#!/usr/bin/perl use strict; use warnings; exit 0 if $ENV{LXC_NAME} && $ENV{LXC_NAME} !~ /^\d+$/; use POSIX; use File::Path; use Fcntl ':mode'; use PVE::SafeSyslog; use PVE::Tools; use PVE::Cluster; use PVE::RPCEnvironment; use PVE::JSONSchema qw(get_standard_option); use PVE::CLIHandler; use PVE::Storage; use PVE::LXC; use PVE::LXC::Setup; use Data::Dumper; use base qw(PVE::CLIHandler); $ENV{'PATH'} = '/sbin:/bin:/usr/sbin:/usr/bin'; initlog ('lxc-pve-mount-hook'); die "please run as root\n" if $> != 0; my $rpcenv = PVE::RPCEnvironment->init('cli'); $rpcenv->set_language($ENV{LANG}); $rpcenv->set_user('root@pam'); # we cannot use cfs_read here (permission problem) # $rpcenv->init_request(); # PVE::INotify::nodename() also returns wrong value! __PACKAGE__->register_method ({ name => 'lxc-pve-mount-hook', path => 'lxc-pve-mount-hook', method => 'GET', description => "Create a new container root directory.", parameters => { additionalProperties => 0, properties => { name => { description => "The container name. This hook is only active for containers using numeric IDs, where configuration is stored on /etc/pve/lxc/.conf (else it is just a NOP).", type => 'string', pattern => '\S+', maxLength => 64, }, path => { description => "The path to the container configuration directory (LXC internal argument - do not pass manually!).", type => 'string', }, rootfs => { description => "The path to the container's rootfs (LXC internal argument - do not pass manually!)", type => 'string', }, }, }, returns => { type => 'null' }, code => sub { my ($param) = @_; my $private = $param->{rootfs}; return undef if $param->{name} !~ m/^\d+$/; my $vmid = $param->{name}; # Note: PVE::INotify::nodename() returns wrong value when run # inside container mount hook, so we cannot simply # use PVE::LXC::load_conf(). my $config_filename = "/etc/pve/lxc/$param->{name}.conf"; return undef if ! -f $config_filename; my $raw = PVE::Tools::file_get_contents($config_filename); my $conf = PVE::LXC::parse_pct_config($config_filename, $raw); my $rootdir = $ENV{LXC_ROOTFS_MOUNT}; # Note: PVE::Storage::config() does not work here my $fn = "/etc/pve/storage.cfg"; $raw = -f $fn ? PVE::Tools::file_get_contents($fn) : ''; my $storage_cfg = PVE::Storage::Plugin->parse_config($fn, $raw); my $setup_mountpoint = sub { my ($ms, $mountpoint) = @_; return if $ms eq 'rootfs'; PVE::LXC::mountpoint_mount($mountpoint, $rootdir, $storage_cfg); }; my $setup_cgroup_device = sub { my ($ms, $mountpoint) = @_; my $volid = $mountpoint->{volume}; return if !$volid || $volid !~ m|^/dev/.+|; my $path = PVE::LXC::mountpoint_mount_path($mountpoint, $storage_cfg); my (undef, undef, $mode, undef, undef, undef, $rdev) = stat($path); if ($mode && S_ISBLK($mode) && $rdev) { my $major = int($rdev / 0x100); my $minor = $rdev % 0x100; if ($major != 7) { # must not be a loop device PVE::Tools::run_command(['mknod', '-m', '666', "$rootdir$path", 'b', $major, $minor]); PVE::LXC::write_cgroup_value("devices", $vmid, "devices.allow", "b ${major}:${minor} rwm"); } } }; PVE::LXC::foreach_mountpoint($conf, $setup_mountpoint); PVE::LXC::foreach_mountpoint($conf, $setup_cgroup_device); my $lxc_setup = PVE::LXC::Setup->new($conf, $rootdir); $lxc_setup->pre_start_hook(); return undef; }}); push @ARGV, 'help' if !scalar(@ARGV); my $param = {}; if ((scalar(@ARGV) == 1) && ($ARGV[0] eq 'printmanpod') || ($ARGV[0] eq 'verifyapi')) { # OK } elsif ((scalar(@ARGV) == 3) && ($ARGV[1] eq 'lxc') && ($ARGV[2] eq 'mount')) { $param->{name} = $ENV{'LXC_NAME'}; die "got wrong name" if $param->{name} ne $ARGV[0]; $param->{path} = $ENV{'LXC_CONFIG_FILE'}; $param->{rootfs} = $ENV{'LXC_ROOTFS_PATH'}; @ARGV = (); } else { @ARGV = ('help'); } my $cmddef = [ __PACKAGE__, 'lxc-pve-mount-hook', [], $param]; PVE::CLIHandler::handle_simple_cmd($cmddef, \@ARGV, undef, $0); exit 0; __END__ =head1 NAME lxc-pve - LXC mount hook for Proxmox VE =head1 SYNOPSIS =include synopsis =head1 DESCRIPTION This mount hook sets the network and hostname for pve container. =head1 SEE ALSO lct(1) =include pve_copyright