git.proxmox.com Git - mirror_iproute2.git/commit

author	Matteo Croce <mcroce@redhat.com>
	Tue, 18 Jun 2019 14:49:33 +0000 (16:49 +0200)
committer	Stephen Hemminger <stephen@networkplumber.org>
	Thu, 20 Jun 2019 21:30:41 +0000 (14:30 -0700)
commit	903818fbf9c73dd71793e5829775d2ccc1775af5
tree	c6e755639eb4a53c25d5267c230c076c8b97bd4b	tree
parent	b16f52532335771d6b6b7a36fba43afaf394179f	commit \| diff

netns: switch netns in the child when executing commands

'ip netns exec' changes the current netns just before executing a child
process, and restores it after forking. This is needed if we're running
in batch or do_all mode.
Some cleanups must be done both in the parent and in the child: the
parent must restore the previous netns, while the child must reset any
VRF association.
Unfortunately, if do_all is set, the VRF are not reset in the child, and
the spawned processes are started with the wrong VRF context. This can
be triggered with this script:

# ip -b - <<-'EOF'
link add type vrf table 100
link set vrf0 up
link add type dummy
link set dummy0 vrf vrf0 up
netns add ns1
EOF
# ip -all -b - <<-'EOF'
vrf exec vrf0 true
netns exec setsid -f sleep 1h
EOF
# ip vrf pids vrf0
  314  sleep
# ps 314
  PID TTY      STAT   TIME COMMAND
  314 ?        Ss     0:00 sleep 1h

Refactor cmd_exec() and pass to it a function pointer which is called in
the child before the final exec. In the netns exec case the function just
resets the VRF and switches netns.

Doing it in the child is less error prone and safer, because the parent
environment is always kept unaltered.

After this refactor some utility functions became unused, so remove them.

Signed-off-by: Matteo Croce <mcroce@redhat.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

include/utils.h		diff \| blob \| blame \| history
ip/ipnetns.c		diff \| blob \| blame \| history
ip/ipvrf.c		diff \| blob \| blame \| history
lib/exec.c		diff \| blob \| blame \| history
lib/utils.c		diff \| blob \| blame \| history