]>
git.proxmox.com Git - mirror_lxc.git/blob - src/lxc/confile_utils.c
3 * Copyright © 2017 Christian Brauner <christian.brauner@ubuntu.com>.
4 * Copyright © 2017 Canonical Ltd.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2, as
8 * published by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
26 #include <arpa/inet.h>
30 #include "confile_utils.h"
34 #include "lxccontainer.h"
40 #include "include/strlcpy.h"
43 lxc_log_define(confile_utils
, lxc
);
45 int parse_idmaps(const char *idmap
, char *type
, unsigned long *nsid
,
46 unsigned long *hostid
, unsigned long *range
)
49 unsigned long tmp_hostid
, tmp_nsid
, tmp_range
;
54 /* Duplicate string. */
59 /* A prototypical idmap entry would be: "u 1000 1000000 65536" */
64 slide
+= strspn(slide
, " \t\r");
65 if (slide
!= window
&& *slide
== '\0')
69 if (*slide
!= 'u' && *slide
!= 'g') {
70 ERROR("Invalid id mapping type: %c", *slide
);
77 /* move beyond type */
81 /* Validate that only whitespace follows. */
82 slide
+= strspn(slide
, " \t\r");
83 /* There must be whitespace. */
87 /* Mark beginning of nsid. */
89 /* Validate that non-whitespace follows. */
90 slide
+= strcspn(slide
, " \t\r");
91 /* There must be non-whitespace. */
92 if (slide
== window
|| *slide
== '\0')
94 /* Mark end of nsid. */
98 if (lxc_safe_ulong(window
, &tmp_nsid
) < 0) {
99 ERROR("Failed to parse nsid: %s", window
);
103 /* Move beyond \0. */
105 /* Validate that only whitespace follows. */
106 slide
+= strspn(slide
, " \t\r");
107 /* If there was only one whitespace then we whiped it with our \0 above.
108 * So only ensure that we're not at the end of the string.
113 /* Mark beginning of hostid. */
115 /* Validate that non-whitespace follows. */
116 slide
+= strcspn(slide
, " \t\r");
117 /* There must be non-whitespace. */
118 if (slide
== window
|| *slide
== '\0')
120 /* Mark end of nsid. */
124 if (lxc_safe_ulong(window
, &tmp_hostid
) < 0) {
125 ERROR("Failed to parse hostid: %s", window
);
129 /* Move beyond \0. */
131 /* Validate that only whitespace follows. */
132 slide
+= strspn(slide
, " \t\r");
133 /* If there was only one whitespace then we whiped it with our \0 above.
134 * So only ensure that we're not at the end of the string.
139 /* Mark beginning of range. */
141 /* Validate that non-whitespace follows. */
142 slide
+= strcspn(slide
, " \t\r");
143 /* There must be non-whitespace. */
147 /* The range is the last valid entry we expect. So make sure that there
148 * is no trailing garbage and if there is, error out.
150 if (*(slide
+ strspn(slide
, " \t\r\n")) != '\0')
153 /* Mark end of range. */
157 if (lxc_safe_ulong(window
, &tmp_range
) < 0) {
158 ERROR("Failed to parse id mapping range: %s", window
);
164 *hostid
= tmp_hostid
;
167 /* Yay, we survived. */
176 bool lxc_config_value_empty(const char *value
)
178 if (value
&& strlen(value
) > 0)
184 struct lxc_netdev
*lxc_network_add(struct lxc_list
*networks
, int idx
, bool tail
)
186 struct lxc_list
*newlist
;
187 struct lxc_netdev
*netdev
= NULL
;
189 /* network does not exist */
190 netdev
= malloc(sizeof(*netdev
));
194 memset(netdev
, 0, sizeof(*netdev
));
195 lxc_list_init(&netdev
->ipv4
);
196 lxc_list_init(&netdev
->ipv6
);
198 /* give network a unique index */
201 /* prepare new list */
202 newlist
= malloc(sizeof(*newlist
));
208 lxc_list_init(newlist
);
209 newlist
->elem
= netdev
;
212 lxc_list_add_tail(networks
, newlist
);
214 lxc_list_add(networks
, newlist
);
219 /* Takes care of finding the correct netdev struct in the networks list or
220 * allocates a new one if it couldn't be found.
222 struct lxc_netdev
*lxc_get_netdev_by_idx(struct lxc_conf
*conf
,
223 unsigned int idx
, bool allocate
)
225 struct lxc_netdev
*netdev
= NULL
;
226 struct lxc_list
*networks
= &conf
->network
;
227 struct lxc_list
*insert
= networks
;
230 if (!lxc_list_empty(networks
)) {
231 lxc_list_for_each(insert
, networks
) {
232 netdev
= insert
->elem
;
233 if (netdev
->idx
== idx
)
235 else if (netdev
->idx
> idx
)
243 return lxc_network_add(insert
, idx
, true);
246 void lxc_log_configured_netdevs(const struct lxc_conf
*conf
)
248 struct lxc_netdev
*netdev
;
249 struct lxc_list
*it
= (struct lxc_list
*)&conf
->network
;;
251 if ((conf
->loglevel
!= LXC_LOG_LEVEL_TRACE
) &&
252 (lxc_log_get_level() != LXC_LOG_LEVEL_TRACE
))
255 if (lxc_list_empty(it
)) {
256 TRACE("container has no networks configured");
260 lxc_list_for_each(it
, &conf
->network
) {
261 struct lxc_list
*cur
, *next
;
262 struct lxc_inetdev
*inet4dev
;
263 struct lxc_inet6dev
*inet6dev
;
264 char bufinet4
[INET_ADDRSTRLEN
], bufinet6
[INET6_ADDRSTRLEN
];
268 TRACE("index: %zd", netdev
->idx
);
269 TRACE("ifindex: %d", netdev
->ifindex
);
271 switch (netdev
->type
) {
275 if (netdev
->priv
.veth_attr
.pair
[0] != '\0')
276 TRACE("veth pair: %s",
277 netdev
->priv
.veth_attr
.pair
);
279 if (netdev
->priv
.veth_attr
.veth1
[0] != '\0')
281 netdev
->priv
.veth_attr
.veth1
);
283 if (netdev
->priv
.veth_attr
.ifindex
> 0)
284 TRACE("host side ifindex for veth device: %d",
285 netdev
->priv
.veth_attr
.ifindex
);
287 case LXC_NET_MACVLAN
:
288 TRACE("type: macvlan");
290 if (netdev
->priv
.macvlan_attr
.mode
> 0) {
293 macvlan_mode
= lxc_macvlan_flag_to_mode(
294 netdev
->priv
.macvlan_attr
.mode
);
295 TRACE("macvlan mode: %s",
296 macvlan_mode
? macvlan_mode
302 TRACE("vlan id: %d", netdev
->priv
.vlan_attr
.vid
);
307 if (netdev
->priv
.phys_attr
.ifindex
> 0)
308 TRACE("host side ifindex for phys device: %d",
309 netdev
->priv
.phys_attr
.ifindex
);
312 TRACE("type: empty");
318 ERROR("invalid network type %d", netdev
->type
);
322 if (netdev
->type
!= LXC_NET_EMPTY
) {
324 netdev
->flags
== IFF_UP
? "up" : "none");
326 if (netdev
->link
[0] != '\0')
327 TRACE("link: %s", netdev
->link
);
329 if (netdev
->name
[0] != '\0')
330 TRACE("name: %s", netdev
->name
);
333 TRACE("hwaddr: %s", netdev
->hwaddr
);
336 TRACE("mtu: %s", netdev
->mtu
);
338 if (netdev
->upscript
)
339 TRACE("upscript: %s", netdev
->upscript
);
341 if (netdev
->downscript
)
342 TRACE("downscript: %s", netdev
->downscript
);
344 TRACE("ipv4 gateway auto: %s",
345 netdev
->ipv4_gateway_auto
? "true" : "false");
347 if (netdev
->ipv4_gateway
) {
348 inet_ntop(AF_INET
, netdev
->ipv4_gateway
,
349 bufinet4
, sizeof(bufinet4
));
350 TRACE("ipv4 gateway: %s", bufinet4
);
353 lxc_list_for_each_safe(cur
, &netdev
->ipv4
, next
) {
354 inet4dev
= cur
->elem
;
355 inet_ntop(AF_INET
, &inet4dev
->addr
, bufinet4
,
357 TRACE("ipv4 addr: %s", bufinet4
);
360 TRACE("ipv6 gateway auto: %s",
361 netdev
->ipv6_gateway_auto
? "true" : "false");
363 if (netdev
->ipv6_gateway
) {
364 inet_ntop(AF_INET6
, netdev
->ipv6_gateway
,
365 bufinet6
, sizeof(bufinet6
));
366 TRACE("ipv6 gateway: %s", bufinet6
);
369 lxc_list_for_each_safe(cur
, &netdev
->ipv6
, next
) {
370 inet6dev
= cur
->elem
;
371 inet_ntop(AF_INET6
, &inet6dev
->addr
, bufinet6
,
373 TRACE("ipv6 addr: %s", bufinet6
);
379 static void lxc_free_netdev(struct lxc_netdev
*netdev
)
381 struct lxc_list
*cur
, *next
;
383 free(netdev
->upscript
);
384 free(netdev
->downscript
);
385 free(netdev
->hwaddr
);
388 free(netdev
->ipv4_gateway
);
389 lxc_list_for_each_safe(cur
, &netdev
->ipv4
, next
) {
395 free(netdev
->ipv6_gateway
);
396 lxc_list_for_each_safe(cur
, &netdev
->ipv6
, next
) {
405 bool lxc_remove_nic_by_idx(struct lxc_conf
*conf
, unsigned int idx
)
407 struct lxc_list
*cur
, *next
;
408 struct lxc_netdev
*netdev
;
411 lxc_list_for_each_safe(cur
, &conf
->network
, next
) {
413 if (netdev
->idx
!= idx
)
424 lxc_free_netdev(netdev
);
430 void lxc_free_networks(struct lxc_list
*networks
)
432 struct lxc_list
*cur
, *next
;
433 struct lxc_netdev
*netdev
;
435 lxc_list_for_each_safe(cur
, networks
, next
) {
437 lxc_free_netdev(netdev
);
441 /* prevent segfaults */
442 lxc_list_init(networks
);
445 static struct macvlan_mode
{
449 { "private", MACVLAN_MODE_PRIVATE
},
450 { "vepa", MACVLAN_MODE_VEPA
},
451 { "bridge", MACVLAN_MODE_BRIDGE
},
452 { "passthru", MACVLAN_MODE_PASSTHRU
},
455 int lxc_macvlan_mode_to_flag(int *mode
, const char *value
)
459 for (i
= 0; i
< sizeof(macvlan_mode
) / sizeof(macvlan_mode
[0]); i
++) {
460 if (strcmp(macvlan_mode
[i
].name
, value
))
463 *mode
= macvlan_mode
[i
].mode
;
470 char *lxc_macvlan_flag_to_mode(int mode
)
474 for (i
= 0; i
< sizeof(macvlan_mode
) / sizeof(macvlan_mode
[0]); i
++) {
475 if (macvlan_mode
[i
].mode
== mode
)
478 return macvlan_mode
[i
].name
;
484 int set_config_string_item(char **conf_item
, const char *value
)
488 if (lxc_config_value_empty(value
)) {
494 new_value
= strdup(value
);
496 SYSERROR("Failed to duplicate string \"%s\"", value
);
501 *conf_item
= new_value
;
505 int set_config_string_item_max(char **conf_item
, const char *value
, size_t max
)
507 if (strlen(value
) >= max
) {
508 ERROR("%s is too long (>= %lu)", value
, (unsigned long)max
);
512 return set_config_string_item(conf_item
, value
);
515 int set_config_path_item(char **conf_item
, const char *value
)
517 return set_config_string_item_max(conf_item
, value
, PATH_MAX
);
520 int config_ip_prefix(struct in_addr
*addr
)
522 if (IN_CLASSA(addr
->s_addr
))
523 return 32 - IN_CLASSA_NSHIFT
;
525 if (IN_CLASSB(addr
->s_addr
))
526 return 32 - IN_CLASSB_NSHIFT
;
528 if (IN_CLASSC(addr
->s_addr
))
529 return 32 - IN_CLASSC_NSHIFT
;
534 int network_ifname(char *valuep
, const char *value
, size_t size
)
538 if (!valuep
|| !value
)
541 retlen
= strlcpy(valuep
, value
, size
);
543 ERROR("Network devie name \"%s\" is too long (>= %zu)", value
,
549 void rand_complete_hwaddr(char *hwaddr
)
551 const char hex
[] = "0123456789abcdef";
556 seed
= randseed(false);
559 (void)randseed(true);
562 while (*curs
!= '\0' && *curs
!= '\n') {
563 if (*curs
== 'x' || *curs
== 'X') {
564 if (curs
- hwaddr
== 1) {
565 /* ensure address is unicast */
567 *curs
= hex
[rand_r(&seed
) & 0x0E];
569 *curs
= hex
[rand_r(&seed
) & 0x0F];
571 *curs
= hex
[rand() & 0x0E];
573 *curs
= hex
[rand() & 0x0F];
581 bool lxc_config_net_hwaddr(const char *line
)
586 if (strncmp(line
, "lxc.net", 7) != 0)
589 if (strncmp(line
, "lxc.net.hwaddr", 14) == 0)
592 if (strncmp(line
, "lxc.network.hwaddr", 18) == 0)
595 if (sscanf(line
, "lxc.net.%u.%6s", &index
, tmp
) == 2 ||
596 sscanf(line
, "lxc.network.%u.%6s", &index
, tmp
) == 2)
597 return strncmp(tmp
, "hwaddr", 6) == 0;
603 * If we find a lxc.net.[i].hwaddr or lxc.network.hwaddr in the original config
604 * file, we expand it in the unexpanded_config, so that after a save_config we
605 * store the hwaddr for re-use.
606 * This is only called when reading the config file, not when executing a
608 * 'x' and 'X' are substituted in-place.
610 void update_hwaddr(const char *line
)
614 line
+= lxc_char_left_gc(line
, strlen(line
));
618 if (!lxc_config_net_hwaddr(line
))
621 /* Let config_net_hwaddr raise the error. */
622 p
= strchr(line
, '=');
633 rand_complete_hwaddr(p
);
636 bool new_hwaddr(char *hwaddr
)
642 seed
= randseed(false);
644 ret
= snprintf(hwaddr
, 18, "00:16:3e:%02x:%02x:%02x", rand_r(&seed
) % 255,
645 rand_r(&seed
) % 255, rand_r(&seed
) % 255);
648 (void)randseed(true);
650 ret
= snprintf(hwaddr
, 18, "00:16:3e:%02x:%02x:%02x", rand() % 255,
651 rand() % 255, rand() % 255);
653 if (ret
< 0 || ret
>= 18) {
654 SYSERROR("Failed to call snprintf()");
661 int lxc_get_conf_str(char *retv
, int inlen
, const char *value
)
668 value_len
= strlen(value
);
669 if (retv
&& inlen
>= value_len
+ 1)
670 memcpy(retv
, value
, value_len
+ 1);
675 int lxc_get_conf_bool(struct lxc_conf
*c
, char *retv
, int inlen
, bool v
)
683 memset(retv
, 0, inlen
);
685 strprint(retv
, inlen
, "%d", v
);
690 int lxc_get_conf_int(struct lxc_conf
*c
, char *retv
, int inlen
, int v
)
698 memset(retv
, 0, inlen
);
700 strprint(retv
, inlen
, "%d", v
);
705 int lxc_get_conf_size_t(struct lxc_conf
*c
, char *retv
, int inlen
, size_t v
)
713 memset(retv
, 0, inlen
);
715 strprint(retv
, inlen
, "%zu", v
);
720 int lxc_get_conf_uint64(struct lxc_conf
*c
, char *retv
, int inlen
, uint64_t v
)
728 memset(retv
, 0, inlen
);
730 strprint(retv
, inlen
, "%"PRIu64
, v
);
735 bool parse_limit_value(const char **value
, rlim_t
*res
)
739 if (strncmp(*value
, "unlimited", sizeof("unlimited") - 1) == 0) {
740 *res
= RLIM_INFINITY
;
741 *value
+= sizeof("unlimited") - 1;
746 *res
= strtoull(*value
, &endptr
, 10);
747 if (errno
|| !endptr
)
755 static int lxc_container_name_to_pid(const char *lxcname_or_pid
,
762 pid
= strtol(lxcname_or_pid
, &err
, 10);
763 if (*err
!= '\0' || pid
< 1) {
764 struct lxc_container
*c
;
766 c
= lxc_container_new(lxcname_or_pid
, lxcpath
);
768 ERROR("\"%s\" is not a valid pid nor a container name",
773 if (!c
->may_control(c
)) {
774 ERROR("Insufficient privileges to control container "
776 lxc_container_put(c
);
780 pid
= c
->init_pid(c
);
782 ERROR("Container \"%s\" is not running", c
->name
);
783 lxc_container_put(c
);
787 lxc_container_put(c
);
792 SYSERROR("Failed to send signal to pid %d", (int)pid
);
799 int lxc_inherit_namespace(const char *lxcname_or_pid
, const char *lxcpath
,
800 const char *namespace)
803 char *dup
, *lastslash
;
805 lastslash
= strrchr(lxcname_or_pid
, '/');
807 dup
= strdup(lxcname_or_pid
);
811 dup
[lastslash
- lxcname_or_pid
] = '\0';
812 pid
= lxc_container_name_to_pid(lastslash
+ 1, dup
);
815 pid
= lxc_container_name_to_pid(lxcname_or_pid
, lxcpath
);
821 fd
= lxc_preserve_ns(pid
, namespace);
833 static const struct signame signames
[] = {
866 { SIGSTKFLT
, "STKFLT" },
881 { SIGVTALRM
, "VTALRM" },
887 { SIGWINCH
, "WINCH" },
905 { SIGUNUSED
, "UNUSED" },
912 static int sig_num(const char *sig
)
916 if (lxc_safe_uint(sig
, &signum
) < 0)
922 static int rt_sig_num(const char *signame
)
924 int rtmax
= 0, sig_n
= 0;
926 if (strncasecmp(signame
, "max-", 4) == 0)
930 if (!isdigit(*signame
))
933 sig_n
= sig_num(signame
);
934 sig_n
= rtmax
? SIGRTMAX
- sig_n
: SIGRTMIN
+ sig_n
;
935 if (sig_n
> SIGRTMAX
|| sig_n
< SIGRTMIN
)
941 int sig_parse(const char *signame
)
945 if (isdigit(*signame
)) {
946 return sig_num(signame
);
947 } else if (strncasecmp(signame
, "sig", 3) == 0) {
949 if (strncasecmp(signame
, "rt", 2) == 0)
950 return rt_sig_num(signame
+ 2);
952 for (n
= 0; n
< sizeof(signames
) / sizeof((signames
)[0]); n
++)
953 if (strcasecmp(signames
[n
].name
, signame
) == 0)
954 return signames
[n
].num
;