* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
-#include "config.h"
-
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE 1
+#endif
+#include <arpa/inet.h>
#include <ctype.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
-#include <arpa/inet.h>
#include "conf.h"
+#include "config.h"
#include "confile.h"
#include "confile_utils.h"
#include "error.h"
-#include "log.h"
#include "list.h"
+#include "log.h"
+#include "lxccontainer.h"
+#include "macro.h"
+#include "network.h"
#include "parse.h"
#include "utils.h"
-lxc_log_define(lxc_confile_utils, lxc);
+#ifndef HAVE_STRLCPY
+#include "include/strlcpy.h"
+#endif
+
+lxc_log_define(confile_utils, lxc);
int parse_idmaps(const char *idmap, char *type, unsigned long *nsid,
unsigned long *hostid, unsigned long *range)
goto on_error;
/* Validate type. */
- if (*slide != 'u' && *slide != 'g')
+ if (*slide != 'u' && *slide != 'g') {
+ ERROR("Invalid id mapping type: %c", *slide);
goto on_error;
+ }
+
/* Assign type. */
tmp_type = *slide;
if (slide == window)
goto on_error;
- /* Mark beginning of nsuid. */
+ /* Mark beginning of nsid. */
window = slide;
/* Validate that non-whitespace follows. */
slide += strcspn(slide, " \t\r");
/* There must be non-whitespace. */
if (slide == window || *slide == '\0')
goto on_error;
- /* Mark end of nsuid. */
+ /* Mark end of nsid. */
*slide = '\0';
- /* Parse nsuid. */
- if (lxc_safe_ulong(window, &tmp_nsid) < 0)
+ /* Parse nsid. */
+ if (lxc_safe_ulong(window, &tmp_nsid) < 0) {
+ ERROR("Failed to parse nsid: %s", window);
goto on_error;
+ }
/* Move beyond \0. */
slide++;
- /* align */
- window = slide;
/* Validate that only whitespace follows. */
slide += strspn(slide, " \t\r");
/* If there was only one whitespace then we whiped it with our \0 above.
/* There must be non-whitespace. */
if (slide == window || *slide == '\0')
goto on_error;
- /* Mark end of nsuid. */
+ /* Mark end of nsid. */
*slide = '\0';
/* Parse hostid. */
- if (lxc_safe_ulong(window, &tmp_hostid) < 0)
+ if (lxc_safe_ulong(window, &tmp_hostid) < 0) {
+ ERROR("Failed to parse hostid: %s", window);
goto on_error;
+ }
/* Move beyond \0. */
slide++;
- /* align */
- window = slide;
/* Validate that only whitespace follows. */
slide += strspn(slide, " \t\r");
/* If there was only one whitespace then we whiped it with our \0 above.
goto on_error;
/* The range is the last valid entry we expect. So make sure that there
- * is not trailing garbage and if there is, error out.
+ * is no trailing garbage and if there is, error out.
*/
if (*(slide + strspn(slide, " \t\r\n")) != '\0')
goto on_error;
+
/* Mark end of range. */
*slide = '\0';
/* Parse range. */
- if (lxc_safe_ulong(window, &tmp_range) < 0)
+ if (lxc_safe_ulong(window, &tmp_range) < 0) {
+ ERROR("Failed to parse id mapping range: %s", window);
goto on_error;
+ }
*type = tmp_type;
*nsid = tmp_nsid;
lxc_list_add_tail(networks, newlist);
else
lxc_list_add(networks, newlist);
+
return netdev;
}
netdev = it->elem;
TRACE("index: %zd", netdev->idx);
+ TRACE("ifindex: %d", netdev->ifindex);
+
switch (netdev->type) {
case LXC_NET_VETH:
TRACE("type: veth");
- if (netdev->priv.veth_attr.pair)
+
+ if (netdev->priv.veth_attr.pair[0] != '\0')
TRACE("veth pair: %s",
netdev->priv.veth_attr.pair);
+
+ if (netdev->priv.veth_attr.veth1[0] != '\0')
+ TRACE("veth1 : %s",
+ netdev->priv.veth_attr.veth1);
+
+ if (netdev->priv.veth_attr.ifindex > 0)
+ TRACE("host side ifindex for veth device: %d",
+ netdev->priv.veth_attr.ifindex);
break;
case LXC_NET_MACVLAN:
TRACE("type: macvlan");
+
if (netdev->priv.macvlan_attr.mode > 0) {
- char *macvlan_mode;
- macvlan_mode = lxc_macvlan_flag_to_mode(
+ char *mode;
+
+ mode = lxc_macvlan_flag_to_mode(
netdev->priv.macvlan_attr.mode);
TRACE("macvlan mode: %s",
- macvlan_mode ? macvlan_mode
- : "(invalid mode)");
+ mode ? mode : "(invalid mode)");
}
break;
case LXC_NET_VLAN:
break;
case LXC_NET_PHYS:
TRACE("type: phys");
+
+ if (netdev->priv.phys_attr.ifindex > 0)
+ TRACE("host side ifindex for phys device: %d",
+ netdev->priv.phys_attr.ifindex);
break;
case LXC_NET_EMPTY:
TRACE("type: empty");
if (netdev->type != LXC_NET_EMPTY) {
TRACE("flags: %s",
netdev->flags == IFF_UP ? "up" : "none");
- if (netdev->link)
+
+ if (netdev->link[0] != '\0')
TRACE("link: %s", netdev->link);
- if (netdev->name)
+
+ if (netdev->name[0] != '\0')
TRACE("name: %s", netdev->name);
+
if (netdev->hwaddr)
TRACE("hwaddr: %s", netdev->hwaddr);
+
if (netdev->mtu)
TRACE("mtu: %s", netdev->mtu);
+
if (netdev->upscript)
TRACE("upscript: %s", netdev->upscript);
+
if (netdev->downscript)
TRACE("downscript: %s", netdev->downscript);
TRACE("ipv6 gateway auto: %s",
netdev->ipv6_gateway_auto ? "true" : "false");
+
if (netdev->ipv6_gateway) {
inet_ntop(AF_INET6, netdev->ipv6_gateway,
bufinet6, sizeof(bufinet6));
TRACE("ipv6 gateway: %s", bufinet6);
}
+
lxc_list_for_each_safe(cur, &netdev->ipv6, next) {
inet6dev = cur->elem;
inet_ntop(AF_INET6, &inet6dev->addr, bufinet6,
{
struct lxc_list *cur, *next;
- free(netdev->link);
- free(netdev->name);
- if (netdev->type == LXC_NET_VETH)
- free(netdev->priv.veth_attr.pair);
free(netdev->upscript);
free(netdev->downscript);
free(netdev->hwaddr);
lxc_list_init(networks);
}
-static struct macvlan_mode {
+static struct lxc_macvlan_mode {
char *name;
int mode;
} macvlan_mode[] = {
new_value = strdup(value);
if (!new_value) {
- SYSERROR("failed to duplicate string \"%s\"", value);
+ SYSERROR("Failed to duplicate string \"%s\"", value);
return -1;
}
{
if (IN_CLASSA(addr->s_addr))
return 32 - IN_CLASSA_NSHIFT;
+
if (IN_CLASSB(addr->s_addr))
return 32 - IN_CLASSB_NSHIFT;
+
if (IN_CLASSC(addr->s_addr))
return 32 - IN_CLASSC_NSHIFT;
return 0;
}
-int network_ifname(char **valuep, const char *value)
+int network_ifname(char *valuep, const char *value, size_t size)
{
- return set_config_string_item_max(valuep, value, IFNAMSIZ);
+ size_t retlen;
+
+ if (!valuep || !value)
+ return -1;
+
+ retlen = strlcpy(valuep, value, size);
+ if (retlen >= size)
+ ERROR("Network device name \"%s\" is too long (>= %zu)", value,
+ size);
+
+ return 0;
}
-int rand_complete_hwaddr(char *hwaddr)
+void rand_complete_hwaddr(char *hwaddr)
{
const char hex[] = "0123456789abcdef";
char *curs = hwaddr;
-
-#ifndef HAVE_RAND_R
- randseed(true);
-#else
+#ifdef HAVE_RAND_R
unsigned int seed;
seed = randseed(false);
+#else
+
+ (void)randseed(true);
#endif
+
while (*curs != '\0' && *curs != '\n') {
if (*curs == 'x' || *curs == 'X') {
if (curs - hwaddr == 1) {
}
curs++;
}
- return 0;
}
bool lxc_config_net_hwaddr(const char *line)
{
- char *copy, *p;
+ unsigned index;
+ char tmp[7];
if (strncmp(line, "lxc.net", 7) != 0)
return false;
- if (strncmp(line, "lxc.network.hwaddr", 18) == 0)
- return true;
- /* We have to dup the line, if line is something like
- * "lxc.net.[i].xxx = xxxxx ", we need to remove
- * '[i]' and compare its key with 'lxc.net.hwaddr'*/
- copy = strdup(line);
- if (!copy) {
- SYSERROR("failed to allocate memory");
- return false;
- }
- if (*(copy + 8) >= '0' && *(copy + 8) <= '9') {
- p = strchr(copy + 8, '.');
- if (!p) {
- free(copy);
- return false;
- }
- /* strlen("hwaddr") = 6 */
- strncpy(copy + 8, p + 1, 6);
- copy[8 + 6] = '\0';
- }
- if (strncmp(copy, "lxc.net.hwaddr", 14) == 0) {
- free(copy);
+ if (strncmp(line, "lxc.net.hwaddr", 14) == 0)
return true;
- }
- free(copy);
-
- /* We have to dup the line second time, if line is something like
- * "lxc.network.[i].xxx = xxxxx ", we need to remove
- * '[i]' and compare its key with 'lxc.network.hwaddr'*/
- copy = strdup(line);
- if (!copy) {
- SYSERROR("failed to allocate memory");
- return false;
- }
- if (*(copy + 12) >= '0' && *(copy + 12) <= '9') {
- p = strchr(copy + 12, '.');
- if (!p) {
- free(copy);
- return false;
- }
- /* strlen("hwaddr") = 6 */
- strncpy(copy + 12, p + 1, 6);
- copy[12 + 6] = '\0';
- }
- if (strncmp(copy, "lxc.network.hwaddr", 18) == 0) {
- free(copy);
+
+ if (strncmp(line, "lxc.network.hwaddr", 18) == 0)
return true;
- }
- free(copy);
+ if (sscanf(line, "lxc.net.%u.%6s", &index, tmp) == 2 ||
+ sscanf(line, "lxc.network.%u.%6s", &index, tmp) == 2)
+ return strncmp(tmp, "hwaddr", 6) == 0;
+
return false;
}
bool new_hwaddr(char *hwaddr)
{
int ret;
+#ifdef HAVE_RAND_R
+ unsigned int seed;
+
+ seed = randseed(false);
+
+ ret = snprintf(hwaddr, 18, "00:16:3e:%02x:%02x:%02x", rand_r(&seed) % 255,
+ rand_r(&seed) % 255, rand_r(&seed) % 255);
+#else
(void)randseed(true);
ret = snprintf(hwaddr, 18, "00:16:3e:%02x:%02x:%02x", rand() % 255,
rand() % 255, rand() % 255);
+#endif
if (ret < 0 || ret >= 18) {
- SYSERROR("Failed to call snprintf().");
+ SYSERROR("Failed to call snprintf()");
return false;
}
int lxc_get_conf_str(char *retv, int inlen, const char *value)
{
+ size_t value_len;
+
if (!value)
return 0;
- if (retv && inlen >= strlen(value) + 1)
- strncpy(retv, value, strlen(value) + 1);
- return strlen(value);
+ value_len = strlen(value);
+ if (retv && inlen >= value_len + 1)
+ memcpy(retv, value, value_len + 1);
+
+ return value_len;
+}
+
+int lxc_get_conf_bool(struct lxc_conf *c, char *retv, int inlen, bool v)
+{
+ int len;
+ int fulllen = 0;
+
+ if (!retv)
+ inlen = 0;
+ else
+ memset(retv, 0, inlen);
+
+ strprint(retv, inlen, "%d", v);
+
+ return fulllen;
}
int lxc_get_conf_int(struct lxc_conf *c, char *retv, int inlen, int v)
{
+ int len;
+ int fulllen = 0;
+
+ if (!retv)
+ inlen = 0;
+ else
+ memset(retv, 0, inlen);
+
+ strprint(retv, inlen, "%d", v);
+
+ return fulllen;
+}
+
+int lxc_get_conf_size_t(struct lxc_conf *c, char *retv, int inlen, size_t v)
+{
+ int len;
+ int fulllen = 0;
+
+ if (!retv)
+ inlen = 0;
+ else
+ memset(retv, 0, inlen);
+
+ strprint(retv, inlen, "%zu", v);
+
+ return fulllen;
+}
+
+int lxc_get_conf_uint64(struct lxc_conf *c, char *retv, int inlen, uint64_t v)
+{
+ int len;
+ int fulllen = 0;
+
if (!retv)
inlen = 0;
else
memset(retv, 0, inlen);
- return snprintf(retv, inlen, "%d", v);
+ strprint(retv, inlen, "%"PRIu64, v);
+
+ return fulllen;
+}
+
+bool parse_limit_value(const char **value, rlim_t *res)
+{
+ char *endptr = NULL;
+
+ if (strncmp(*value, "unlimited", STRLITERALLEN("unlimited")) == 0) {
+ *res = RLIM_INFINITY;
+ *value += STRLITERALLEN("unlimited");
+ return true;
+ }
+
+ errno = 0;
+ *res = strtoull(*value, &endptr, 10);
+ if (errno || !endptr)
+ return false;
+
+ *value = endptr;
+
+ return true;
+}
+
+static int lxc_container_name_to_pid(const char *lxcname_or_pid,
+ const char *lxcpath)
+{
+ int ret;
+ signed long int pid;
+ char *err = NULL;
+
+ pid = strtol(lxcname_or_pid, &err, 10);
+ if (*err != '\0' || pid < 1) {
+ struct lxc_container *c;
+
+ c = lxc_container_new(lxcname_or_pid, lxcpath);
+ if (!c) {
+ ERROR("\"%s\" is not a valid pid nor a container name",
+ lxcname_or_pid);
+ return -1;
+ }
+
+ if (!c->may_control(c)) {
+ ERROR("Insufficient privileges to control container "
+ "\"%s\"", c->name);
+ lxc_container_put(c);
+ return -1;
+ }
+
+ pid = c->init_pid(c);
+ if (pid < 1) {
+ ERROR("Container \"%s\" is not running", c->name);
+ lxc_container_put(c);
+ return -1;
+ }
+
+ lxc_container_put(c);
+ }
+
+ ret = kill(pid, 0);
+ if (ret < 0) {
+ SYSERROR("Failed to send signal to pid %d", (int)pid);
+ return -1;
+ }
+
+ return pid;
+}
+
+int lxc_inherit_namespace(const char *lxcname_or_pid, const char *lxcpath,
+ const char *namespace)
+{
+ int fd, pid;
+ char *dup, *lastslash;
+
+ lastslash = strrchr(lxcname_or_pid, '/');
+ if (lastslash) {
+ dup = strdup(lxcname_or_pid);
+ if (!dup)
+ return -1;
+
+ dup[lastslash - lxcname_or_pid] = '\0';
+ pid = lxc_container_name_to_pid(lastslash + 1, dup);
+ free(dup);
+ } else {
+ pid = lxc_container_name_to_pid(lxcname_or_pid, lxcpath);
+ }
+
+ if (pid < 0)
+ return -1;
+
+ fd = lxc_preserve_ns(pid, namespace);
+ if (fd < 0)
+ return -1;
+
+ return fd;
+}
+
+struct signame {
+ int num;
+ const char *name;
+};
+
+static const struct signame signames[] = {
+ { SIGHUP, "HUP" },
+ { SIGINT, "INT" },
+ { SIGQUIT, "QUIT" },
+ { SIGILL, "ILL" },
+ { SIGABRT, "ABRT" },
+ { SIGFPE, "FPE" },
+ { SIGKILL, "KILL" },
+ { SIGSEGV, "SEGV" },
+ { SIGPIPE, "PIPE" },
+ { SIGALRM, "ALRM" },
+ { SIGTERM, "TERM" },
+ { SIGUSR1, "USR1" },
+ { SIGUSR2, "USR2" },
+ { SIGCHLD, "CHLD" },
+ { SIGCONT, "CONT" },
+ { SIGSTOP, "STOP" },
+ { SIGTSTP, "TSTP" },
+ { SIGTTIN, "TTIN" },
+ { SIGTTOU, "TTOU" },
+#ifdef SIGTRAP
+ { SIGTRAP, "TRAP" },
+#endif
+#ifdef SIGIOT
+ { SIGIOT, "IOT" },
+#endif
+#ifdef SIGEMT
+ { SIGEMT, "EMT" },
+#endif
+#ifdef SIGBUS
+ { SIGBUS, "BUS" },
+#endif
+#ifdef SIGSTKFLT
+ { SIGSTKFLT, "STKFLT" },
+#endif
+#ifdef SIGCLD
+ { SIGCLD, "CLD" },
+#endif
+#ifdef SIGURG
+ { SIGURG, "URG" },
+#endif
+#ifdef SIGXCPU
+ { SIGXCPU, "XCPU" },
+#endif
+#ifdef SIGXFSZ
+ { SIGXFSZ, "XFSZ" },
+#endif
+#ifdef SIGVTALRM
+ { SIGVTALRM, "VTALRM" },
+#endif
+#ifdef SIGPROF
+ { SIGPROF, "PROF" },
+#endif
+#ifdef SIGWINCH
+ { SIGWINCH, "WINCH" },
+#endif
+#ifdef SIGIO
+ { SIGIO, "IO" },
+#endif
+#ifdef SIGPOLL
+ { SIGPOLL, "POLL" },
+#endif
+#ifdef SIGINFO
+ { SIGINFO, "INFO" },
+#endif
+#ifdef SIGLOST
+ { SIGLOST, "LOST" },
+#endif
+#ifdef SIGPWR
+ { SIGPWR, "PWR" },
+#endif
+#ifdef SIGUNUSED
+ { SIGUNUSED, "UNUSED" },
+#endif
+#ifdef SIGSYS
+ { SIGSYS, "SYS" },
+#endif
+};
+
+static int sig_num(const char *sig)
+{
+ unsigned int signum;
+
+ if (lxc_safe_uint(sig, &signum) < 0)
+ return -1;
+
+ return signum;
+}
+
+static int rt_sig_num(const char *signame)
+{
+ int rtmax = 0, sig_n = 0;
+
+ if (strncasecmp(signame, "max-", 4) == 0)
+ rtmax = 1;
+
+ signame += 4;
+ if (!isdigit(*signame))
+ return -1;
+
+ sig_n = sig_num(signame);
+ sig_n = rtmax ? SIGRTMAX - sig_n : SIGRTMIN + sig_n;
+ if (sig_n > SIGRTMAX || sig_n < SIGRTMIN)
+ return -1;
+
+ return sig_n;
+}
+
+int sig_parse(const char *signame)
+{
+ size_t n;
+
+ if (isdigit(*signame)) {
+ return sig_num(signame);
+ } else if (strncasecmp(signame, "sig", 3) == 0) {
+ signame += 3;
+ if (strncasecmp(signame, "rt", 2) == 0)
+ return rt_sig_num(signame + 2);
+
+ for (n = 0; n < sizeof(signames) / sizeof((signames)[0]); n++)
+ if (strcasecmp(signames[n].name, signame) == 0)
+ return signames[n].num;
+ }
+
+ return -1;
}