]> git.proxmox.com Git - mirror_iproute2.git/blob - ip/ipnetns.c
projects / mirror_iproute2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
ip netns: Delete all netns
[mirror_iproute2.git] / ip / ipnetns.c
1 #define _ATFILE_SOURCE
2 #include <sys/types.h>
3 #include <sys/stat.h>
4 #include <sys/wait.h>
5 #include <sys/inotify.h>
6 #include <sys/mount.h>
7 #include <sys/param.h>
8 #include <sys/syscall.h>
9 #include <stdio.h>
10 #include <string.h>
11 #include <sched.h>
12 #include <fcntl.h>
13 #include <dirent.h>
14 #include <errno.h>
15 #include <unistd.h>
16 #include <ctype.h>
17
18 #include "utils.h"
19 #include "ip_common.h"
20 #include "namespace.h"
21
22 static int usage(void)
23 {
24 fprintf(stderr, "Usage: ip netns list\n");
25 fprintf(stderr, " ip netns add NAME\n");
26 fprintf(stderr, " ip [-all] netns delete [NAME]\n");
27 fprintf(stderr, " ip netns identify [PID]\n");
28 fprintf(stderr, " ip netns pids NAME\n");
29 fprintf(stderr, " ip [-all] netns exec [NAME] cmd ...\n");
30 fprintf(stderr, " ip netns monitor\n");
31 exit(-1);
32 }
33
34 static int netns_list(int argc, char **argv)
35 {
36 struct dirent *entry;
37 DIR *dir;
38
39 dir = opendir(NETNS_RUN_DIR);
40 if (!dir)
41 return 0;
42
43 while ((entry = readdir(dir)) != NULL) {
44 if (strcmp(entry->d_name, ".") == 0)
45 continue;
46 if (strcmp(entry->d_name, "..") == 0)
47 continue;
48 printf("%s\n", entry->d_name);
49 }
50 closedir(dir);
51 return 0;
52 }
53
54 static int cmd_exec(const char *cmd, char **argv, bool do_fork)
55 {
56 fflush(stdout);
57 if (do_fork) {
58 int status;
59 pid_t pid;
60
61 pid = fork();
62 if (pid < 0) {
63 perror("fork");
64 exit(1);
65 }
66
67 if (pid != 0) {
68 /* Parent */
69 if (waitpid(pid, &status, 0) < 0) {
70 perror("waitpid");
71 exit(1);
72 }
73
74 if (WIFEXITED(status)) {
75 return WEXITSTATUS(status);
76 }
77
78 exit(1);
79 }
80 }
81
82 if (execvp(cmd, argv) < 0)
83 fprintf(stderr, "exec of \"%s\" failed: %s\n",
84 cmd, strerror(errno));
85 _exit(1);
86 }
87
88 static int on_netns_exec(char *nsname, void *arg)
89 {
90 char **argv = arg;
91 cmd_exec(argv[1], argv + 1, true);
92 return 0;
93 }
94
95 static int netns_exec(int argc, char **argv)
96 {
97 /* Setup the proper environment for apps that are not netns
98 * aware, and execute a program in that environment.
99 */
100 const char *cmd;
101
102 if (argc < 1 && !do_all) {
103 fprintf(stderr, "No netns name specified\n");
104 return -1;
105 }
106 if ((argc < 2 && !do_all) || (argc < 1 && do_all)) {
107 fprintf(stderr, "No command specified\n");
108 return -1;
109 }
110
111 if (do_all)
112 return do_each_netns(on_netns_exec, --argv, 1);
113
114 if (netns_switch(argv[0]))
115 return -1;
116
117 /* ip must return the status of the child,
118 * but do_cmd() will add a minus to this,
119 * so let's add another one here to cancel it.
120 */
121 cmd = argv[1];
122 return -cmd_exec(cmd, argv + 1, !!batch_mode);
123 }
124
125 static int is_pid(const char *str)
126 {
127 int ch;
128 for (; (ch = *str); str++) {
129 if (!isdigit(ch))
130 return 0;
131 }
132 return 1;
133 }
134
135 static int netns_pids(int argc, char **argv)
136 {
137 const char *name;
138 char net_path[MAXPATHLEN];
139 int netns;
140 struct stat netst;
141 DIR *dir;
142 struct dirent *entry;
143
144 if (argc < 1) {
145 fprintf(stderr, "No netns name specified\n");
146 return -1;
147 }
148 if (argc > 1) {
149 fprintf(stderr, "extra arguments specified\n");
150 return -1;
151 }
152
153 name = argv[0];
154 snprintf(net_path, sizeof(net_path), "%s/%s", NETNS_RUN_DIR, name);
155 netns = open(net_path, O_RDONLY);
156 if (netns < 0) {
157 fprintf(stderr, "Cannot open network namespace: %s\n",
158 strerror(errno));
159 return -1;
160 }
161 if (fstat(netns, &netst) < 0) {
162 fprintf(stderr, "Stat of netns failed: %s\n",
163 strerror(errno));
164 return -1;
165 }
166 dir = opendir("/proc/");
167 if (!dir) {
168 fprintf(stderr, "Open of /proc failed: %s\n",
169 strerror(errno));
170 return -1;
171 }
172 while((entry = readdir(dir))) {
173 char pid_net_path[MAXPATHLEN];
174 struct stat st;
175 if (!is_pid(entry->d_name))
176 continue;
177 snprintf(pid_net_path, sizeof(pid_net_path), "/proc/%s/ns/net",
178 entry->d_name);
179 if (stat(pid_net_path, &st) != 0)
180 continue;
181 if ((st.st_dev == netst.st_dev) &&
182 (st.st_ino == netst.st_ino)) {
183 printf("%s\n", entry->d_name);
184 }
185 }
186 closedir(dir);
187 return 0;
188
189 }
190
191 static int netns_identify(int argc, char **argv)
192 {
193 const char *pidstr;
194 char net_path[MAXPATHLEN];
195 int netns;
196 struct stat netst;
197 DIR *dir;
198 struct dirent *entry;
199
200 if (argc < 1) {
201 pidstr = "self";
202 } else if (argc > 1) {
203 fprintf(stderr, "extra arguments specified\n");
204 return -1;
205 } else {
206 pidstr = argv[0];
207 if (!is_pid(pidstr)) {
208 fprintf(stderr, "Specified string '%s' is not a pid\n",
209 pidstr);
210 return -1;
211 }
212 }
213
214 snprintf(net_path, sizeof(net_path), "/proc/%s/ns/net", pidstr);
215 netns = open(net_path, O_RDONLY);
216 if (netns < 0) {
217 fprintf(stderr, "Cannot open network namespace: %s\n",
218 strerror(errno));
219 return -1;
220 }
221 if (fstat(netns, &netst) < 0) {
222 fprintf(stderr, "Stat of netns failed: %s\n",
223 strerror(errno));
224 return -1;
225 }
226 dir = opendir(NETNS_RUN_DIR);
227 if (!dir) {
228 /* Succeed treat a missing directory as an empty directory */
229 if (errno == ENOENT)
230 return 0;
231
232 fprintf(stderr, "Failed to open directory %s:%s\n",
233 NETNS_RUN_DIR, strerror(errno));
234 return -1;
235 }
236
237 while((entry = readdir(dir))) {
238 char name_path[MAXPATHLEN];
239 struct stat st;
240
241 if (strcmp(entry->d_name, ".") == 0)
242 continue;
243 if (strcmp(entry->d_name, "..") == 0)
244 continue;
245
246 snprintf(name_path, sizeof(name_path), "%s/%s", NETNS_RUN_DIR,
247 entry->d_name);
248
249 if (stat(name_path, &st) != 0)
250 continue;
251
252 if ((st.st_dev == netst.st_dev) &&
253 (st.st_ino == netst.st_ino)) {
254 printf("%s\n", entry->d_name);
255 }
256 }
257 closedir(dir);
258 return 0;
259
260 }
261
262 static int on_netns_del(char *nsname, void *arg)
263 {
264 char netns_path[MAXPATHLEN];
265
266 snprintf(netns_path, sizeof(netns_path), "%s/%s", NETNS_RUN_DIR, nsname);
267 umount2(netns_path, MNT_DETACH);
268 if (unlink(netns_path) < 0) {
269 fprintf(stderr, "Cannot remove namespace file \"%s\": %s\n",
270 netns_path, strerror(errno));
271 return -1;
272 }
273 return 0;
274 }
275
276 static int netns_delete(int argc, char **argv)
277 {
278 if (argc < 1 && !do_all) {
279 fprintf(stderr, "No netns name specified\n");
280 return -1;
281 }
282
283 if (do_all)
284 return netns_foreach(on_netns_del, NULL);
285
286 return on_netns_del(argv[0], NULL);
287 }
288
289 static int create_netns_dir(void)
290 {
291 /* Create the base netns directory if it doesn't exist */
292 if (mkdir(NETNS_RUN_DIR, S_IRWXU|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH)) {
293 if (errno != EEXIST) {
294 fprintf(stderr, "mkdir %s failed: %s\n",
295 NETNS_RUN_DIR, strerror(errno));
296 return -1;
297 }
298 }
299
300 return 0;
301 }
302
303 static int netns_add(int argc, char **argv)
304 {
305 /* This function creates a new network namespace and
306 * a new mount namespace and bind them into a well known
307 * location in the filesystem based on the name provided.
308 *
309 * The mount namespace is created so that any necessary
310 * userspace tweaks like remounting /sys, or bind mounting
311 * a new /etc/resolv.conf can be shared between uers.
312 */
313 char netns_path[MAXPATHLEN];
314 const char *name;
315 int fd;
316 int made_netns_run_dir_mount = 0;
317
318 if (argc < 1) {
319 fprintf(stderr, "No netns name specified\n");
320 return -1;
321 }
322 name = argv[0];
323
324 snprintf(netns_path, sizeof(netns_path), "%s/%s", NETNS_RUN_DIR, name);
325
326 if (create_netns_dir())
327 return -1;
328
329 /* Make it possible for network namespace mounts to propagate between
330 * mount namespaces. This makes it likely that a unmounting a network
331 * namespace file in one namespace will unmount the network namespace
332 * file in all namespaces allowing the network namespace to be freed
333 * sooner.
334 */
335 while (mount("", NETNS_RUN_DIR, "none", MS_SHARED | MS_REC, NULL)) {
336 /* Fail unless we need to make the mount point */
337 if (errno != EINVAL || made_netns_run_dir_mount) {
338 fprintf(stderr, "mount --make-shared %s failed: %s\n",
339 NETNS_RUN_DIR, strerror(errno));
340 return -1;
341 }
342
343 /* Upgrade NETNS_RUN_DIR to a mount point */
344 if (mount(NETNS_RUN_DIR, NETNS_RUN_DIR, "none", MS_BIND, NULL)) {
345 fprintf(stderr, "mount --bind %s %s failed: %s\n",
346 NETNS_RUN_DIR, NETNS_RUN_DIR, strerror(errno));
347 return -1;
348 }
349 made_netns_run_dir_mount = 1;
350 }
351
352 /* Create the filesystem state */
353 fd = open(netns_path, O_RDONLY|O_CREAT|O_EXCL, 0);
354 if (fd < 0) {
355 fprintf(stderr, "Cannot create namespace file \"%s\": %s\n",
356 netns_path, strerror(errno));
357 return -1;
358 }
359 close(fd);
360 if (unshare(CLONE_NEWNET) < 0) {
361 fprintf(stderr, "Failed to create a new network namespace \"%s\": %s\n",
362 name, strerror(errno));
363 goto out_delete;
364 }
365
366 /* Bind the netns last so I can watch for it */
367 if (mount("/proc/self/ns/net", netns_path, "none", MS_BIND, NULL) < 0) {
368 fprintf(stderr, "Bind /proc/self/ns/net -> %s failed: %s\n",
369 netns_path, strerror(errno));
370 goto out_delete;
371 }
372 return 0;
373 out_delete:
374 netns_delete(argc, argv);
375 return -1;
376 }
377
378
379 static int netns_monitor(int argc, char **argv)
380 {
381 char buf[4096];
382 struct inotify_event *event;
383 int fd;
384 fd = inotify_init();
385 if (fd < 0) {
386 fprintf(stderr, "inotify_init failed: %s\n",
387 strerror(errno));
388 return -1;
389 }
390
391 if (create_netns_dir())
392 return -1;
393
394 if (inotify_add_watch(fd, NETNS_RUN_DIR, IN_CREATE | IN_DELETE) < 0) {
395 fprintf(stderr, "inotify_add_watch failed: %s\n",
396 strerror(errno));
397 return -1;
398 }
399 for(;;) {
400 ssize_t len = read(fd, buf, sizeof(buf));
401 if (len < 0) {
402 fprintf(stderr, "read failed: %s\n",
403 strerror(errno));
404 return -1;
405 }
406 for (event = (struct inotify_event *)buf;
407 (char *)event < &buf[len];
408 event = (struct inotify_event *)((char *)event + sizeof(*event) + event->len)) {
409 if (event->mask & IN_CREATE)
410 printf("add %s\n", event->name);
411 if (event->mask & IN_DELETE)
412 printf("delete %s\n", event->name);
413 }
414 }
415 return 0;
416 }
417
418 int do_netns(int argc, char **argv)
419 {
420 if (argc < 1)
421 return netns_list(0, NULL);
422
423 if ((matches(*argv, "list") == 0) || (matches(*argv, "show") == 0) ||
424 (matches(*argv, "lst") == 0))
425 return netns_list(argc-1, argv+1);
426
427 if (matches(*argv, "help") == 0)
428 return usage();
429
430 if (matches(*argv, "add") == 0)
431 return netns_add(argc-1, argv+1);
432
433 if (matches(*argv, "delete") == 0)
434 return netns_delete(argc-1, argv+1);
435
436 if (matches(*argv, "identify") == 0)
437 return netns_identify(argc-1, argv+1);
438
439 if (matches(*argv, "pids") == 0)
440 return netns_pids(argc-1, argv+1);
441
442 if (matches(*argv, "exec") == 0)
443 return netns_exec(argc-1, argv+1);
444
445 if (matches(*argv, "monitor") == 0)
446 return netns_monitor(argc-1, argv+1);
447
448 fprintf(stderr, "Command \"%s\" is unknown, try \"ip netns help\".\n", *argv);
449 exit(-1);
450 }
Upstream mirror of iproute2