]>
Commit | Line | Data |
---|---|---|
1 | /* | |
2 | * | |
3 | * Copyright © 2015 Christian Brauner <christian.brauner@mailbox.org>. | |
4 | * | |
5 | * This program is free software; you can redistribute it and/or modify | |
6 | * it under the terms of the GNU General Public License version 2, as | |
7 | * published by the Free Software Foundation. | |
8 | * | |
9 | * This program is distributed in the hope that it will be useful, | |
10 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
12 | * GNU General Public License for more details. | |
13 | * | |
14 | * You should have received a copy of the GNU General Public License along | |
15 | * with this program; if not, write to the Free Software Foundation, Inc., | |
16 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | |
17 | */ | |
18 | ||
19 | #ifndef _GNU_SOURCE | |
20 | #define _GNU_SOURCE 1 | |
21 | #endif | |
22 | #include <errno.h> | |
23 | #include <fcntl.h> | |
24 | #include <getopt.h> | |
25 | #include <signal.h> | |
26 | #include <stdbool.h> | |
27 | #include <stdint.h> | |
28 | #include <stdio.h> | |
29 | #include <stdlib.h> | |
30 | #include <string.h> | |
31 | #include <sys/stat.h> | |
32 | #include <sys/types.h> | |
33 | #include <sys/wait.h> | |
34 | #include <time.h> | |
35 | #include <unistd.h> | |
36 | ||
37 | #include <lxc/lxccontainer.h> | |
38 | ||
39 | #include "arguments.h" | |
40 | #include "config.h" | |
41 | #include "log.h" | |
42 | #include "storage_utils.h" | |
43 | #include "utils.h" | |
44 | ||
45 | #ifndef HAVE_GETSUBOPT | |
46 | #include "include/getsubopt.h" | |
47 | #endif | |
48 | ||
49 | lxc_log_define(lxc_copy, lxc); | |
50 | ||
51 | enum mnttype { | |
52 | LXC_MNT_BIND, | |
53 | LXC_MNT_OVL, | |
54 | }; | |
55 | ||
56 | struct mnts { | |
57 | enum mnttype mnt_type; | |
58 | char *src; | |
59 | char *dest; | |
60 | char *options; | |
61 | char *upper; | |
62 | char *workdir; | |
63 | char *lower; | |
64 | }; | |
65 | ||
66 | static unsigned int mnt_table_size = 0; | |
67 | static struct mnts *mnt_table = NULL; | |
68 | ||
69 | static int my_parser(struct lxc_arguments *args, int c, char *arg); | |
70 | ||
71 | static const struct option my_longopts[] = { | |
72 | { "newname", required_argument, 0, 'N'}, | |
73 | { "newpath", required_argument, 0, 'p'}, | |
74 | { "rename", no_argument, 0, 'R'}, | |
75 | { "snapshot", no_argument, 0, 's'}, | |
76 | { "foreground", no_argument, 0, 'F'}, | |
77 | { "daemon", no_argument, 0, 'd'}, | |
78 | { "ephemeral", no_argument, 0, 'e'}, | |
79 | { "mount", required_argument, 0, 'm'}, | |
80 | { "backingstorage", required_argument, 0, 'B'}, | |
81 | { "fssize", required_argument, 0, 'L'}, | |
82 | { "keepdata", no_argument, 0, 'D'}, | |
83 | { "keepname", no_argument, 0, 'K'}, | |
84 | { "keepmac", no_argument, 0, 'M'}, | |
85 | { "tmpfs", no_argument, 0, 't'}, | |
86 | LXC_COMMON_OPTIONS | |
87 | }; | |
88 | ||
89 | /* mount keys */ | |
90 | static char *const mount_keys[] = { | |
91 | [LXC_MNT_BIND] = "bind", | |
92 | [LXC_MNT_OVL] = "overlay", | |
93 | NULL | |
94 | }; | |
95 | ||
96 | static struct lxc_arguments my_args = { | |
97 | .progname = "lxc-copy", | |
98 | .help = "\n\ | |
99 | --name=NAME [-P lxcpath] -N newname [-p newpath] [-B backingstorage] [-s] [-K] [-M] [-L size [unit]] -- hook options\n\ | |
100 | --name=NAME [-P lxcpath] [-N newname] [-p newpath] [-B backingstorage] -e [-d] [-D] [-K] [-M] [-m {bind,overlay}=/src:/dest] -- hook options\n\ | |
101 | --name=NAME [-P lxcpath] -N newname -R\n\ | |
102 | \n\ | |
103 | lxc-copy clone a container\n\ | |
104 | \n\ | |
105 | Options :\n\ | |
106 | -n, --name=NAME NAME of the container\n\ | |
107 | -N, --newname=NEWNAME NEWNAME for the restored container\n\ | |
108 | -p, --newpath=NEWPATH NEWPATH for the container to be stored\n\ | |
109 | -R, --rename rename container\n\ | |
110 | -s, --snapshot create snapshot instead of clone\n\ | |
111 | -F, --foreground start with current tty attached to /dev/console\n\ | |
112 | -d, --daemon daemonize the container (default)\n\ | |
113 | -e, --ephemeral start ephemeral container\n\ | |
114 | -m, --mount directory to mount into container, either \n\ | |
115 | {bind,overlay}=/src-path or {bind,overlay}=/src-path:/dst-path\n\ | |
116 | -B, --backingstorage=TYPE backingstorage type for the container\n\ | |
117 | -t, --tmpfs place ephemeral container on a tmpfs\n\ | |
118 | (WARNING: On reboot all changes made to the container will be lost.)\n\ | |
119 | -L, --fssize size of the new block device for block device containers\n\ | |
120 | -D, --keepdata pass together with -e start a persistent snapshot \n\ | |
121 | -K, --keepname keep the hostname of the original container\n\ | |
122 | -- hook options arguments passed to the hook program\n\ | |
123 | -M, --keepmac keep the MAC address of the original container\n\ | |
124 | --rcfile=FILE Load configuration file FILE\n", | |
125 | .options = my_longopts, | |
126 | .parser = my_parser, | |
127 | .task = CLONE, | |
128 | .daemonize = 1, | |
129 | .quiet = false, | |
130 | .tmpfs = false, | |
131 | }; | |
132 | ||
133 | static struct mnts *add_mnt(struct mnts **mnts, unsigned int *num, | |
134 | enum mnttype type); | |
135 | static int mk_rand_ovl_dirs(struct mnts *mnts, unsigned int num, | |
136 | struct lxc_arguments *arg); | |
137 | static char *construct_path(char *path, bool as_prefix); | |
138 | static char *set_mnt_entry(struct mnts *m); | |
139 | static int do_clone(struct lxc_container *c, char *newname, char *newpath, | |
140 | int flags, char *bdevtype, uint64_t fssize, enum task task, | |
141 | char **args); | |
142 | static int do_clone_ephemeral(struct lxc_container *c, | |
143 | struct lxc_arguments *arg, char **args, | |
144 | int flags); | |
145 | static int do_clone_rename(struct lxc_container *c, char *newname); | |
146 | static int do_clone_task(struct lxc_container *c, enum task task, int flags, | |
147 | char **args); | |
148 | static void free_mnts(void); | |
149 | ||
150 | /* Place an ephemeral container started with -e flag on a tmpfs. Restrictions | |
151 | * are that you cannot request the data to be kept while placing the container | |
152 | * on a tmpfs and that either overlay storage driver must be used. | |
153 | */ | |
154 | static char *mount_tmpfs(const char *oldname, const char *newname, | |
155 | const char *path, struct lxc_arguments *arg); | |
156 | static int parse_mntsubopts(char *subopts, char *const *keys, | |
157 | char *mntparameters); | |
158 | static int parse_bind_mnt(char *mntstring, enum mnttype type); | |
159 | static int parse_ovl_mnt(char *mntstring, enum mnttype type); | |
160 | ||
161 | int main(int argc, char *argv[]) | |
162 | { | |
163 | struct lxc_container *c; | |
164 | struct lxc_log log; | |
165 | int flags = 0; | |
166 | int ret = EXIT_FAILURE; | |
167 | ||
168 | if (lxc_arguments_parse(&my_args, argc, argv)) | |
169 | exit(ret); | |
170 | ||
171 | /* Only create log if explicitly instructed */ | |
172 | if (my_args.log_file || my_args.log_priority) { | |
173 | log.name = my_args.name; | |
174 | log.file = my_args.log_file; | |
175 | log.level = my_args.log_priority; | |
176 | log.prefix = my_args.progname; | |
177 | log.quiet = my_args.quiet; | |
178 | log.lxcpath = my_args.lxcpath[0]; | |
179 | ||
180 | if (lxc_log_init(&log)) | |
181 | exit(ret); | |
182 | } | |
183 | ||
184 | if (geteuid()) { | |
185 | if (access(my_args.lxcpath[0], O_RDONLY) < 0) { | |
186 | ERROR("You lack access to %s", my_args.lxcpath[0]); | |
187 | exit(ret); | |
188 | } | |
189 | } | |
190 | ||
191 | if (!my_args.newname && !(my_args.task == DESTROY)) { | |
192 | ERROR("You must provide a NEWNAME for the clone"); | |
193 | exit(ret); | |
194 | } | |
195 | ||
196 | if (my_args.task == SNAP || my_args.task == DESTROY) | |
197 | flags |= LXC_CLONE_SNAPSHOT; | |
198 | ||
199 | if (my_args.keepname) | |
200 | flags |= LXC_CLONE_KEEPNAME; | |
201 | ||
202 | if (my_args.keepmac) | |
203 | flags |= LXC_CLONE_KEEPMACADDR; | |
204 | ||
205 | if (!my_args.newpath) | |
206 | my_args.newpath = (char *)my_args.lxcpath[0]; | |
207 | ||
208 | c = lxc_container_new(my_args.name, my_args.lxcpath[0]); | |
209 | if (!c) | |
210 | exit(ret); | |
211 | ||
212 | if (my_args.rcfile) { | |
213 | c->clear_config(c); | |
214 | ||
215 | if (!c->load_config(c, my_args.rcfile)) { | |
216 | ERROR("Failed to load rcfile"); | |
217 | goto out; | |
218 | } | |
219 | ||
220 | c->configfile = strdup(my_args.rcfile); | |
221 | if (!c->configfile) { | |
222 | ERROR("Out of memory setting new config filename"); | |
223 | goto out; | |
224 | } | |
225 | } | |
226 | ||
227 | if (!c->may_control(c)) { | |
228 | ERROR("Insufficent privileges to control %s", c->name); | |
229 | goto out; | |
230 | } | |
231 | ||
232 | if (!c->is_defined(c)) { | |
233 | ERROR("Container %s is not defined", c->name); | |
234 | goto out; | |
235 | } | |
236 | ||
237 | ret = do_clone_task(c, my_args.task, flags, &argv[optind]); | |
238 | ||
239 | out: | |
240 | lxc_container_put(c); | |
241 | ||
242 | if (ret == 0) | |
243 | exit(EXIT_SUCCESS); | |
244 | exit(EXIT_FAILURE); | |
245 | } | |
246 | ||
247 | static struct mnts *add_mnt(struct mnts **mnts, unsigned int *num, enum mnttype type) | |
248 | { | |
249 | struct mnts *m, *n; | |
250 | ||
251 | n = realloc(*mnts, (*num + 1) * sizeof(struct mnts)); | |
252 | if (!n) | |
253 | return NULL; | |
254 | ||
255 | *mnts = n; | |
256 | m = *mnts + *num; | |
257 | (*num)++; | |
258 | ||
259 | *m = (struct mnts) {.mnt_type = type}; | |
260 | ||
261 | return m; | |
262 | } | |
263 | ||
264 | static int mk_rand_ovl_dirs(struct mnts *mnts, unsigned int num, struct lxc_arguments *arg) | |
265 | { | |
266 | char upperdir[PATH_MAX]; | |
267 | char workdir[PATH_MAX]; | |
268 | unsigned int i; | |
269 | int ret; | |
270 | struct mnts *m = NULL; | |
271 | ||
272 | for (i = 0, m = mnts; i < num; i++, m++) { | |
273 | if (m->mnt_type == LXC_MNT_OVL) { | |
274 | ret = snprintf(upperdir, PATH_MAX, "%s/%s/delta#XXXXXX", | |
275 | arg->newpath, arg->newname); | |
276 | if (ret < 0 || ret >= PATH_MAX) | |
277 | return -1; | |
278 | ||
279 | if (!mkdtemp(upperdir)) | |
280 | return -1; | |
281 | ||
282 | m->upper = strdup(upperdir); | |
283 | if (!m->upper) | |
284 | return -1; | |
285 | } | |
286 | ||
287 | if (m->mnt_type == LXC_MNT_OVL) { | |
288 | ret = snprintf(workdir, PATH_MAX, "%s/%s/work#XXXXXX", | |
289 | arg->newpath, arg->newname); | |
290 | if (ret < 0 || ret >= PATH_MAX) | |
291 | return -1; | |
292 | ||
293 | if (!mkdtemp(workdir)) | |
294 | return -1; | |
295 | ||
296 | m->workdir = strdup(workdir); | |
297 | if (!m->workdir) | |
298 | return -1; | |
299 | } | |
300 | } | |
301 | ||
302 | return 0; | |
303 | } | |
304 | ||
305 | static char *construct_path(char *path, bool as_prefix) | |
306 | { | |
307 | char **components = NULL; | |
308 | char *cleanpath = NULL; | |
309 | ||
310 | components = lxc_normalize_path(path); | |
311 | if (!components) | |
312 | return NULL; | |
313 | ||
314 | cleanpath = lxc_string_join("/", (const char **)components, as_prefix); | |
315 | lxc_free_array((void **)components, free); | |
316 | ||
317 | return cleanpath; | |
318 | } | |
319 | ||
320 | static char *set_mnt_entry(struct mnts *m) | |
321 | { | |
322 | char *mntentry = NULL; | |
323 | int ret = 0; | |
324 | size_t len = 0; | |
325 | ||
326 | if (m->mnt_type == LXC_MNT_OVL) { | |
327 | len = strlen(" overlay lowerdir=,upperdir=,workdir=,create=dir") + | |
328 | 2 * strlen(m->src) + strlen(m->dest) + strlen(m->upper) + | |
329 | strlen(m->workdir) + 1; | |
330 | ||
331 | mntentry = malloc(len); | |
332 | if (!mntentry) | |
333 | goto err; | |
334 | ||
335 | ret = snprintf(mntentry, len, "%s %s overlay lowerdir=%s,upperdir=%s,workdir=%s,create=dir", | |
336 | m->src, m->dest, m->src, m->upper, m->workdir); | |
337 | if (ret < 0 || (size_t)ret >= len) | |
338 | goto err; | |
339 | } else if (m->mnt_type == LXC_MNT_BIND) { | |
340 | len = strlen(" none bind,optional,, 0 0") + | |
341 | strlen(is_dir(m->src) ? "create=dir" : "create=file") + | |
342 | strlen(m->src) + strlen(m->dest) + strlen(m->options) + 1; | |
343 | ||
344 | mntentry = malloc(len); | |
345 | if (!mntentry) | |
346 | goto err; | |
347 | ||
348 | ret = snprintf(mntentry, len, "%s %s none bind,optional,%s,%s 0 0", | |
349 | m->src, m->dest, m->options, | |
350 | is_dir(m->src) ? "create=dir" : "create=file"); | |
351 | if (ret < 0 || (size_t)ret >= len) | |
352 | goto err; | |
353 | } | |
354 | ||
355 | return mntentry; | |
356 | ||
357 | err: | |
358 | free(mntentry); | |
359 | return NULL; | |
360 | } | |
361 | ||
362 | static int do_clone(struct lxc_container *c, char *newname, char *newpath, | |
363 | int flags, char *bdevtype, uint64_t fssize, enum task task, | |
364 | char **args) | |
365 | { | |
366 | struct lxc_container *clone; | |
367 | ||
368 | clone = c->clone(c, newname, newpath, flags, bdevtype, NULL, fssize, | |
369 | args); | |
370 | if (!clone) { | |
371 | ERROR("Failed to clone"); | |
372 | return -1; | |
373 | } | |
374 | ||
375 | lxc_container_put(clone); | |
376 | ||
377 | return 0; | |
378 | } | |
379 | ||
380 | static int do_clone_ephemeral(struct lxc_container *c, | |
381 | struct lxc_arguments *arg, char **args, int flags) | |
382 | { | |
383 | char *premount; | |
384 | char randname[PATH_MAX]; | |
385 | unsigned int i; | |
386 | int ret = 0; | |
387 | bool bret = true, started = false; | |
388 | char *tmp_buf = randname; | |
389 | struct lxc_container *clone; | |
390 | lxc_attach_options_t attach_options = LXC_ATTACH_OPTIONS_DEFAULT; | |
391 | attach_options.env_policy = LXC_ATTACH_CLEAR_ENV; | |
392 | ||
393 | if (!arg->newname) { | |
394 | ret = snprintf(randname, PATH_MAX, "%s/%s_XXXXXX", arg->newpath, arg->name); | |
395 | if (ret < 0 || ret >= PATH_MAX) | |
396 | return -1; | |
397 | ||
398 | if (!mkdtemp(randname)) | |
399 | return -1; | |
400 | ||
401 | if (chmod(randname, 0770) < 0) { | |
402 | (void)remove(randname); | |
403 | return -1; | |
404 | } | |
405 | ||
406 | arg->newname = randname + strlen(arg->newpath) + 1; | |
407 | } | |
408 | ||
409 | clone = c->clone(c, arg->newname, arg->newpath, flags, | |
410 | arg->bdevtype, NULL, arg->fssize, args); | |
411 | if (!clone) | |
412 | return -1; | |
413 | ||
414 | if (arg->tmpfs) { | |
415 | premount = mount_tmpfs(arg->name, arg->newname, arg->newpath, arg); | |
416 | if (!premount) | |
417 | goto destroy_and_put; | |
418 | ||
419 | bret = clone->set_config_item(clone, "lxc.hook.pre-mount", premount); | |
420 | free(premount); | |
421 | if (!bret) | |
422 | goto destroy_and_put; | |
423 | } | |
424 | ||
425 | if (!arg->keepdata) | |
426 | if (!clone->set_config_item(clone, "lxc.ephemeral", "1")) | |
427 | goto destroy_and_put; | |
428 | ||
429 | /* allocate and create random upper- and workdirs for overlay mounts */ | |
430 | if (mk_rand_ovl_dirs(mnt_table, mnt_table_size, arg) < 0) | |
431 | goto destroy_and_put; | |
432 | ||
433 | /* allocate and set mount entries */ | |
434 | struct mnts *n = NULL; | |
435 | for (i = 0, n = mnt_table; i < mnt_table_size; i++, n++) { | |
436 | char *mntentry = NULL; | |
437 | ||
438 | mntentry = set_mnt_entry(n); | |
439 | if (!mntentry) | |
440 | goto destroy_and_put; | |
441 | ||
442 | bret = clone->set_config_item(clone, "lxc.mount.entry", mntentry); | |
443 | free(mntentry); | |
444 | if (!bret) | |
445 | goto destroy_and_put; | |
446 | } | |
447 | ||
448 | if (!clone->save_config(clone, NULL)) | |
449 | goto destroy_and_put; | |
450 | ||
451 | if (!my_args.quiet) | |
452 | printf("Created %s as clone of %s\n", arg->newname, arg->name); | |
453 | ||
454 | if (arg->tmpfs && !my_args.quiet) | |
455 | printf("Container is placed on tmpfs.\nRebooting will cause " | |
456 | "all changes made to it to be lost!\n"); | |
457 | ||
458 | if (!arg->daemonize && arg->argc) { | |
459 | clone->want_daemonize(clone, true); | |
460 | arg->daemonize = 1; | |
461 | } else if (!arg->daemonize) { | |
462 | clone->want_daemonize(clone, false); | |
463 | } | |
464 | ||
465 | started = clone->start(clone, 0, NULL); | |
466 | if (!started) | |
467 | goto destroy_and_put; | |
468 | ||
469 | if (arg->daemonize && arg->argc) { | |
470 | ret = clone->attach_run_wait(clone, &attach_options, arg->argv[0], (const char *const *)arg->argv); | |
471 | if (ret < 0) | |
472 | goto destroy_and_put; | |
473 | clone->shutdown(clone, -1); | |
474 | } | |
475 | ||
476 | free_mnts(); | |
477 | lxc_container_put(clone); | |
478 | return 0; | |
479 | ||
480 | destroy_and_put: | |
481 | if (started) | |
482 | clone->shutdown(clone, -1); | |
483 | ||
484 | ret = clone->get_config_item(clone, "lxc.ephemeral", tmp_buf, PATH_MAX); | |
485 | if (ret > 0 && strcmp(tmp_buf, "0")) | |
486 | clone->destroy(clone); | |
487 | ||
488 | free_mnts(); | |
489 | lxc_container_put(clone); | |
490 | return -1; | |
491 | } | |
492 | ||
493 | static int do_clone_rename(struct lxc_container *c, char *newname) | |
494 | { | |
495 | if (!c->rename(c, newname)) { | |
496 | ERROR("Renaming container %s to %s failed", c->name, newname); | |
497 | return -1; | |
498 | } | |
499 | ||
500 | return 0; | |
501 | } | |
502 | ||
503 | static int do_clone_task(struct lxc_container *c, enum task task, int flags, | |
504 | char **args) | |
505 | { | |
506 | int ret = 0; | |
507 | ||
508 | switch (task) { | |
509 | case DESTROY: | |
510 | ret = do_clone_ephemeral(c, &my_args, args, flags); | |
511 | break; | |
512 | case RENAME: | |
513 | ret = do_clone_rename(c, my_args.newname); | |
514 | break; | |
515 | default: | |
516 | ret = do_clone(c, my_args.newname, my_args.newpath, flags, | |
517 | my_args.bdevtype, my_args.fssize, my_args.task, | |
518 | args); | |
519 | break; | |
520 | } | |
521 | ||
522 | return ret; | |
523 | } | |
524 | ||
525 | static void free_mnts() | |
526 | { | |
527 | unsigned int i; | |
528 | struct mnts *n = NULL; | |
529 | ||
530 | for (i = 0, n = mnt_table; i < mnt_table_size; i++, n++) { | |
531 | free(n->src); | |
532 | free(n->dest); | |
533 | free(n->options); | |
534 | free(n->upper); | |
535 | free(n->workdir); | |
536 | } | |
537 | ||
538 | free(mnt_table); | |
539 | mnt_table = NULL; | |
540 | mnt_table_size = 0; | |
541 | } | |
542 | ||
543 | static int my_parser(struct lxc_arguments *args, int c, char *arg) | |
544 | { | |
545 | char *subopts = NULL; | |
546 | char *mntparameters = NULL; | |
547 | switch (c) { | |
548 | case 'N': | |
549 | args->newname = arg; | |
550 | break; | |
551 | case 'p': | |
552 | args->newpath = arg; | |
553 | break; | |
554 | case 'R': | |
555 | args->task = RENAME; | |
556 | break; | |
557 | case 's': | |
558 | args->task = SNAP; | |
559 | break; | |
560 | case 'F': | |
561 | args->daemonize = 0; | |
562 | break; | |
563 | case 'd': | |
564 | args->daemonize = 1; | |
565 | break; | |
566 | case 'e': | |
567 | args->task = DESTROY; | |
568 | break; | |
569 | case 'm': | |
570 | subopts = optarg; | |
571 | if (parse_mntsubopts(subopts, mount_keys, mntparameters) < 0) | |
572 | return -1; | |
573 | break; | |
574 | case 'B': | |
575 | if (strncmp(arg, "overlay", strlen(arg)) == 0) | |
576 | arg = "overlayfs"; | |
577 | args->bdevtype = arg; | |
578 | break; | |
579 | case 't': | |
580 | args->tmpfs = true; | |
581 | break; | |
582 | case 'L': | |
583 | args->fssize = get_fssize(optarg); | |
584 | break; | |
585 | case 'D': | |
586 | args->keepdata = 1; | |
587 | break; | |
588 | case 'K': | |
589 | args->keepname = 1; | |
590 | break; | |
591 | case 'M': | |
592 | args->keepmac = 1; | |
593 | break; | |
594 | } | |
595 | ||
596 | return 0; | |
597 | } | |
598 | ||
599 | static int parse_bind_mnt(char *mntstring, enum mnttype type) | |
600 | { | |
601 | int len = 0; | |
602 | char **mntarray = NULL; | |
603 | struct mnts *m = NULL; | |
604 | ||
605 | m = add_mnt(&mnt_table, &mnt_table_size, type); | |
606 | if (!m) | |
607 | goto err; | |
608 | ||
609 | mntarray = lxc_string_split(mntstring, ':'); | |
610 | if (!mntarray) | |
611 | goto err; | |
612 | ||
613 | m->src = construct_path(mntarray[0], true); | |
614 | if (!m->src) | |
615 | goto err; | |
616 | ||
617 | len = lxc_array_len((void **)mntarray); | |
618 | if (len == 1) { /* bind=src */ | |
619 | m->dest = construct_path(mntarray[0], false); | |
620 | } else if (len == 2) { /* bind=src:option or bind=src:dest */ | |
621 | if (strncmp(mntarray[1], "rw", strlen(mntarray[1])) == 0) | |
622 | m->options = strdup("rw"); | |
623 | ||
624 | if (strncmp(mntarray[1], "ro", strlen(mntarray[1])) == 0) | |
625 | m->options = strdup("ro"); | |
626 | ||
627 | if (m->options) | |
628 | m->dest = construct_path(mntarray[0], false); | |
629 | else | |
630 | m->dest = construct_path(mntarray[1], false); | |
631 | } else if (len == 3) { /* bind=src:dest:option */ | |
632 | m->dest = construct_path(mntarray[1], false); | |
633 | m->options = strdup(mntarray[2]); | |
634 | } else { | |
635 | printf("Excess elements in mount specification\n"); | |
636 | } | |
637 | ||
638 | if (!m->dest) | |
639 | goto err; | |
640 | ||
641 | if (!m->options) | |
642 | m->options = strdup("rw"); | |
643 | ||
644 | if (!m->options || (strncmp(m->options, "rw", strlen(m->options)) != 0 && | |
645 | strncmp(m->options, "ro", strlen(m->options)) != 0)) | |
646 | goto err; | |
647 | ||
648 | lxc_free_array((void **)mntarray, free); | |
649 | return 0; | |
650 | ||
651 | err: | |
652 | free_mnts(); | |
653 | lxc_free_array((void **)mntarray, free); | |
654 | return -1; | |
655 | } | |
656 | ||
657 | static int parse_mntsubopts(char *subopts, char *const *keys, char *mntparameters) | |
658 | { | |
659 | while (*subopts != '\0') { | |
660 | switch (getsubopt(&subopts, keys, &mntparameters)) { | |
661 | case LXC_MNT_BIND: | |
662 | if (parse_bind_mnt(mntparameters, LXC_MNT_BIND) < 0) | |
663 | return -1; | |
664 | break; | |
665 | case LXC_MNT_OVL: | |
666 | if (parse_ovl_mnt(mntparameters, LXC_MNT_OVL) < 0) | |
667 | return -1; | |
668 | break; | |
669 | default: | |
670 | break; | |
671 | } | |
672 | } | |
673 | ||
674 | return 0; | |
675 | } | |
676 | ||
677 | static int parse_ovl_mnt(char *mntstring, enum mnttype type) | |
678 | { | |
679 | int len = 0; | |
680 | char **mntarray = NULL; | |
681 | struct mnts *m; | |
682 | ||
683 | m = add_mnt(&mnt_table, &mnt_table_size, type); | |
684 | if (!m) | |
685 | goto err; | |
686 | ||
687 | mntarray = lxc_string_split(mntstring, ':'); | |
688 | if (!mntarray) | |
689 | goto err; | |
690 | ||
691 | m->src = construct_path(mntarray[0], true); | |
692 | if (!m->src) | |
693 | goto err; | |
694 | ||
695 | len = lxc_array_len((void **)mntarray); | |
696 | if (len == 1) /* overlay=src */ | |
697 | m->dest = construct_path(mntarray[0], false); | |
698 | else if (len == 2) /* overlay=src:dest */ | |
699 | m->dest = construct_path(mntarray[1], false); | |
700 | else | |
701 | printf("Excess elements in mount specification\n"); | |
702 | ||
703 | if (!m->dest) | |
704 | goto err; | |
705 | ||
706 | lxc_free_array((void **)mntarray, free); | |
707 | return 0; | |
708 | ||
709 | err: | |
710 | free_mnts(); | |
711 | lxc_free_array((void **)mntarray, free); | |
712 | return -1; | |
713 | } | |
714 | ||
715 | /* For ephemeral snapshots backed by the overlay filesystem, this function | |
716 | * mounts a fresh tmpfs over the containers directory if the user requests it. | |
717 | * Because we mount a fresh tmpfs over the directory of the container the | |
718 | * updated /etc/hostname file created during the clone residing in the upperdir | |
719 | * (currently named "delta0" by default) will be hidden. Hence, if the user | |
720 | * requests that the old name is not to be kept for the clone, we recreate this | |
721 | * file on the tmpfs. This should be all that is required to restore the exact | |
722 | * behaviour we would get with a normal clone. | |
723 | */ | |
724 | static char *mount_tmpfs(const char *oldname, const char *newname, | |
725 | const char *path, struct lxc_arguments *arg) | |
726 | { | |
727 | int ret, fd; | |
728 | size_t len; | |
729 | mode_t msk; | |
730 | char *premount = NULL; | |
731 | FILE *fp = NULL; | |
732 | ||
733 | if (arg->tmpfs && arg->keepdata) { | |
734 | ERROR("%s", | |
735 | "A container can only be placed on a tmpfs when the " | |
736 | "overlay storage driver is used"); | |
737 | goto err_free; | |
738 | } | |
739 | ||
740 | if (arg->tmpfs && !arg->bdevtype) { | |
741 | arg->bdevtype = "overlayfs"; | |
742 | } else if (arg->tmpfs && arg->bdevtype && | |
743 | strncmp(arg->bdevtype, "overlayfs", strlen(arg->bdevtype)) != 0) { | |
744 | ERROR("%s", | |
745 | "A container can only be placed on a tmpfs when the " | |
746 | "overlay storage driver is used"); | |
747 | goto err_free; | |
748 | } | |
749 | ||
750 | len = strlen(path) + strlen(newname) + strlen("pre-start-XXXXXX") + /* //\0 */ 3; | |
751 | premount = malloc(len); | |
752 | if (!premount) | |
753 | goto err_free; | |
754 | ||
755 | ret = snprintf(premount, len, "%s/%s/pre-start-XXXXXX", path, newname); | |
756 | if (ret < 0 || (size_t)ret >= len) | |
757 | goto err_free; | |
758 | ||
759 | msk = umask(0022); | |
760 | fd = mkstemp(premount); | |
761 | umask(msk); | |
762 | if (fd < 0) | |
763 | goto err_free; | |
764 | ||
765 | if (fcntl(fd, F_SETFD, FD_CLOEXEC)) { | |
766 | ERROR("Failed to set close-on-exec on file descriptor"); | |
767 | goto err_close; | |
768 | } | |
769 | ||
770 | if (chmod(premount, 0755) < 0) | |
771 | goto err_close; | |
772 | ||
773 | fp = fdopen(fd, "r+"); | |
774 | if (!fp) | |
775 | goto err_close; | |
776 | fd = -1; | |
777 | ||
778 | ret = fprintf(fp, "#! /bin/sh\n" | |
779 | "mount -n -t tmpfs -o mode=0755 none %s/%s\n", | |
780 | path, newname); | |
781 | if (ret < 0) | |
782 | goto err_close; | |
783 | ||
784 | if (!arg->keepname) { | |
785 | ret = fprintf(fp, "mkdir -p %s/%s/delta0/etc\n" | |
786 | "echo %s > %s/%s/delta0/etc/hostname\n", | |
787 | path, newname, newname, path, newname); | |
788 | if (ret < 0) | |
789 | goto err_close; | |
790 | } | |
791 | ||
792 | fclose(fp); | |
793 | return premount; | |
794 | ||
795 | err_close: | |
796 | if (fd > 0) | |
797 | close(fd); | |
798 | else if (fp) | |
799 | fclose(fp); | |
800 | ||
801 | err_free: | |
802 | free(premount); | |
803 | return NULL; | |
804 | } |