]> git.proxmox.com Git - pve-container.git/blob - src/PVE/LXC/Setup/Debian.pm
projects / pve-container.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
setup/debian: guard ipv4 output
[pve-container.git] / src / PVE / LXC / Setup / Debian.pm
1 package PVE::LXC::Setup::Debian;
2
3 use strict;
4 use warnings;
5 use Data::Dumper;
6 use PVE::Tools qw($IPV6RE);
7 use PVE::LXC;
8 use File::Path;
9
10 use PVE::LXC::Setup::Base;
11
12 use base qw(PVE::LXC::Setup::Base);
13
14 sub new {
15 my ($class, $conf, $rootdir) = @_;
16
17 my $version = PVE::Tools::file_read_firstline("$rootdir/etc/debian_version");
18
19 die "unable to read version info\n" if !defined($version);
20
21 die "unable to parse version info\n"
22 if $version !~ m/^(\d+(\.\d+)?)(\.\d+)?/;
23
24 $version = $1;
25
26 die "unsupported debian version '$version'\n"
27 if !($version >= 4 && $version < 9);
28
29 my $self = { conf => $conf, rootdir => $rootdir, version => $version };
30
31 $conf->{ostype} = "debian";
32
33 return bless $self, $class;
34 }
35
36 sub setup_init {
37 my ($self, $conf) = @_;
38
39 my $filename = "/etc/inittab";
40 return if !$self->ct_file_exists($filename);
41
42 my $ttycount = PVE::LXC::get_tty_count($conf);
43 my $inittab = $self->ct_file_get_contents($filename);
44
45 my @lines = grep {
46 # remove getty lines
47 !/^\s*\d+:\d+:[^:]*:.*getty/ &&
48 # remove power lines
49 !/^\s*p[fno0]:/
50 } split(/\n/, $inittab);
51
52 $inittab = join("\n", @lines) . "\n";
53
54 $inittab .= "p0::powerfail:/sbin/init 0\n";
55
56 my $version = $self->{version};
57 for (my $id = 1; $id <= $ttycount; $id++) {
58 next if $id == 7; # reserved for X11
59 my $levels = ($id == 1) ? '2345' : '23';
60 if ($version < 7) {
61 $inittab .= "$id:$levels:respawn:/sbin/getty -L 38400 tty$id\n";
62 } else {
63 $inittab .= "$id:$levels:respawn:/sbin/getty --noclear 38400 tty$id\n";
64 }
65 }
66
67 $self->ct_file_set_contents($filename, $inittab);
68 }
69
70 sub setup_network {
71 my ($self, $conf) = @_;
72
73 my $networks = {};
74 foreach my $k (keys %$conf) {
75 next if $k !~ m/^net(\d+)$/;
76 my $ind = $1;
77 my $d = PVE::LXC::parse_lxc_network($conf->{$k});
78 if ($d->{name}) {
79 my $net = {};
80 if (defined($d->{ip})) {
81 if ($d->{ip} =~ /^(?:dhcp|manual)$/) {
82 $net->{address} = $d->{ip};
83 } else {
84 my $ipinfo = PVE::LXC::parse_ipv4_cidr($d->{ip});
85 $net->{address} = $ipinfo->{address};
86 $net->{netmask} = $ipinfo->{netmask};
87 }
88 }
89 if (defined($d->{'gw'})) {
90 $net->{gateway} = $d->{'gw'};
91 }
92 if (defined($d->{ip6})) {
93 if ($d->{ip6} =~ /^(?:auto|dhcp|manual)$/) {
94 $net->{address6} = $d->{ip6};
95 } elsif ($d->{ip6} !~ /^($IPV6RE)\/(\d+)$/) {
96 die "unable to parse ipv6 address/prefix\n";
97 } else {
98 $net->{address6} = $1;
99 $net->{netmask6} = $2;
100 }
101 }
102 if (defined($d->{'gw6'})) {
103 $net->{gateway6} = $d->{'gw6'};
104 }
105 $networks->{$d->{name}} = $net if keys %$net;
106 }
107 }
108
109 return if !scalar(keys %$networks);
110
111 my $filename = "/etc/network/interfaces";
112 my $interfaces = "";
113
114 my $section;
115
116 my $done_auto = {};
117 my $done_v4_hash = {};
118 my $done_v6_hash = {};
119
120 my $print_section = sub {
121 my ($new) = @_;
122
123 return if !$section;
124
125 my $net = $networks->{$section->{ifname}};
126
127 if ($new && !$done_auto->{$section->{ifname}}) {
128 $interfaces .= "auto $section->{ifname}\n";
129 $done_auto->{$section->{ifname}} = 1;
130 }
131
132 if ($section->{type} eq 'ipv4') {
133 $done_v4_hash->{$section->{ifname}} = 1;
134
135 if ($net->{address} =~ /^(dhcp|manual)$/) {
136 $interfaces .= "iface $section->{ifname} inet $1\n";
137 } else {
138 $interfaces .= "iface $section->{ifname} inet static\n";
139 $interfaces .= "\taddress $net->{address}\n" if defined($net->{address});
140 $interfaces .= "\tnetmask $net->{netmask}\n" if defined($net->{netmask});
141 $interfaces .= "\tgateway $net->{gateway}\n" if defined($net->{gateway});
142 foreach my $attr (@{$section->{attr}}) {
143 $interfaces .= "\t$attr\n";
144 }
145 }
146
147 $interfaces .= "\n";
148
149 } elsif ($section->{type} eq 'ipv6') {
150 $done_v6_hash->{$section->{ifname}} = 1;
151
152 if ($net->{address6} =~ /^(auto|dhcp|manual)$/) {
153 $interfaces .= "iface $section->{ifname} inet6 $1\n";
154 } else {
155 $interfaces .= "iface $section->{ifname} inet6 static\n";
156 $interfaces .= "\taddress $net->{address6}\n" if defined($net->{address6});
157 $interfaces .= "\tnetmask $net->{netmask6}\n" if defined($net->{netmask6});
158 $interfaces .= "\tgateway $net->{gateway6}\n" if defined($net->{gateway6});
159 foreach my $attr (@{$section->{attr}}) {
160 $interfaces .= "\t$attr\n";
161 }
162 }
163
164 $interfaces .= "\n";
165 } else {
166 die "unknown section type '$section->{type}'";
167 }
168
169 $section = undef;
170 };
171
172 if (my $fh = $self->ct_open_file($filename, "r")) {
173 while (defined (my $line = <$fh>)) {
174 chomp $line;
175 if ($line =~ m/^#/) {
176 $interfaces .= "$line\n";
177 next;
178 }
179 if ($line =~ m/^\s*$/) {
180 if ($section) {
181 &$print_section();
182 } else {
183 $interfaces .= "$line\n";
184 }
185 next;
186 }
187 if ($line =~ m/^\s*iface\s+(\S+)\s+inet\s+(\S+)\s*$/) {
188 my $ifname = $1;
189 &$print_section(); # print previous section
190 if (!$networks->{$ifname}) {
191 $interfaces .= "$line\n";
192 next;
193 }
194 $section = { type => 'ipv4', ifname => $ifname, attr => []};
195 next;
196 }
197 if ($line =~ m/^\s*iface\s+(\S+)\s+inet6\s+(\S+)\s*$/) {
198 my $ifname = $1;
199 &$print_section(); # print previous section
200 if (!$networks->{$ifname}) {
201 $interfaces .= "$line\n";
202 next;
203 }
204 $section = { type => 'ipv6', ifname => $ifname, attr => []};
205 next;
206 }
207 # Handle 'auto'
208 if ($line =~ m/^\s*auto\s*(.*)$/) {
209 foreach my $iface (split(/\s+/, $1)) {
210 $done_auto->{$iface} = 1;
211 }
212 &$print_section();
213 $interfaces .= "$line\n";
214 next;
215 }
216 # Handle other section delimiters:
217 if ($line =~ m/^\s*(?:mapping\s
218 |allow-
219 |source\s
220 |source-directory\s
221 )/x) {
222 &$print_section();
223 $interfaces .= "$line\n";
224 next;
225 }
226 if ($section && $line =~ m/^\s*((\S+)\s(.*))$/) {
227 my ($adata, $aname) = ($1, $2);
228 if ($aname eq 'address' || $aname eq 'netmask' ||
229 $aname eq 'gateway' || $aname eq 'broadcast') {
230 # skip
231 } else {
232 push @{$section->{attr}}, $adata;
233 }
234 next;
235 }
236
237 $interfaces .= "$line\n";
238 }
239 &$print_section();
240
241 }
242
243 my $need_separator = length($interfaces) && ($interfaces !~ /\n\n$/);
244 foreach my $ifname (sort keys %$networks) {
245 my $net = $networks->{$ifname};
246
247 if (!$done_v4_hash->{$ifname} && defined($net->{address})) {
248 if ($need_separator) { $interfaces .= "\n"; $need_separator = 0; };
249 $section = { type => 'ipv4', ifname => $ifname, attr => []};
250 &$print_section(1);
251 }
252 if (!$done_v6_hash->{$ifname} && defined($net->{address6})) {
253 if ($need_separator) { $interfaces .= "\n"; $need_separator = 0; };
254 $section = { type => 'ipv6', ifname => $ifname, attr => []};
255 &$print_section(1);
256 }
257 }
258
259 $self->ct_file_set_contents($filename, $interfaces);
260 }
261
262 1;
PVE Container Toolkit