]> git.proxmox.com Git - mirror_lxc.git/blob - src/lxc/lxc_start.c
projects / mirror_lxc.git / blob
? search:


4b6b1f75b14bdac94970ef14d444a6e614b72242
[mirror_lxc.git] / src / lxc / lxc_start.c
1 /*
2 * lxc: linux Container library
3 *
4 * (C) Copyright IBM Corp. 2007, 2008
5 *
6 * Authors:
7 * Daniel Lezcano <daniel.lezcano at free.fr>
8 *
9 * This library is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU Lesser General Public
11 * License as published by the Free Software Foundation; either
12 * version 2.1 of the License, or (at your option) any later version.
13 *
14 * This library is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 * Lesser General Public License for more details.
18 *
19 * You should have received a copy of the GNU Lesser General Public
20 * License along with this library; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
22 */
23 #define _GNU_SOURCE
24 #include <stdio.h>
25 #undef _GNU_SOURCE
26 #include <libgen.h>
27 #include <stdlib.h>
28 #include <unistd.h>
29 #include <string.h>
30 #include <termios.h>
31 #include <errno.h>
32 #include <fcntl.h>
33 #include <signal.h>
34 #include <sys/param.h>
35 #include <sys/utsname.h>
36 #include <sys/types.h>
37 #include <sys/socket.h>
38 #include <sys/stat.h>
39 #include <arpa/inet.h>
40 #include <netinet/in.h>
41 #include <net/if.h>
42
43 #include <lxc/lxccontainer.h>
44
45 #include "log.h"
46 #include "caps.h"
47 #include "lxc.h"
48 #include "conf.h"
49 #include "cgroup.h"
50 #include "utils.h"
51 #include "config.h"
52 #include "confile.h"
53 #include "arguments.h"
54
55 #define OPT_SHARE_NET OPT_USAGE+1
56 #define OPT_SHARE_IPC OPT_USAGE+2
57 #define OPT_SHARE_UTS OPT_USAGE+3
58
59 lxc_log_define(lxc_start_ui, lxc_start);
60
61 static struct lxc_list defines;
62
63 static int ensure_path(char **confpath, const char *path)
64 {
65 int err = -1, fd;
66 char *fullpath = NULL;
67
68 if (path) {
69 if (access(path, W_OK)) {
70 fd = creat(path, 0600);
71 if (fd < 0 && errno != EEXIST) {
72 SYSERROR("failed to create '%s'", path);
73 goto err;
74 }
75 if (fd >= 0)
76 close(fd);
77 }
78
79 fullpath = realpath(path, NULL);
80 if (!fullpath) {
81 SYSERROR("failed to get the real path of '%s'", path);
82 goto err;
83 }
84
85 *confpath = strdup(fullpath);
86 if (!*confpath) {
87 ERROR("failed to dup string '%s'", fullpath);
88 goto err;
89 }
90 }
91 err = 0;
92
93 err:
94 if (fullpath)
95 free(fullpath);
96 return err;
97 }
98
99 static int pid_from_lxcname(const char *lxcname_or_pid, const char *lxcpath) {
100 char *eptr;
101 int pid = strtol(lxcname_or_pid, &eptr, 10);
102 if (*eptr != '\0' || pid < 1) {
103 struct lxc_container *s;
104 s = lxc_container_new(lxcname_or_pid, lxcpath);
105 if (!s) {
106 SYSERROR("'%s' is not a valid pid nor a container name", lxcname_or_pid);
107 return -1;
108 }
109
110 if (!s->may_control(s)) {
111 SYSERROR("Insufficient privileges to control container '%s'", s->name);
112 lxc_container_put(s);
113 return -1;
114 }
115
116 pid = s->init_pid(s);
117 if (pid < 1) {
118 SYSERROR("Is container '%s' running?", s->name);
119 lxc_container_put(s);
120 return -1;
121 }
122
123 lxc_container_put(s);
124 }
125 if (kill(pid, 0) < 0) {
126 SYSERROR("Can't send signal to pid %d", pid);
127 return -1;
128 }
129
130 return pid;
131 }
132
133 static int open_ns(int pid, const char *ns_proc_name) {
134 int fd;
135 char path[MAXPATHLEN];
136 snprintf(path, MAXPATHLEN, "/proc/%d/ns/%s", pid, ns_proc_name);
137
138 fd = open(path, O_RDONLY);
139 if (fd < 0) {
140 SYSERROR("failed to open %s", path);
141 return -1;
142 }
143 return fd;
144 }
145
146 static int my_parser(struct lxc_arguments* args, int c, char* arg)
147 {
148 switch (c) {
149 case 'c': args->console = arg; break;
150 case 'L': args->console_log = arg; break;
151 case 'd': args->daemonize = 1; break;
152 case 'f': args->rcfile = arg; break;
153 case 'C': args->close_all_fds = 1; break;
154 case 's': return lxc_config_define_add(&defines, arg);
155 case 'p': args->pidfile = arg; break;
156 case OPT_SHARE_NET: args->share_ns[LXC_NS_NET] = arg; break;
157 case OPT_SHARE_IPC: args->share_ns[LXC_NS_IPC] = arg; break;
158 case OPT_SHARE_UTS: args->share_ns[LXC_NS_UTS] = arg; break;
159 }
160 return 0;
161 }
162
163 static const struct option my_longopts[] = {
164 {"daemon", no_argument, 0, 'd'},
165 {"rcfile", required_argument, 0, 'f'},
166 {"define", required_argument, 0, 's'},
167 {"console", required_argument, 0, 'c'},
168 {"console-log", required_argument, 0, 'L'},
169 {"close-all-fds", no_argument, 0, 'C'},
170 {"pidfile", required_argument, 0, 'p'},
171 {"share-net", required_argument, 0, OPT_SHARE_NET},
172 {"share-ipc", required_argument, 0, OPT_SHARE_IPC},
173 {"share-uts", required_argument, 0, OPT_SHARE_UTS},
174 LXC_COMMON_OPTIONS
175 };
176
177 static struct lxc_arguments my_args = {
178 .progname = "lxc-start",
179 .help = "\
180 --name=NAME -- COMMAND\n\
181 \n\
182 lxc-start start COMMAND in specified container NAME\n\
183 \n\
184 Options :\n\
185 -n, --name=NAME NAME for name of the container\n\
186 -d, --daemon daemonize the container\n\
187 -p, --pidfile=FILE Create a file with the process id\n\
188 -f, --rcfile=FILE Load configuration file FILE\n\
189 -c, --console=FILE Use specified FILE for the container console\n\
190 -L, --console-log=FILE Log container console output to FILE\n\
191 -C, --close-all-fds If any fds are inherited, close them\n\
192 If not specified, exit with failure instead\n\
193 Note: --daemon implies --close-all-fds\n\
194 -s, --define KEY=VAL Assign VAL to configuration variable KEY\n\
195 --share-[net|ipc|uts]=NAME Share a namespace with another container or pid\n\
196 ",
197 .options = my_longopts,
198 .parser = my_parser,
199 .checker = NULL,
200 .daemonize = 0,
201 .pidfile = NULL,
202 };
203
204 int main(int argc, char *argv[])
205 {
206 int err = -1;
207 struct lxc_conf *conf;
208 char *const *args;
209 char *rcfile = NULL;
210 char *const default_args[] = {
211 "/sbin/init",
212 '\0',
213 };
214 struct lxc_container *c;
215
216 lxc_list_init(&defines);
217
218 if (lxc_caps_init())
219 return err;
220
221 if (lxc_arguments_parse(&my_args, argc, argv))
222 return err;
223
224 if (!my_args.argc)
225 args = default_args;
226 else
227 args = my_args.argv;
228
229 if (lxc_log_init(my_args.name, my_args.log_file, my_args.log_priority,
230 my_args.progname, my_args.quiet, my_args.lxcpath[0]))
231 return err;
232
233 const char *lxcpath = my_args.lxcpath[0];
234
235 /*
236 * rcfile possibilities:
237 * 1. rcfile from random path specified in cli option
238 * 2. rcfile not specified, use $lxcpath/$lxcname/config
239 * 3. rcfile not specified and does not exist.
240 */
241 /* rcfile is specified in the cli option */
242 if (my_args.rcfile) {
243 rcfile = (char *)my_args.rcfile;
244 c = lxc_container_new(my_args.name, lxcpath);
245 if (!c) {
246 ERROR("Failed to create lxc_container");
247 return err;
248 }
249 c->clear_config(c);
250 if (!c->load_config(c, rcfile)) {
251 ERROR("Failed to load rcfile");
252 lxc_container_put(c);
253 return err;
254 }
255 } else {
256 int rc;
257
258 rc = asprintf(&rcfile, "%s/%s/config", lxcpath, my_args.name);
259 if (rc == -1) {
260 SYSERROR("failed to allocate memory");
261 return err;
262 }
263 INFO("using rcfile %s", rcfile);
264
265 /* container configuration does not exist */
266 if (access(rcfile, F_OK)) {
267 free(rcfile);
268 rcfile = NULL;
269 }
270 c = lxc_container_new(my_args.name, lxcpath);
271 if (!c) {
272 ERROR("Failed to create lxc_container");
273 return err;
274 }
275 }
276
277 /*
278 * We should use set_config_item() over &defines, which would handle
279 * unset c->lxc_conf for us and let us not use lxc_config_define_load()
280 */
281 if (!c->lxc_conf)
282 c->lxc_conf = lxc_conf_init();
283 conf = c->lxc_conf;
284
285 if (lxc_config_define_load(&defines, conf))
286 goto out;
287
288 if (!rcfile && !strcmp("/sbin/init", args[0])) {
289 ERROR("Executing '/sbin/init' with no configuration file may crash the host");
290 goto out;
291 }
292
293 if (ensure_path(&conf->console.path, my_args.console) < 0) {
294 ERROR("failed to ensure console path '%s'", my_args.console);
295 goto out;
296 }
297
298 if (ensure_path(&conf->console.log_path, my_args.console_log) < 0) {
299 ERROR("failed to ensure console log '%s'", my_args.console_log);
300 goto out;
301 }
302
303 if (my_args.pidfile != NULL) {
304 if (ensure_path(&c->pidfile, my_args.pidfile) < 0) {
305 ERROR("failed to ensure pidfile '%s'", my_args.pidfile);
306 goto out;
307 }
308 }
309
310 int i;
311 for (i = 0; i < LXC_NS_MAX; i++) {
312 if (my_args.share_ns[i] == NULL)
313 continue;
314
315 int pid = pid_from_lxcname(my_args.share_ns[i], lxcpath);
316 if (pid < 1)
317 goto out;
318
319 int fd = open_ns(pid, ns_info[i].proc_name);
320 if (fd < 0)
321 goto out;
322 conf->inherit_ns_fd[i] = fd;
323 }
324
325 if (!my_args.daemonize) {
326 c->want_daemonize(c, false);
327 }
328
329 if (my_args.close_all_fds)
330 c->want_close_all_fds(c, true);
331
332 err = c->start(c, 0, args) ? 0 : -1;
333 out:
334 lxc_container_put(c);
335 return err;
336 }
337
LXC mirror