b918a1
SG		 1595const char *lxc_get_version(void)
1596{
1597 return lxc_version();
1598}
1599
9be53773
SH		 1600static int copy_file(char *old, char *new)
1601{
1602 int in, out;
1603 ssize_t len, ret;
1604 char buf[8096];
1605 struct stat sbuf;
1606
1607 if (file_exists(new)) {
1608 ERROR("copy destination %s exists", new);
1609 return -1;
1610 }
1611 ret = stat(old, &sbuf);
1612 if (ret < 0) {
1613 SYSERROR("stat'ing %s", old);
1614 return -1;
1615 }
1616
1617 in = open(old, O_RDONLY);
1618 if (in < 0) {
1619 SYSERROR("opening original file %s", old);
1620 return -1;
1621 }
1622 out = open(new, O_CREAT | O_EXCL | O_WRONLY, 0644);
1623 if (out < 0) {
1624 SYSERROR("opening new file %s", new);
1625 close(in);
1626 return -1;
1627 }
1628
1629 while (1) {
1630 len = read(in, buf, 8096);
1631 if (len < 0) {
1632 SYSERROR("reading old file %s", old);
1633 goto err;
1634 }
1635 if (len == 0)
1636 break;
1637 ret = write(out, buf, len);
1638 if (ret < len) { // should we retry?
1639 SYSERROR("write to new file %s was interrupted", new);
1640 goto err;
1641 }
1642 }
1643 close(in);
1644 close(out);
1645
1646 // we set mode, but not owner/group
1647 ret = chmod(new, sbuf.st_mode);
1648 if (ret) {
1649 SYSERROR("setting mode on %s", new);
1650 return -1;
1651 }
1652
1653 return 0;
1654
1655err:
1656 close(in);
1657 close(out);
1658 return -1;
1659}
1660
1661/*
1662 * we're being passed result of two strstrs(x, y). We want to write
1663 * all data up to the first found string, or to end of the string if
1664 * neither string was found.
1665 * This function will return the earliest found string if any, or else
1666 * NULL
1667 */
1668static const char *lowest_nonnull(const char *p1, const char *p2)
1669{
1670 if (!p1)
1671 return p2;
1672 if (!p2)
1673 return p1;
1674 return p1 < p2 ? p1 : p2;
1675}
1676
1677static int is_word_sep(char c)
1678{
1679 switch(c) {
1680 case '\0':
1681 case '\n':
1682 case '\r':
1683 case '\t':
1684 case ' ':
1685 case '=':
ae3f8cf9
SH		 1686 case '.':
1687 case ',':
1688 case '_':
1689 case '-':
9be53773
SH		 1690 case '/':
1691 return 1;
1692 default: return 0;
1693 }
1694}
1695
3327917f 1696static const char *find_first_wholeword(const char *p0, const char *word)
9be53773 1697{
3327917f
DE		 1698 const char *p = p0;
1699
9be53773
SH		 1700 if (!p)
1701 return NULL;
1702
1703 while ((p = strstr(p, word)) != NULL) {
3327917f
DE		 1704 if ((p == p0 || is_word_sep(*(p-1))) &&
1705 is_word_sep(p[strlen(word)]))
9be53773
SH		 1706 return p;
1707 p++;
1708 }
1709 return NULL;
1710}
1711
1712static int update_name_and_paths(const char *path, struct lxc_container *oldc,
1713 const char *newname, const char *newpath)
1714{
1715 FILE *f;
a7478944 1716 long flen;
9be53773
SH		 1717 char *contents;
1718 const char *p0, *p1, *p2, *end;
1719 const char *oldpath = oldc->get_config_path(oldc);
1720 const char *oldname = oldc->name;
1721
1722 f = fopen(path, "r");
1723 if (!f) {
1724 SYSERROR("opening old config");
1725 return -1;
1726 }
1727 if (fseek(f, 0, SEEK_END) < 0) {
1728 SYSERROR("seeking to end of old config");
1729 fclose(f);
1730 return -1;
1731 }
1732 flen = ftell(f);
1733 if (flen < 0) {
9be53773 1734 SYSERROR("telling size of old config");
3ce74686 1735 fclose(f);
9be53773
SH		 1736 return -1;
1737 }
1738 if (fseek(f, 0, SEEK_SET) < 0) {
9be53773 1739 SYSERROR("rewinding old config");
3ce74686 1740 fclose(f);
9be53773
SH		 1741 return -1;
1742 }
a2eea3c1 1743 contents = malloc(flen+1);
9be53773
SH		 1744 if (!contents) {
1745 SYSERROR("out of memory");
1746 fclose(f);
a2eea3c1 1747 return -1;
9be53773
SH		 1748 }
1749 if (fread(contents, 1, flen, f) != flen) {
3ce74686 1750 SYSERROR("reading old config");
9be53773
SH		 1751 free(contents);
1752 fclose(f);
9be53773
SH		 1753 return -1;
1754 }
a2eea3c1 1755 contents[flen] = '\0';
9be53773 1756 if (fclose(f) < 0) {
9be53773 1757 SYSERROR("closing old config");
3ce74686 1758 free(contents);
9be53773
SH		 1759 return -1;
1760 }
1761
1762 f = fopen(path, "w");
1763 if (!f) {
1764 SYSERROR("reopening config");
1765 free(contents);
1766 return -1;
1767 }
1768
1769 p0 = contents;
1770 end = contents + flen;
1771 while (1) {
1772 p1 = find_first_wholeword(p0, oldpath);
1773 p2 = find_first_wholeword(p0, oldname);
1774 if (!p1 && !p2) {
1775 // write the rest and be done
1776 if (fwrite(p0, 1, (end-p0), f) != (end-p0)) {
1777 SYSERROR("writing new config");
1778 free(contents);
1779 fclose(f);
1780 return -1;
1781 }
1782 free(contents);
1783 fclose(f);
1784 // success
1785 return 0;
1786 } else {
1787 const char *p = lowest_nonnull(p1, p2);
1788 const char *new = (p == p2) ? newname : newpath;
1789 if (fwrite(p0, 1, (p-p0), f) != (p-p0)) {
1790 SYSERROR("writing new config");
1791 free(contents);
1792 fclose(f);
1793 return -1;
1794 }
1795 p0 = p;
1796 // now write the newpath or newname
1797 if (fwrite(new, 1, strlen(new), f) != strlen(new)) {
1798 SYSERROR("writing new name or path in new config");
1799 free(contents);
1800 fclose(f);
1801 return -1;
1802 }
1803 p0 += (p == p2) ? strlen(oldname) : strlen(oldpath);
1804 }
1805 }
1806}
1807
1808static int copyhooks(struct lxc_container *oldc, struct lxc_container *c)
1809{
1810 int i;
1811 int ret;
1812 struct lxc_list *it;
1813
1814 for (i=0; i<NUM_LXC_HOOKS; i++) {
1815 lxc_list_for_each(it, &c->lxc_conf->hooks[i]) {
1816 char *hookname = it->elem;
1817 char *fname = rindex(hookname, '/');
1818 char tmppath[MAXPATHLEN];
1819 if (!fname) // relative path - we don't support, but maybe we should
1820 return 0;
1821 // copy the script, and change the entry in confile
1822 ret = snprintf(tmppath, MAXPATHLEN, "%s/%s/%s",
1823 c->config_path, c->name, fname+1);
1824 if (ret < 0 || ret >= MAXPATHLEN)
1825 return -1;
1826 ret = copy_file(it->elem, tmppath);
1827 if (ret < 0)
1828 return -1;
1829 free(it->elem);
1830 it->elem = strdup(tmppath);
1831 if (!it->elem) {
1832 ERROR("out of memory copying hook path");
1833 return -1;
1834 }
1835 update_name_and_paths(it->elem, oldc, c->name, c->get_config_path(c));
1836 }
1837 }
1838
1839 c->save_config(c, NULL);
1840 return 0;
1841}
1842
1843static void new_hwaddr(char *hwaddr)
1844{
1845 FILE *f = fopen("/dev/urandom", "r");
1846 if (f) {
1847 unsigned int seed;
1848 int ret = fread(&seed, sizeof(seed), 1, f);
1849 if (ret != 1)
1850 seed = time(NULL);
1851 fclose(f);
1852 srand(seed);
1853 } else
1854 srand(time(NULL));
1855 snprintf(hwaddr, 18, "00:16:3e:%02x:%02x:%02x",
1856 rand() % 255, rand() % 255, rand() % 255);
1857}
1858
1859static void network_new_hwaddrs(struct lxc_container *c)
1860{
1861 struct lxc_list *it;
1862
1863 lxc_list_for_each(it, &c->lxc_conf->network) {
1864 struct lxc_netdev *n = it->elem;
1865 if (n->hwaddr)
1866 new_hwaddr(n->hwaddr);
1867 }
1868}
1869
1870static int copy_fstab(struct lxc_container *oldc, struct lxc_container *c)
1871{
1872 char newpath[MAXPATHLEN];
1873 char *oldpath = oldc->lxc_conf->fstab;
1874 int ret;
1875
1876 if (!oldpath)
1877 return 0;
1878
1879 char *p = rindex(oldpath, '/');
1880 if (!p)
1881 return -1;
1882 ret = snprintf(newpath, MAXPATHLEN, "%s/%s%s",
1883 c->config_path, c->name, p);
1884 if (ret < 0 || ret >= MAXPATHLEN) {
1885 ERROR("error printing new path for %s", oldpath);
1886 return -1;
1887 }
1888 if (file_exists(newpath)) {
1889 ERROR("error: fstab file %s exists", newpath);
1890 return -1;
1891 }
1892
1893 if (copy_file(oldpath, newpath) < 0) {
1894 ERROR("error: copying %s to %s", oldpath, newpath);
1895 return -1;
1896 }
1897 free(c->lxc_conf->fstab);
1898 c->lxc_conf->fstab = strdup(newpath);
1899 if (!c->lxc_conf->fstab) {
1900 ERROR("error: allocating pathname");
1901 return -1;
1902 }
1903
1904 return 0;
1905}
1906
1907static int copy_storage(struct lxc_container *c0, struct lxc_container *c,
1908 const char *newtype, int flags, const char *bdevdata, unsigned long newsize)
1909{
1910 struct bdev *bdev;
1911
1912 bdev = bdev_copy(c0->lxc_conf->rootfs.path, c0->name, c->name,
1913 c0->config_path, c->config_path, newtype, !!(flags & LXC_CLONE_SNAPSHOT),
1914 bdevdata, newsize);
1915 if (!bdev) {
1916 ERROR("error copying storage");
1917 return -1;
1918 }
1919 free(c->lxc_conf->rootfs.path);
1920 c->lxc_conf->rootfs.path = strdup(bdev->src);
1921 bdev_put(bdev);
1922 if (!c->lxc_conf->rootfs.path)
1923 return -1;
1924 // here we could also update all lxc.mount.entries or even
1925 // items in the lxc.mount fstab list. As discussed on m-l,
1926 // we could do either any source paths starting with the
1927 // lxcpath/oldname, or simply anythign which is not a virtual
1928 // fs or a bind mount.
1929 return 0;
1930}
1931
1143ed39
DE		 1932static int clone_update_rootfs(struct lxc_container *c0,
1933 struct lxc_container *c, int flags,
1934 char **hookargs)
9be53773
SH		 1935{
1936 int ret = -1;
1937 char path[MAXPATHLEN];
1938 struct bdev *bdev;
1939 FILE *fout;
1940 pid_t pid;
148e91f5 1941 struct lxc_conf *conf = c->lxc_conf;
9be53773
SH		 1942
1943 /* update hostname in rootfs */
1944 /* we're going to mount, so run in a clean namespace to simplify cleanup */
1945
1946 pid = fork();
1947 if (pid < 0)
1948 return -1;
1949 if (pid > 0)
1950 return wait_for_pid(pid);
1951
1952 if (unshare(CLONE_NEWNS) < 0) {
1953 ERROR("error unsharing mounts");
1954 exit(1);
1955 }
1956 bdev = bdev_init(c->lxc_conf->rootfs.path, c->lxc_conf->rootfs.mount, NULL);
1957 if (!bdev)
1958 exit(1);
1959 if (bdev->ops->mount(bdev) < 0)
1960 exit(1);
148e91f5
SH		 1961
1962 if (!lxc_list_empty(&conf->hooks[LXCHOOK_CLONE])) {
1963 /* Start of environment variable setup for hooks */
1143ed39
DE		 1964 if (setenv("LXC_SRC_NAME", c0->name, 1)) {
1965 SYSERROR("failed to set environment variable for source container name");
1966 }
148e91f5
SH		 1967 if (setenv("LXC_NAME", c->name, 1)) {
1968 SYSERROR("failed to set environment variable for container name");
1969 }
1970 if (setenv("LXC_CONFIG_FILE", conf->rcfile, 1)) {
1971 SYSERROR("failed to set environment variable for config path");
1972 }
1973 if (setenv("LXC_ROOTFS_MOUNT", conf->rootfs.mount, 1)) {
1974 SYSERROR("failed to set environment variable for rootfs mount");
1975 }
1976 if (setenv("LXC_ROOTFS_PATH", conf->rootfs.path, 1)) {
1977 SYSERROR("failed to set environment variable for rootfs mount");
1978 }
1979
283678ed 1980 if (run_lxc_hooks(c->name, "clone", conf, c->get_config_path(c), hookargs)) {
148e91f5
SH		 1981 ERROR("Error executing clone hook for %s", c->name);
1982 exit(1);
1983 }
1984 }
1985
1986 if (!(flags & LXC_CLONE_KEEPNAME)) {
1987 ret = snprintf(path, MAXPATHLEN, "%s/etc/hostname", bdev->dest);
1988 if (ret < 0 || ret >= MAXPATHLEN)
1989 exit(1);
1990 if (!(fout = fopen(path, "w"))) {
1991 SYSERROR("unable to open %s: ignoring\n", path);
1992 exit(0);
1993 }
1994 if (fprintf(fout, "%s", c->name) < 0)
1995 exit(1);
1996 if (fclose(fout) < 0)
1997 exit(1);
9be53773 1998 }
9be53773
SH		 1999 exit(0);
2000}
2001
2002/*
2003 * We want to support:
2004sudo lxc-clone -o o1 -n n1 -s -L|-fssize fssize -v|--vgname vgname \
2005 -p|--lvprefix lvprefix -t|--fstype fstype -B backingstore
2006
2007-s [ implies overlayfs]
2008-s -B overlayfs
2009-s -B aufs
2010
2011only rootfs gets converted (copied/snapshotted) on clone.
2012*/
2013
2014static int create_file_dirname(char *path)
2015{
2016 char *p = rindex(path, '/');
2017 int ret;
2018
2019 if (!p)
2020 return -1;
2021 *p = '\0';
2022 ret = mkdir(path, 0755);
2023 if (ret && errno != EEXIST)
2024 SYSERROR("creating container path %s\n", path);
2025 *p = '/';
2026 return ret;
2027}
2028
2029struct lxc_container *lxcapi_clone(struct lxc_container *c, const char *newname,
2030 const char *lxcpath, int flags,
148e91f5
SH		 2031 const char *bdevtype, const char *bdevdata, unsigned long newsize,
2032 char **hookargs)
9be53773
SH		 2033{
2034 struct lxc_container *c2 = NULL;
2035 char newpath[MAXPATHLEN];
176d9acb 2036 int ret, storage_copied = 0;
9be53773
SH		 2037 const char *n, *l;
2038 FILE *fout;
2039
2040 if (!c || !c->is_defined(c))
2041 return NULL;
2042
5cee8c50 2043 if (container_mem_lock(c))
9be53773
SH		 2044 return NULL;
2045
39dc698c 2046 if (!is_stopped(c)) {
9be53773
SH		 2047 ERROR("error: Original container (%s) is running", c->name);
2048 goto out;
2049 }
2050
2051 // Make sure the container doesn't yet exist.
2052 n = newname ? newname : c->name;
2053 l = lxcpath ? lxcpath : c->get_config_path(c);
2054 ret = snprintf(newpath, MAXPATHLEN, "%s/%s/config", l, n);
2055 if (ret < 0 || ret >= MAXPATHLEN) {
2056 SYSERROR("clone: failed making config pathname");
2057 goto out;
2058 }
2059 if (file_exists(newpath)) {
2060 ERROR("error: clone: %s exists", newpath);
2061 goto out;
2062 }
2063
2064 if (create_file_dirname(newpath) < 0) {
2065 ERROR("Error creating container dir for %s", newpath);
2066 goto out;
2067 }
2068
2069 // copy the configuration, tweak it as needed,
2070 fout = fopen(newpath, "w");
2071 if (!fout) {
2072 SYSERROR("open %s", newpath);
2073 goto out;
2074 }
2075 write_config(fout, c->lxc_conf);
2076 fclose(fout);
2077
2078 if (update_name_and_paths(newpath, c, n, l) < 0) {
2079 ERROR("Error updating name in cloned config");
2080 goto out;
2081 }
2082
2083 sprintf(newpath, "%s/%s/rootfs", l, n);
2084 if (mkdir(newpath, 0755) < 0) {
2085 SYSERROR("error creating %s", newpath);
2086 goto out;
2087 }
2088
2089 c2 = lxc_container_new(n, l);
375c2258 2090 if (!c2) {
9be53773
SH		 2091 ERROR("clone: failed to create new container (%s %s)", n, l);
2092 goto out;
2093 }
2094
2095 // copy hooks if requested
2096 if (flags & LXC_CLONE_COPYHOOKS) {
2097 ret = copyhooks(c, c2);
2098 if (ret < 0) {
2099 ERROR("error copying hooks");
9be53773
SH		 2100 goto out;
2101 }
2102 }
2103
2104 if (copy_fstab(c, c2) < 0) {
2105 ERROR("error copying fstab");
9be53773
SH		 2106 goto out;
2107 }
2108
2109 // update macaddrs
2110 if (!(flags & LXC_CLONE_KEEPMACADDR))
2111 network_new_hwaddrs(c2);
2112
2113 // copy/snapshot rootfs's
2114 ret = copy_storage(c, c2, bdevtype, flags, bdevdata, newsize);
375c2258 2115 if (ret < 0)
9be53773 2116 goto out;
9be53773 2117
176d9acb
SH		 2118 // We've now successfully created c2's storage, so clear it out if we
2119 // fail after this
2120 storage_copied = 1;
2121
375c2258 2122 if (!c2->save_config(c2, NULL))
9be53773 2123 goto out;
9be53773 2124
1143ed39 2125 if (clone_update_rootfs(c, c2, flags, hookargs) < 0)
9be53773 2126 goto out;
9be53773
SH		 2127
2128 // TODO: update c's lxc.snapshot = count
5cee8c50 2129 container_mem_unlock(c);
9be53773
SH		 2130 return c2;
2131
2132out:
5cee8c50 2133 container_mem_unlock(c);
375c2258 2134 if (c2) {
176d9acb
SH		 2135 if (!storage_copied)
2136 c2->lxc_conf->rootfs.path = NULL;
375c2258 2137 c2->destroy(c2);
9be53773 2138 lxc_container_put(c2);
375c2258 2139 }
9be53773
SH		 2140
2141 return NULL;
2142}
2143
afeecbba 2144struct lxc_container *lxc_container_new(const char *name, const char *configpath)
72d0e1cb
SG		 2145{
2146 struct lxc_container *c;
72d0e1cb
SG		 2147
2148 c = malloc(sizeof(*c));
2149 if (!c) {
2150 fprintf(stderr, "failed to malloc lxc_container\n");
2151 return NULL;
2152 }
2153 memset(c, 0, sizeof(*c));
2154
afeecbba
SH		 2155 if (configpath)
2156 c->config_path = strdup(configpath);
2157 else
67e571de 2158 c->config_path = strdup(default_lxc_path());
afeecbba 2159
2a59a681
SH		 2160 if (!c->config_path) {
2161 fprintf(stderr, "Out of memory");
2162 goto err;
2163 }
2164
72d0e1cb
SG		 2165 c->name = malloc(strlen(name)+1);
2166 if (!c->name) {
2167 fprintf(stderr, "Error allocating lxc_container name\n");
2168 goto err;
2169 }
2170 strcpy(c->name, name);
2171
2172 c->numthreads = 1;
df271a59 2173 if (!(c->slock = lxc_newlock(c->config_path, name))) {
72d0e1cb
SG		 2174 fprintf(stderr, "failed to create lock\n");
2175 goto err;
2176 }
2177
df271a59 2178 if (!(c->privlock = lxc_newlock(NULL, NULL))) {
72d0e1cb
SG		 2179 fprintf(stderr, "failed to alloc privlock\n");
2180 goto err;
2181 }
2182
afeecbba 2183 if (!set_config_filename(c)) {
72d0e1cb
SG		 2184 fprintf(stderr, "Error allocating config file pathname\n");
2185 goto err;
2186 }
72d0e1cb
SG		 2187
2188 if (file_exists(c->configfile))
2189 lxcapi_load_config(c, NULL);
2190
3e625e2d
SH		 2191 if (ongoing_create(c) == 2) {
2192 ERROR("Error: %s creation was not completed", c->name);
1897e3bc
SH		 2193 lxcapi_destroy(c);
2194 lxc_conf_free(c->lxc_conf);
2195 c->lxc_conf = NULL;
3e625e2d
SH		 2196 }
2197
72d0e1cb
SG		 2198 // assign the member functions
2199 c->is_defined = lxcapi_is_defined;
2200 c->state = lxcapi_state;
2201 c->is_running = lxcapi_is_running;
2202 c->freeze = lxcapi_freeze;
2203 c->unfreeze = lxcapi_unfreeze;
0115f8fd 2204 c->console = lxcapi_console;
b5159817 2205 c->console_getfd = lxcapi_console_getfd;
72d0e1cb
SG		 2206 c->init_pid = lxcapi_init_pid;
2207 c->load_config = lxcapi_load_config;
2208 c->want_daemonize = lxcapi_want_daemonize;
2209 c->start = lxcapi_start;
2210 c->startl = lxcapi_startl;
2211 c->stop = lxcapi_stop;
2212 c->config_file_name = lxcapi_config_file_name;
2213 c->wait = lxcapi_wait;
2214 c->set_config_item = lxcapi_set_config_item;
2215 c->destroy = lxcapi_destroy;
2216 c->save_config = lxcapi_save_config;
2217 c->get_keys = lxcapi_get_keys;
2218 c->create = lxcapi_create;
2219 c->createl = lxcapi_createl;
2220 c->shutdown = lxcapi_shutdown;
3e625e2d 2221 c->reboot = lxcapi_reboot;
72d0e1cb
SG		 2222 c->clear_config_item = lxcapi_clear_config_item;
2223 c->get_config_item = lxcapi_get_config_item;
794dd120
SH		 2224 c->get_cgroup_item = lxcapi_get_cgroup_item;
2225 c->set_cgroup_item = lxcapi_set_cgroup_item;
2a59a681
SH		 2226 c->get_config_path = lxcapi_get_config_path;
2227 c->set_config_path = lxcapi_set_config_path;
9be53773 2228 c->clone = lxcapi_clone;
9c83a661 2229 c->get_ips = lxcapi_get_ips;
72d0e1cb
SG		 2230
2231 /* we'll allow the caller to update these later */
ab1bf971 2232 if (lxc_log_init(NULL, "none", NULL, "lxc_container", 0, c->config_path)) {
72d0e1cb
SG		 2233 fprintf(stderr, "failed to open log\n");
2234 goto err;
2235 }
2236
72d0e1cb
SG		 2237 return c;
2238
2239err:
2240 lxc_container_free(c);
2241 return NULL;
2242}
2243
4a7c7daa 2244int lxc_get_wait_states(const char **states)
72d0e1cb
SG		 2245{
2246 int i;
2247
2248 if (states)
2249 for (i=0; i<MAX_STATE; i++)
2250 states[i] = lxc_state2str(i);
2251 return MAX_STATE;
2252}
LXC mirror