use warnings;
use POSIX qw(EINTR);
+use Socket;
+
use File::Path;
use File::Spec;
use Cwd qw();
-use Fcntl ':flock';
+use Fcntl qw(O_RDONLY);
use PVE::Cluster qw(cfs_register_file cfs_read_file);
+use PVE::Exception qw(raise_perm_exc);
use PVE::Storage;
use PVE::SafeSyslog;
use PVE::INotify;
use PVE::JSONSchema qw(get_standard_option);
-use PVE::Tools qw($IPV6RE $IPV4RE dir_glob_foreach);
+use PVE::Tools qw($IPV6RE $IPV4RE dir_glob_foreach lock_file lock_file_full);
use PVE::Network;
use PVE::AccessControl;
use PVE::ProcFSTools;
volume => {
type => 'string',
default_key => 1,
+ format => 'pve-lxc-mp-string',
format_description => 'volume',
description => 'Volume, device or directory to mount into the container.',
},
description => 'Read-only mountpoint (not supported with bind mounts)',
optional => 1,
},
+ quota => {
+ type => 'boolean',
+ format_description => '[0|1]',
+ description => 'Enable user quotas inside the container (not supported with zfs subvolumes)',
+ optional => 1,
+ },
};
PVE::JSONSchema::register_standard_option('pve-ct-rootfs', {
ostype => {
optional => 1,
type => 'string',
- enum => ['debian', 'ubuntu', 'centos', 'fedora', 'opensuse', 'archlinux'],
- description => "OS type. Corresponds to lxc setup scripts in /usr/share/lxc/config/<ostype>.common.conf.",
+ enum => ['debian', 'ubuntu', 'centos', 'fedora', 'opensuse', 'archlinux', 'alpine', 'unmanaged'],
+ description => "OS type. This is used to setup configuration inside the container, and corresponds to lxc setup scripts in /usr/share/lxc/config/<ostype>.common.conf. Value 'unmanaged' can be used to skip and OS specific setup.",
},
console => {
optional => 1,
};
}
+PVE::JSONSchema::register_format('pve-lxc-mp-string', \&verify_lxc_mp_string);
+sub verify_lxc_mp_string{
+ my ($mp, $noerr) = @_;
+
+ # do not allow:
+ # /./ or /../
+ # /. or /.. at the end
+ # ../ at the beginning
+
+ if($mp =~ m@/\.\.?/@ ||
+ $mp =~ m@/\.\.?$@ ||
+ $mp =~ m@^\.\./@){
+ return undef if $noerr;
+ die "$mp contains illegal character sequences\n";
+ }
+ return $mp;
+}
+
my $mp_desc = {
%$rootfs_desc,
mp => {
type => 'string',
+ format => 'pve-lxc-mp-string',
format_description => 'Path',
description => 'Path to the mountpoint as seen from inside the container.',
},
my $lock_handles = {};
my $lockdir = "/run/lock/lxc";
-sub lock_filename {
+sub config_file_lock {
my ($vmid) = @_;
return "$lockdir/pve-config-${vmid}.lock";
}
-sub lock_aquire {
- my ($vmid, $timeout) = @_;
-
- $timeout = 10 if !$timeout;
- my $mode = LOCK_EX;
+sub lock_config_full {
+ my ($vmid, $timeout, $code, @param) = @_;
- my $filename = lock_filename($vmid);
+ my $filename = config_file_lock($vmid);
mkdir $lockdir if !-d $lockdir;
- my $lock_func = sub {
- if (!$lock_handles->{$$}->{$filename}) {
- my $fh = new IO::File(">>$filename") ||
- die "can't open file - $!\n";
- $lock_handles->{$$}->{$filename} = { fh => $fh, refcount => 0};
- }
+ my $res = lock_file($filename, $timeout, $code, @param);
- if (!flock($lock_handles->{$$}->{$filename}->{fh}, $mode |LOCK_NB)) {
- print STDERR "trying to aquire lock...";
- my $success;
- while(1) {
- $success = flock($lock_handles->{$$}->{$filename}->{fh}, $mode);
- # try again on EINTR (see bug #273)
- if ($success || ($! != EINTR)) {
- last;
- }
- }
- if (!$success) {
- print STDERR " failed\n";
- die "can't aquire lock - $!\n";
- }
-
- print STDERR " OK\n";
- }
-
- $lock_handles->{$$}->{$filename}->{refcount}++;
- };
+ die $@ if $@;
- eval { PVE::Tools::run_with_timeout($timeout, $lock_func); };
- my $err = $@;
- if ($err) {
- die "can't lock file '$filename' - $err";
- }
+ return $res;
}
-sub lock_release {
- my ($vmid) = @_;
+sub lock_config_mode {
+ my ($vmid, $timeout, $shared, $code, @param) = @_;
- my $filename = lock_filename($vmid);
+ my $filename = config_file_lock($vmid);
- if (my $fh = $lock_handles->{$$}->{$filename}->{fh}) {
- my $refcount = --$lock_handles->{$$}->{$filename}->{refcount};
- if ($refcount <= 0) {
- $lock_handles->{$$}->{$filename} = undef;
- close ($fh);
- }
- }
-}
+ mkdir $lockdir if !-d $lockdir;
-sub lock_container {
- my ($vmid, $timeout, $code, @param) = @_;
+ my $res = lock_file_full($filename, $timeout, $shared, $code, @param);
- my $res;
+ die $@ if $@;
- lock_aquire($vmid, $timeout);
- eval { $res = &$code(@param) };
- my $err = $@;
- lock_release($vmid);
+ return $res;
+}
- die $err if $err;
+sub lock_config {
+ my ($vmid, $code, @param) = @_;
- return $res;
+ return lock_config_full($vmid, 10, $code, @param);
}
sub option_exists {
return $prop;
}
-sub json_config_properties_no_rootfs {
- my $prop = shift;
-
- foreach my $opt (keys %$confdesc) {
- next if $prop->{$opt};
- next if $opt eq 'parent' || $opt eq 'snaptime' || $opt eq 'rootfs';
- $prop->{$opt} = $confdesc->{$opt};
- }
-
- return $prop;
-}
-
# container status helpers
sub list_active_containers {
my $custom_idmap = grep { $_->[0] eq 'lxc.id_map' } @{$conf->{lxc}};
my $ostype = $conf->{ostype} || die "missing 'ostype' - internal error";
- if ($ostype =~ /^(?:debian | ubuntu | centos | fedora | opensuse | archlinux)$/x) {
- $raw .= "lxc.include = /usr/share/lxc/config/$ostype.common.conf\n";
+ if ($ostype =~ /^(?:debian | ubuntu | centos | fedora | opensuse | archlinux | alpine | unmanaged)$/x) {
+ my $inc ="/usr/share/lxc/config/$ostype.common.conf";
+ $inc ="/usr/share/lxc/config/common.conf" if !-f $inc;
+ $raw .= "lxc.include = $inc\n";
if ($unprivileged || $custom_idmap) {
- $raw .= "lxc.include = /usr/share/lxc/config/$ostype.userns.conf\n"
+ $inc = "/usr/share/lxc/config/$ostype.userns.conf";
+ $inc = "/usr/share/lxc/config/userns.conf" if !-f $inc;
+ $raw .= "lxc.include = $inc\n"
}
} else {
die "implement me (ostype $ostype)";
}
+ # WARNING: DO NOT REMOVE this without making sure that loop device nodes
+ # cannot be exposed to the container with r/w access (cgroup perms).
+ # When this is enabled mounts will still remain in the monitor's namespace
+ # after the container unmounted them and thus will not detach from their
+ # files while the container is running!
$raw .= "lxc.monitor.unshare = 1\n";
# Should we read them from /etc/subuid?
return join(' ', @list);
}
+sub is_volume_in_use {
+ my ($config, $volid, $include_snapshots) = @_;
+ my $used = 0;
+
+ foreach_mountpoint($config, sub {
+ my ($ms, $mountpoint) = @_;
+ return if $used;
+ if ($mountpoint->{type} eq 'volume' && $mountpoint->{volume} eq $volid) {
+ $used = 1;
+ }
+ });
+
+ my $snapshots = $config->{snapshots};
+ if ($include_snapshots && $snapshots) {
+ foreach my $snap (keys %$snapshots) {
+ $used ||= is_volume_in_use($snapshots->{$snap}, $volid);
+ }
+ }
+
+ return $used;
+}
+
sub add_unused_volume {
my ($config, $volid) = @_;
} elsif ($opt =~ m/^mp(\d+)$/) {
next if $hotplug_error->($opt);
check_protection($conf, "can't remove CT $vmid drive '$opt'");
- my $mountpoint = parse_ct_mountpoint($conf->{$opt});
- if ($mountpoint->{type} eq 'volume') {
- add_unused_volume($conf, $mountpoint->{volume})
- }
+ my $mp = parse_ct_mountpoint($conf->{$opt});
delete $conf->{$opt};
+ if ($mp->{type} eq 'volume' && !is_volume_in_use($conf, $mp->{volume})) {
+ add_unused_volume($conf, $mp->{volume});
+ }
} elsif ($opt eq 'unprivileged') {
die "unable to delete read-only option: '$opt'\n";
} else {
my $wanted_swap = PVE::Tools::extract_param($param, 'swap');
if (defined($wanted_memory) || defined($wanted_swap)) {
- $wanted_memory //= ($conf->{memory} || 512);
- $wanted_swap //= ($conf->{swap} || 0);
+ my $old_memory = ($conf->{memory} || 512);
+ my $old_swap = ($conf->{swap} || 0);
+
+ $wanted_memory //= $old_memory;
+ $wanted_swap //= $old_swap;
my $total = $wanted_memory + $wanted_swap;
if ($running) {
- write_cgroup_value("memory", $vmid, "memory.limit_in_bytes", int($wanted_memory*1024*1024));
- write_cgroup_value("memory", $vmid, "memory.memsw.limit_in_bytes", int($total*1024*1024));
+ my $old_total = $old_memory + $old_swap;
+ if ($total > $old_total) {
+ write_cgroup_value("memory", $vmid, "memory.memsw.limit_in_bytes", int($total*1024*1024));
+ write_cgroup_value("memory", $vmid, "memory.limit_in_bytes", int($wanted_memory*1024*1024));
+ } else {
+ write_cgroup_value("memory", $vmid, "memory.limit_in_bytes", int($wanted_memory*1024*1024));
+ write_cgroup_value("memory", $vmid, "memory.memsw.limit_in_bytes", int($total*1024*1024));
+ }
}
$conf->{memory} = $wanted_memory;
$conf->{swap} = $wanted_swap;
write_config($vmid, $conf) if $running;
}
+ my $used_volids = {};
+
foreach my $opt (keys %$param) {
my $value = $param->{$opt};
if ($opt eq 'hostname') {
} elsif ($opt =~ m/^mp(\d+)$/) {
next if $hotplug_error->($opt);
check_protection($conf, "can't update CT $vmid drive '$opt'");
+ my $old = $conf->{$opt};
$conf->{$opt} = $value;
+ if (defined($old)) {
+ my $mp = parse_ct_mountpoint($old);
+ if ($mp->{type} eq 'volume' && !is_volume_in_use($conf, $mp->{volume})) {
+ add_unused_volume($conf, $mp->{volume});
+ }
+ }
$new_disks = 1;
+ my $mp = parse_ct_mountpoint($value);
+ $used_volids->{$mp->{volume}} = 1;
} elsif ($opt eq 'rootfs') {
+ next if $hotplug_error->($opt);
check_protection($conf, "can't update CT $vmid drive '$opt'");
- die "implement me: $opt";
+ my $old = $conf->{$opt};
+ $conf->{$opt} = $value;
+ if (defined($old)) {
+ my $mp = parse_ct_rootfs($old);
+ if ($mp->{type} eq 'volume' && !is_volume_in_use($conf, $mp->{volume})) {
+ add_unused_volume($conf, $mp->{volume});
+ }
+ }
+ my $mp = parse_ct_rootfs($value);
+ $used_volids->{$mp->{volume}} = 1;
} elsif ($opt eq 'unprivileged') {
die "unable to modify read-only option: '$opt'\n";
+ } elsif ($opt eq 'ostype') {
+ next if $hotplug_error->($opt);
+ $conf->{$opt} = $value;
} else {
die "implement me: $opt";
}
write_config($vmid, $conf) if $running;
}
+ # Cleanup config:
+
+ # Remove unused disks after re-adding
+ foreach my $key (keys %$conf) {
+ next if $key !~ /^unused\d+/;
+ my $volid = $conf->{$key};
+ if ($used_volids->{$volid}) {
+ delete $conf->{$key};
+ }
+ }
+
+ # Apply deletions and creations of new volumes
if (@deleted_volumes) {
my $storage_cfg = PVE::Storage::config();
foreach my $volume (@deleted_volumes) {
+ next if $used_volids->{$volume}; # could have been re-added, too
+ # also check for references in snapshots
+ next if is_volume_in_use($conf, $volume, 1);
delete_mountpoint_volume($storage_cfg, $vmid, $volume);
}
}
next if $k eq 'lock';
next if $k eq 'digest';
next if $k eq 'description';
+ next if $k =~ m/^unused\d+$/;
$dest->{$k} = $source->{$k};
}
};
-my $snapshot_prepare = sub {
- my ($vmid, $snapname, $comment) = @_;
+my $snapshot_apply_config = sub {
+ my ($conf, $snap) = @_;
+
+ # copy snapshot list
+ my $newconf = {
+ snapshots => $conf->{snapshots},
+ };
+
+ # keep description and list of unused disks
+ foreach my $k (keys %$conf) {
+ next if !($k =~ m/^unused\d+$/ || $k eq 'description');
+ $newconf->{$k} = $conf->{$k};
+ }
+
+ &$snapshot_copy_config($snap, $newconf);
+
+ return $newconf;
+};
+
+sub snapshot_save_vmstate {
+ die "implement me - snapshot_save_vmstate\n";
+}
+
+sub snapshot_prepare {
+ my ($vmid, $snapname, $save_vmstate, $comment) = @_;
my $snap;
if defined($conf->{snapshots}->{$snapname});
my $storecfg = PVE::Storage::config();
- my $feature = $snapname eq 'vzdump' ? 'vzdump' : 'snapshot';
- die "snapshot feature is not available\n" if !has_feature($feature, $conf, $storecfg);
+ die "snapshot feature is not available\n"
+ if !has_feature('snapshot', $conf, $storecfg, undef, undef, $snapname eq 'vzdump');
$snap = $conf->{snapshots}->{$snapname} = {};
+ if ($save_vmstate && check_running($vmid)) {
+ snapshot_save_vmstate($vmid, $conf, $snapname, $storecfg);
+ }
+
&$snapshot_copy_config($conf, $snap);
- $snap->{'snapstate'} = "prepare";
- $snap->{'snaptime'} = time();
- $snap->{'description'} = $comment if $comment;
- $conf->{snapshots}->{$snapname} = $snap;
+ $snap->{snapstate} = "prepare";
+ $snap->{snaptime} = time();
+ $snap->{description} = $comment if $comment;
write_config($vmid, $conf);
};
- lock_container($vmid, 10, $updatefn);
+ lock_config($vmid, $updatefn);
return $snap;
-};
+}
-my $snapshot_commit = sub {
+sub snapshot_commit {
my ($vmid, $snapname) = @_;
my $updatefn = sub {
die "missing snapshot lock\n"
if !($conf->{lock} && $conf->{lock} eq 'snapshot');
- die "snapshot '$snapname' does not exist\n"
- if !defined($conf->{snapshots}->{$snapname});
+ my $snap = $conf->{snapshots}->{$snapname};
+ die "snapshot '$snapname' does not exist\n" if !defined($snap);
die "wrong snapshot state\n"
- if !($conf->{snapshots}->{$snapname}->{'snapstate'} &&
- $conf->{snapshots}->{$snapname}->{'snapstate'} eq "prepare");
+ if !($snap->{snapstate} && $snap->{snapstate} eq "prepare");
- delete $conf->{snapshots}->{$snapname}->{'snapstate'};
+ delete $snap->{snapstate};
delete $conf->{lock};
- $conf->{parent} = $snapname;
- write_config($vmid, $conf);
+ my $newconf = &$snapshot_apply_config($conf, $snap);
+
+ $newconf->{parent} = $snapname;
+
+ write_config($vmid, $newconf);
};
- lock_container($vmid, 10 ,$updatefn);
-};
+ lock_config($vmid, $updatefn);
+}
sub has_feature {
- my ($feature, $conf, $storecfg, $snapname) = @_;
+ my ($feature, $conf, $storecfg, $snapname, $running, $backup_only) = @_;
my $err;
- my $vzdump = $feature eq 'vzdump';
- $feature = 'snapshot' if $vzdump;
foreach_mountpoint($conf, sub {
my ($ms, $mountpoint) = @_;
return if $err; # skip further test
- return if $vzdump && $ms ne 'rootfs' && !$mountpoint->{backup};
+ return if $backup_only && $ms ne 'rootfs' && !$mountpoint->{backup};
- $err = 1 if !PVE::Storage::volume_has_feature($storecfg, $feature, $mountpoint->{volume}, $snapname);
-
- # TODO: implement support for mountpoints
- die "unable to handle mountpoint '$ms' - feature not implemented\n"
- if $ms ne 'rootfs';
+ $err = 1 if !PVE::Storage::volume_has_feature($storecfg, $feature, $mountpoint->{volume}, $snapname, $running);
});
return $err ? 0 : 1;
}
-sub snapshot_create {
- my ($vmid, $snapname, $comment) = @_;
+my $enter_namespace = sub {
+ my ($vmid, $pid, $which, $type) = @_;
+ sysopen my $fd, "/proc/$pid/ns/$which", O_RDONLY
+ or die "failed to open $which namespace of container $vmid: $!\n";
+ PVE::Tools::setns(fileno($fd), $type)
+ or die "failed to enter $which namespace of container $vmid: $!\n";
+ close $fd;
+};
- my $snap = &$snapshot_prepare($vmid, $snapname, $comment);
+my $do_syncfs = sub {
+ my ($vmid, $pid, $socket) = @_;
- my $conf = load_config($vmid);
+ &$enter_namespace($vmid, $pid, 'mnt', PVE::Tools::CLONE_NEWNS);
- my $running = check_running($vmid);
-
- my $unfreeze = 0;
-
- eval {
- if ($running) {
- PVE::Tools::run_command(['/usr/bin/lxc-freeze', '-n', $vmid]);
- $unfreeze = 1;
- PVE::Tools::run_command(['/bin/sync']);
- };
+ # Tell the parent process to start reading our /proc/mounts
+ print {$socket} "go\n";
+ $socket->flush();
- my $storecfg = PVE::Storage::config();
- my $rootinfo = parse_ct_rootfs($conf->{rootfs});
- my $volid = $rootinfo->{volume};
+ # Receive /proc/self/mounts
+ my $mountdata = do { local $/ = undef; <$socket> };
+ close $socket;
- PVE::Storage::volume_snapshot($storecfg, $volid, $snapname);
- &$snapshot_commit($vmid, $snapname);
- };
- my $err = $@;
-
- if ($unfreeze) {
- eval { PVE::Tools::run_command(['/usr/bin/lxc-unfreeze', '-n', $vmid]); };
+ # Now sync all mountpoints...
+ my $mounts = PVE::ProcFSTools::parse_mounts($mountdata);
+ foreach my $mp (@$mounts) {
+ my ($what, $dir, $fs) = @$mp;
+ next if $fs eq 'fuse.lxcfs';
+ eval { PVE::Tools::sync_mountpoint($dir); };
warn $@ if $@;
}
-
- if ($err) {
- snapshot_delete($vmid, $snapname, 1);
- die "$err\n";
+};
+
+sub sync_container_namespace {
+ my ($vmid) = @_;
+ my $pid = find_lxc_pid($vmid);
+
+ # SOCK_DGRAM is nicer for barriers but cannot be slurped
+ socketpair my $pfd, my $cfd, AF_UNIX, SOCK_STREAM, PF_UNSPEC
+ or die "failed to create socketpair: $!\n";
+
+ my $child = fork();
+ die "fork failed: $!\n" if !defined($child);
+
+ if (!$child) {
+ eval {
+ close $pfd;
+ &$do_syncfs($vmid, $pid, $cfd);
+ };
+ if (my $err = $@) {
+ warn $err;
+ POSIX::_exit(1);
+ }
+ POSIX::_exit(0);
}
+ close $cfd;
+ my $go = <$pfd>;
+ die "failed to enter container namespace\n" if $go ne "go\n";
+
+ open my $mounts, '<', "/proc/$child/mounts"
+ or die "failed to open container's /proc/mounts: $!\n";
+ my $mountdata = do { local $/ = undef; <$mounts> };
+ close $mounts;
+ print {$pfd} $mountdata;
+ close $pfd;
+
+ while (waitpid($child, 0) != $child) {}
+ die "failed to sync container namespace\n" if $? != 0;
}
-sub snapshot_delete {
- my ($vmid, $snapname, $force) = @_;
+sub check_freeze_needed {
+ my ($vmid, $config, $save_vmstate) = @_;
- my $snap;
+ my $ret = check_running($vmid);
+ return ($ret, $ret);
+}
- my $conf;
+sub snapshot_create {
+ my ($vmid, $snapname, $save_vmstate, $comment) = @_;
- my $updatefn = sub {
+ my $snap = snapshot_prepare($vmid, $snapname, $save_vmstate, $comment);
- $conf = load_config($vmid);
+ $save_vmstate = 0 if !$snap->{vmstate};
- die "you can't delete a snapshot if vm is a template\n"
- if is_template($conf);
+ my $conf = load_config($vmid);
- $snap = $conf->{snapshots}->{$snapname};
+ my ($running, $freezefs) = check_freeze_needed($vmid, $conf, $snap->{vmstate});
- check_lock($conf);
+ my $drivehash = {};
- die "snapshot '$snapname' does not exist\n" if !defined($snap);
+ eval {
+ if ($freezefs) {
+ PVE::Tools::run_command(['/usr/bin/lxc-freeze', '-n', $vmid]);
+ sync_container_namespace($vmid);
+ }
- $snap->{snapstate} = 'delete';
+ my $storecfg = PVE::Storage::config();
+ foreach_mountpoint($conf, sub {
+ my ($ms, $mountpoint) = @_;
- write_config($vmid, $conf);
+ return if $snapname eq 'vzdump' && $ms ne 'rootfs' && !$mountpoint->{backup};
+ PVE::Storage::volume_snapshot($storecfg, $mountpoint->{volume}, $snapname);
+ $drivehash->{$ms} = 1;
+ });
};
+ my $err = $@;
+
+ if ($running) {
+ if ($freezefs) {
+ eval { PVE::Tools::run_command(['/usr/bin/lxc-unfreeze', '-n', $vmid]); };
+ warn $@ if $@;
+ }
+ }
+
+ if ($err) {
+ warn "snapshot create failed: starting cleanup\n";
+ eval { snapshot_delete($vmid, $snapname, 1, $drivehash); };
+ warn "$@" if $@;
+ die "$err\n";
+ }
+
+ snapshot_commit($vmid, $snapname);
+}
- lock_container($vmid, 10, $updatefn);
+# Note: $drivehash is only set when called from snapshot_create.
+sub snapshot_delete {
+ my ($vmid, $snapname, $force, $drivehash) = @_;
- my $storecfg = PVE::Storage::config();
+ my $prepare = 1;
- my $unlink_parent = sub {
+ my $snap;
+ my $unused = [];
+ my $unlink_parent = sub {
my ($confref, $new_parent) = @_;
if ($confref->{parent} && $confref->{parent} eq $snapname) {
}
};
- my $del_snap = sub {
+ my $updatefn = sub {
+ my ($remove_drive) = @_;
- check_lock($conf);
+ my $conf = load_config($vmid);
- my $parent = $conf->{snapshots}->{$snapname}->{parent};
- foreach my $snapkey (keys %{$conf->{snapshots}}) {
- &$unlink_parent($conf->{snapshots}->{$snapkey}, $parent);
+ if (!$drivehash) {
+ check_lock($conf);
+ die "you can't delete a snapshot if vm is a template\n"
+ if is_template($conf);
}
- &$unlink_parent($conf, $parent);
+ $snap = $conf->{snapshots}->{$snapname};
+
+ die "snapshot '$snapname' does not exist\n" if !defined($snap);
- delete $conf->{snapshots}->{$snapname};
+ # remove parent refs
+ if (!$prepare) {
+ &$unlink_parent($conf, $snap->{parent});
+ foreach my $sn (keys %{$conf->{snapshots}}) {
+ next if $sn eq $snapname;
+ &$unlink_parent($conf->{snapshots}->{$sn}, $snap->{parent});
+ }
+ }
+
+ if ($remove_drive) {
+ if ($remove_drive eq 'vmstate') {
+ die "implement me - saving vmstate\n";
+ } else {
+ my $value = $snap->{$remove_drive};
+ my $mountpoint = $remove_drive eq 'rootfs' ? parse_ct_rootfs($value, 1) : parse_ct_mountpoint($value, 1);
+ delete $snap->{$remove_drive};
+ add_unused_volume($snap, $mountpoint->{volume})
+ if (!is_volume_in_use($snap, $mountpoint->{volume}));
+ }
+ }
+
+ if ($prepare) {
+ $snap->{snapstate} = 'delete';
+ } else {
+ delete $conf->{snapshots}->{$snapname};
+ delete $conf->{lock} if $drivehash;
+ foreach my $volid (@$unused) {
+ add_unused_volume($conf, $volid)
+ if (!is_volume_in_use($conf, $volid));
+ }
+ }
write_config($vmid, $conf);
};
- my $rootfs = $conf->{snapshots}->{$snapname}->{rootfs};
- my $rootinfo = parse_ct_rootfs($rootfs);
- my $volid = $rootinfo->{volume};
+ lock_config($vmid, $updatefn);
- eval {
- PVE::Storage::volume_snapshot_delete($storecfg, $volid, $snapname);
+ # now remove vmstate file
+ # never set for LXC!
+ my $storecfg = PVE::Storage::config();
+
+ if ($snap->{vmstate}) {
+ die "implement me - saving vmstate\n";
};
- my $err = $@;
- if(!$err || ($err && $force)) {
- lock_container($vmid, 10, $del_snap);
- if ($err) {
- die "Can't delete snapshot: $vmid $snapname $err\n";
+ # now remove all volume snapshots
+ foreach_mountpoint($snap, sub {
+ my ($ms, $mountpoint) = @_;
+
+ return if $snapname eq 'vzdump' && $ms ne 'rootfs' && !$mountpoint->{backup};
+ if (!$drivehash || $drivehash->{$ms}) {
+ eval { PVE::Storage::volume_snapshot_delete($storecfg, $mountpoint->{volume}, $snapname); };
+ if (my $err = $@) {
+ die $err if !$force;
+ warn $err;
+ }
}
- }
+
+ # save changes (remove mp from snapshot)
+ lock_config($vmid, $updatefn, $ms) if !$force;
+ push @$unused, $mountpoint->{volume};
+ });
+
+ # now cleanup config
+ $prepare = 0;
+ lock_config($vmid, $updatefn);
}
sub snapshot_rollback {
my ($vmid, $snapname) = @_;
+ my $prepare = 1;
+
my $storecfg = PVE::Storage::config();
my $conf = load_config($vmid);
- die "you can't rollback if vm is a template\n" if is_template($conf);
+ my $get_snapshot_config = sub {
- my $snap = $conf->{snapshots}->{$snapname};
+ die "you can't rollback if vm is a template\n" if is_template($conf);
- die "snapshot '$snapname' does not exist\n" if !defined($snap);
+ my $res = $conf->{snapshots}->{$snapname};
- my $rootfs = $snap->{rootfs};
- my $rootinfo = parse_ct_rootfs($rootfs);
- my $volid = $rootinfo->{volume};
+ die "snapshot '$snapname' does not exist\n" if !defined($res);
+
+ return $res;
+ };
+
+ my $snap = &$get_snapshot_config();
+
+ foreach_mountpoint($snap, sub {
+ my ($ms, $mountpoint) = @_;
- PVE::Storage::volume_rollback_is_possible($storecfg, $volid, $snapname);
+ PVE::Storage::volume_rollback_is_possible($storecfg, $mountpoint->{volume}, $snapname);
+ });
my $updatefn = sub {
- die "unable to rollback to incomplete snapshot (snapstate = $snap->{snapstate})\n"
- if $snap->{snapstate};
+ $conf = load_config($vmid);
- check_lock($conf);
+ $snap = &$get_snapshot_config();
- system("lxc-stop -n $vmid --kill") if check_running($vmid);
+ die "unable to rollback to incomplete snapshot (snapstate = $snap->{snapstate})\n"
+ if $snap->{snapstate};
+
+ if ($prepare) {
+ check_lock($conf);
+ PVE::Tools::run_command(['/usr/bin/lxc-stop', '-n', $vmid, '--kill'])
+ if check_running($vmid);
+ }
die "unable to rollback vm $vmid: vm is running\n"
if check_running($vmid);
- $conf->{lock} = 'rollback';
+ if ($prepare) {
+ $conf->{lock} = 'rollback';
+ } else {
+ die "got wrong lock\n" if !($conf->{lock} && $conf->{lock} eq 'rollback');
+ delete $conf->{lock};
+ }
my $forcemachine;
- # copy snapshot config to current config
-
- my $tmp_conf = $conf;
- &$snapshot_copy_config($tmp_conf->{snapshots}->{$snapname}, $conf);
- $conf->{snapshots} = $tmp_conf->{snapshots};
- delete $conf->{snaptime};
- delete $conf->{snapname};
- $conf->{parent} = $snapname;
+ if (!$prepare) {
+ # copy snapshot config to current config
+ $conf = &$snapshot_apply_config($conf, $snap);
+ $conf->{parent} = $snapname;
+ }
write_config($vmid, $conf);
- };
- my $unlockfn = sub {
- delete $conf->{lock};
- write_config($vmid, $conf);
+ if (!$prepare && $snap->{vmstate}) {
+ die "implement me - save vmstate\n";
+ }
};
- lock_container($vmid, 10, $updatefn);
+ lock_config($vmid, $updatefn);
- PVE::Storage::volume_snapshot_rollback($storecfg, $volid, $snapname);
+ foreach_mountpoint($snap, sub {
+ my ($ms, $mountpoint) = @_;
- lock_container($vmid, 5, $unlockfn);
+ PVE::Storage::volume_snapshot_rollback($storecfg, $mountpoint->{volume}, $snapname);
+ });
+
+ $prepare = 0;
+ lock_config($vmid, $updatefn);
}
sub template_create {
return $reverse ? reverse @names : @names;
}
-# The container might have *different* symlinks than the host. realpath/abs_path
-# use the actual filesystem to resolve links.
-sub sanitize_mountpoint {
- my ($mp) = @_;
- $mp = '/' . $mp; # we always start with a slash
- $mp =~ s@/{2,}@/@g; # collapse sequences of slashes
- $mp =~ s@/\./@@g; # collapse /./
- $mp =~ s@/\.(/)?$@$1@; # collapse a trailing /. or /./
- $mp =~ s@(.*)/[^/]+/\.\./@$1/@g; # collapse /../ without regard for symlinks
- $mp =~ s@/\.\.(/)?$@$1@; # collapse trailing /.. or /../ disregarding symlinks
- return $mp;
-}
sub foreach_mountpoint_full {
my ($conf, $reverse, $func) = @_;
my $mountpoint = $key eq 'rootfs' ? parse_ct_rootfs($value, 1) : parse_ct_mountpoint($value, 1);
next if !defined($mountpoint);
- $mountpoint->{mp} = sanitize_mountpoint($mountpoint->{mp});
-
- my $path = $mountpoint->{volume};
- $mountpoint->{volume} = sanitize_mountpoint($path) if $path =~ m|^/|;
-
&$func($key, $mountpoint);
}
}
}
sub check_ct_modify_config_perm {
- my ($rpcenv, $authuser, $vmid, $pool, $key_list) = @_;
-
- return 1 if $authuser ne 'root@pam';
+ my ($rpcenv, $authuser, $vmid, $pool, $newconf, $delete) = @_;
- foreach my $opt (@$key_list) {
+ return 1 if $authuser eq 'root@pam';
+ my $check = sub {
+ my ($opt, $delete) = @_;
if ($opt eq 'cpus' || $opt eq 'cpuunits' || $opt eq 'cpulimit') {
$rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.CPU']);
} elsif ($opt eq 'rootfs' || $opt =~ /^mp\d+$/) {
$rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.Disk']);
+ return if $delete;
+ my $data = $opt eq 'rootfs' ? parse_ct_rootfs($newconf->{$opt})
+ : parse_ct_mountpoint($newconf->{$opt});
+ raise_perm_exc("mountpoint type $data->{type}") if $data->{type} ne 'volume';
} elsif ($opt eq 'memory' || $opt eq 'swap') {
$rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.Memory']);
} elsif ($opt =~ m/^net\d+$/ || $opt eq 'nameserver' ||
} else {
$rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.Options']);
}
+ };
+
+ foreach my $opt (keys %$newconf) {
+ &$check($opt, 0);
+ }
+ foreach my $opt (@$delete) {
+ &$check($opt, 1);
}
return 1;
return $found;
}
+# Run a function with a file attached to a loop device.
+# The loop device is always detached afterwards (or set to autoclear).
+# Returns the loop device.
+sub run_with_loopdev {
+ my ($func, $file) = @_;
+ my $device;
+ my $parser = sub {
+ my $line = shift;
+ if ($line =~ m@^(/dev/loop\d+)$@) {
+ $device = $1;
+ }
+ };
+ PVE::Tools::run_command(['losetup', '--show', '-f', $file], outfunc => $parser);
+ die "failed to setup loop device for $file\n" if !$device;
+ eval { &$func($device); };
+ my $err = $@;
+ PVE::Tools::run_command(['losetup', '-d', $device]);
+ die $err if $err;
+ return $device;
+}
+
+sub bindmount {
+ my ($dir, $dest, $ro, @extra_opts) = @_;
+ PVE::Tools::run_command(['mount', '-o', 'bind', @extra_opts, $dir, $dest]);
+ if ($ro) {
+ eval { PVE::Tools::run_command(['mount', '-o', 'bind,remount,ro', $dest]); };
+ if (my $err = $@) {
+ warn "bindmount error\n";
+ # don't leave writable bind-mounts behind...
+ PVE::Tools::run_command(['umount', $dest]);
+ die $err;
+ }
+ }
+}
+
# use $rootdir = undef to just return the corresponding mount path
sub mountpoint_mount {
my ($mountpoint, $rootdir, $storage_cfg, $snapname) = @_;
my $volid = $mountpoint->{volume};
my $mount = $mountpoint->{mp};
my $type = $mountpoint->{type};
+ my $quota = !$snapname && !$mountpoint->{ro} && $mountpoint->{quota};
+ my $mounted_dev;
return if !$volid || !$mount;
if (defined($mountpoint->{acl})) {
$optstring .= ($mountpoint->{acl} ? 'acl' : 'noacl');
}
- if ($mountpoint->{ro}) {
- $optstring .= ',' if $optstring;
- $optstring .= 'ro';
- }
+ my $readonly = $mountpoint->{ro};
my @extra_opts = ('-o', $optstring);
die "cannot mount subvol snapshots for storage type '$scfg->{type}'\n";
}
} else {
- if ($mountpoint->{ro}) {
- die "read-only bind mounts not supported\n";
- }
- PVE::Tools::run_command(['mount', '-o', 'bind', @extra_opts, $path, $mount_path]);
+ bindmount($path, $mount_path, $readonly, @extra_opts);
+ warn "cannot enable quota control for bind mounted subvolumes\n" if $quota;
}
}
- return wantarray ? ($path, 0) : $path;
+ return wantarray ? ($path, 0, $mounted_dev) : $path;
} elsif ($format eq 'raw' || $format eq 'iso') {
+ my $domount = sub {
+ my ($path) = @_;
+ if ($mount_path) {
+ if ($format eq 'iso') {
+ PVE::Tools::run_command(['mount', '-o', 'ro', @extra_opts, $path, $mount_path]);
+ } elsif ($isBase || defined($snapname)) {
+ PVE::Tools::run_command(['mount', '-o', 'ro,noload', @extra_opts, $path, $mount_path]);
+ } else {
+ if ($quota) {
+ push @extra_opts, '-o', 'usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0';
+ }
+ push @extra_opts, '-o', 'ro' if $readonly;
+ PVE::Tools::run_command(['mount', @extra_opts, $path, $mount_path]);
+ }
+ }
+ };
my $use_loopdev = 0;
if ($scfg->{path}) {
- push @extra_opts, '-o', 'loop';
+ $mounted_dev = run_with_loopdev($domount, $path);
$use_loopdev = 1;
} elsif ($scfg->{type} eq 'drbd' || $scfg->{type} eq 'lvm' ||
$scfg->{type} eq 'rbd' || $scfg->{type} eq 'lvmthin') {
- # do nothing
+ $mounted_dev = $path;
+ &$domount($path);
} else {
die "unsupported storage type '$scfg->{type}'\n";
}
- if ($mount_path) {
- if ($format eq 'iso') {
- PVE::Tools::run_command(['mount', '-o', 'ro', @extra_opts, $path, $mount_path]);
- } elsif ($isBase || defined($snapname)) {
- PVE::Tools::run_command(['mount', '-o', 'ro,noload', @extra_opts, $path, $mount_path]);
- } else {
- PVE::Tools::run_command(['mount', @extra_opts, $path, $mount_path]);
- }
- }
- return wantarray ? ($path, $use_loopdev) : $path;
+ return wantarray ? ($path, $use_loopdev, $mounted_dev) : $path;
} else {
die "unsupported image format '$format'\n";
}
} elsif ($type eq 'device') {
+ push @extra_opts, '-o', 'ro' if $readonly;
PVE::Tools::run_command(['mount', @extra_opts, $volid, $mount_path]) if $mount_path;
- return wantarray ? ($volid, 0) : $volid;
+ return wantarray ? ($volid, 0, $volid) : $volid;
} elsif ($type eq 'bind') {
- if ($mountpoint->{ro}) {
- die "read-only bind mounts not supported\n";
- # Theoretically we'd have to execute both:
- # mount -o bind $a $b
- # mount -o bind,remount,ro $a $b
- }
die "directory '$volid' does not exist\n" if ! -d $volid;
&$check_mount_path($volid);
- PVE::Tools::run_command(['mount', '-o', 'bind', @extra_opts, $volid, $mount_path]) if $mount_path;
- return wantarray ? ($volid, 0) : $volid;
+ bindmount($volid, $mount_path, $readonly, @extra_opts) if $mount_path;
+ warn "cannot enable quota control for bind mounts\n" if $quota;
+ return wantarray ? ($volid, 0, undef) : $volid;
}
die "unsupported storage";