src/lxc/conf.h

   1 /*
   2  * lxc: linux Container library
   3  *
   4  * (C) Copyright IBM Corp. 2007, 2008
   5  *
   6  * Authors:
   7  * Daniel Lezcano <dlezcano at fr.ibm.com>
   8  *
   9  * This library is free software; you can redistribute it and/or
  10  * modify it under the terms of the GNU Lesser General Public
  11  * License as published by the Free Software Foundation; either
  12  * version 2.1 of the License, or (at your option) any later version.
  13  *
  14  * This library is distributed in the hope that it will be useful,
  15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  17  * Lesser General Public License for more details.
  18  *
  19  * You should have received a copy of the GNU Lesser General Public
  20  * License along with this library; if not, write to the Free Software
  21  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
  22  */
  23 #ifndef _conf_h
  24 #define _conf_h
  25
  26 #include <netinet/in.h>
  27 #include <net/if.h>
  28 #include <sys/param.h>
  29 #include <stdbool.h>
  30
  31 #include <lxc/list.h>
  32
  33 #include <lxc/start.h> /* for lxc_handler */
  34
  35 #if HAVE_SCMP_FILTER_CTX
  36 typedef void * scmp_filter_ctx;
  37 #endif
  38
  39 enum {
  40         LXC_NET_EMPTY,
  41         LXC_NET_VETH,
  42         LXC_NET_MACVLAN,
  43         LXC_NET_PHYS,
  44         LXC_NET_VLAN,
  45         LXC_NET_MAXCONFTYPE,
  46 };
  47
  48 /*
  49  * Defines the structure to configure an ipv4 address
  50  * @address   : ipv4 address
  51  * @broadcast : ipv4 broadcast address
  52  * @mask      : network mask
  53  */
  54 struct lxc_inetdev {
  55         struct in_addr addr;
  56         struct in_addr bcast;
  57         int prefix;
  58 };
  59
  60 struct lxc_route {
  61         struct in_addr addr;
  62 };
  63
  64 /*
  65  * Defines the structure to configure an ipv6 address
  66  * @flags     : set the address up
  67  * @address   : ipv6 address
  68  * @broadcast : ipv6 broadcast address
  69  * @mask      : network mask
  70  */
  71 struct lxc_inet6dev {
  72         struct in6_addr addr;
  73         struct in6_addr mcast;
  74         struct in6_addr acast;
  75         int prefix;
  76 };
  77
  78 struct lxc_route6 {
  79         struct in6_addr addr;
  80 };
  81
  82 struct ifla_veth {
  83         char *pair; /* pair name */
  84         char veth1[IFNAMSIZ]; /* needed for deconf */
  85 };
  86
  87 struct ifla_vlan {
  88         uint   flags;
  89         uint   fmask;
  90         ushort   vid;
  91         ushort   pad;
  92 };
  93
  94 struct ifla_macvlan {
  95         int mode; /* private, vepa, bridge */
  96 };
  97
  98 union netdev_p {
  99         struct ifla_veth veth_attr;
 100         struct ifla_vlan vlan_attr;
 101         struct ifla_macvlan macvlan_attr;
 102 };
 103
 104 /*
 105  * Defines a structure to configure a network device
 106  * @link       : lxc.network.link, name of bridge or host iface to attach if any
 107  * @name       : lxc.network.name, name of iface on the container side
 108  * @flags      : flag of the network device (IFF_UP, ... )
 109  * @ipv4       : a list of ipv4 addresses to be set on the network device
 110  * @ipv6       : a list of ipv6 addresses to be set on the network device
 111  * @upscript   : a script filename to be executed during interface configuration
 112  * @downscript : a script filename to be executed during interface destruction
 113  */
 114 struct lxc_netdev {
 115         int type;
 116         int flags;
 117         int ifindex;
 118         char *link;
 119         char *name;
 120         char *hwaddr;
 121         char *mtu;
 122         union netdev_p priv;
 123         struct lxc_list ipv4;
 124         struct lxc_list ipv6;
 125         struct in_addr *ipv4_gateway;
 126         bool ipv4_gateway_auto;
 127         struct in6_addr *ipv6_gateway;
 128         bool ipv6_gateway_auto;
 129         char *upscript;
 130         char *downscript;
 131 };
 132
 133 /*
 134  * Defines a generic struct to configure the control group.
 135  * It is up to the programmer to specify the right subsystem.
 136  * @subsystem : the targetted subsystem
 137  * @value     : the value to set
 138  */
 139 struct lxc_cgroup {
 140         char *subsystem;
 141         char *value;
 142 };
 143
 144 /*
 145  * Defines a structure containing a pty information for
 146  * virtualizing a tty
 147  * @name   : the path name of the slave pty side
 148  * @master : the file descriptor of the master
 149  * @slave  : the file descriptor of the slave
 150  */
 151 struct lxc_pty_info {
 152         char name[MAXPATHLEN];
 153         int master;
 154         int slave;
 155         int busy;
 156 };
 157
 158 /*
 159  * Defines the number of tty configured and contains the
 160  * instanciated ptys
 161  * @nbtty = number of configured ttys
 162  */
 163 struct lxc_tty_info {
 164         int nbtty;
 165         struct lxc_pty_info *pty_info;
 166 };
 167
 168 /*
 169  * Defines the structure to store the console information
 170  * @peer   : the file descriptor put/get console traffic
 171  * @name   : the file name of the slave pty
 172  */
 173 struct lxc_console {
 174         int slave;
 175         int master;
 176         int peer;
 177         char *path;
 178         char name[MAXPATHLEN];
 179         struct termios *tios;
 180 };
 181
 182 /*
 183  * Defines a structure to store the rootfs location, the
 184  * optionals pivot_root, rootfs mount paths
 185  * @rootfs     : a path to the rootfs
 186  * @pivot_root : a path to a pivot_root location to be used
 187  */
 188 struct lxc_rootfs {
 189         char *path;
 190         char *mount;
 191         char *pivot;
 192 };
 193
 194 /*
 195  * Defines the global container configuration
 196  * @rootfs     : root directory to run the container
 197  * @pivotdir   : pivotdir path, if not set default will be used
 198  * @mount      : list of mount points
 199  * @tty        : numbers of tty
 200  * @pts        : new pts instance
 201  * @mount_list : list of mount point (alternative to fstab file)
 202  * @network    : network configuration
 203  * @utsname    : container utsname
 204  * @fstab      : path to a fstab file format
 205  * @caps       : list of the capabilities
 206  * @tty_info   : tty data
 207  * @console    : console data
 208  * @ttydir     : directory (under /dev) in which to create console and ttys
 209 #if HAVE_APPARMOR
 210  * @aa_profile : apparmor profile to switch to
 211 #endif
 212  */
 213 enum lxchooks {
 214         LXCHOOK_PRESTART, LXCHOOK_PREMOUNT, LXCHOOK_MOUNT, LXCHOOK_START,
 215         LXCHOOK_POSTSTOP, NUM_LXC_HOOKS};
 216 extern char *lxchook_names[NUM_LXC_HOOKS];
 217
 218 struct saved_nic {
 219         int ifindex;
 220         char *orig_name;
 221 };
 222
 223 struct lxc_conf {
 224         char *fstab;
 225         int tty;
 226         int pts;
 227         int reboot;
 228         int need_utmp_watch;
 229         int personality;
 230         struct utsname *utsname;
 231         struct lxc_list cgroup;
 232         struct lxc_list network;
 233         struct saved_nic *saved_nics;
 234         int num_savednics;
 235         struct lxc_list mount_list;
 236         struct lxc_list caps;
 237         struct lxc_tty_info tty_info;
 238         struct lxc_console console;
 239         struct lxc_rootfs rootfs;
 240         char *ttydir;
 241         int close_all_fds;
 242         struct lxc_list hooks[NUM_LXC_HOOKS];
 243 #if HAVE_APPARMOR
 244         char *aa_profile;
 245 #endif
 246         char *logfile;
 247         int loglevel;
 248
 249 #if HAVE_APPARMOR /* || HAVE_SELINUX || HAVE_SMACK */
 250         int lsm_umount_proc;
 251 #endif
 252         char *seccomp;  // filename with the seccomp rules
 253 #if HAVE_SCMP_FILTER_CTX
 254         scmp_filter_ctx *seccomp_ctx;
 255 #endif
 256         int maincmd_fd;
 257         int autodev;  // if 1, mount and fill a /dev at start
 258 };
 259
 260 int run_lxc_hooks(const char *name, char *hook, struct lxc_conf *conf);
 261
 262 extern int setup_cgroup(const char *name, struct lxc_list *cgroups);
 263 extern int detect_shared_rootfs(void);
 264
 265 /*
 266  * Initialize the lxc configuration structure
 267  */
 268 extern struct lxc_conf *lxc_conf_init(void);
 269 extern void lxc_conf_free(struct lxc_conf *conf);
 270
 271 extern int pin_rootfs(const char *rootfs);
 272
 273 extern int lxc_create_network(struct lxc_handler *handler);
 274 extern void lxc_delete_network(struct lxc_handler *handler);
 275 extern int lxc_assign_network(struct lxc_list *networks, pid_t pid);
 276 extern int lxc_find_gateway_addresses(struct lxc_handler *handler);
 277
 278 extern int lxc_create_tty(const char *name, struct lxc_conf *conf);
 279 extern void lxc_delete_tty(struct lxc_tty_info *tty_info);
 280
 281 extern int lxc_clear_config_network(struct lxc_conf *c);
 282 extern int lxc_clear_nic(struct lxc_conf *c, const char *key);
 283 extern int lxc_clear_config_caps(struct lxc_conf *c);
 284 extern int lxc_clear_cgroups(struct lxc_conf *c, const char *key);
 285 extern int lxc_clear_mount_entries(struct lxc_conf *c);
 286 extern int lxc_clear_hooks(struct lxc_conf *c, const char *key);
 287
 288 /*
 289  * Configure the container from inside
 290  */
 291
 292 extern int lxc_setup(const char *name, struct lxc_conf *lxc_conf);
 293
 294 extern void lxc_rename_phys_nics_on_shutdown(struct lxc_conf *conf);
 295 #endif