]>
git.proxmox.com Git - mirror_lxc.git/blob - src/lxc/confile_utils.c
3 * Copyright © 2017 Christian Brauner <christian.brauner@ubuntu.com>.
4 * Copyright © 2017 Canonical Ltd.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2, as
8 * published by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
26 #include <arpa/inet.h>
30 #include "confile_utils.h"
34 #include "lxccontainer.h"
40 #include "include/strlcpy.h"
43 lxc_log_define(confile_utils
, lxc
);
45 int parse_idmaps(const char *idmap
, char *type
, unsigned long *nsid
,
46 unsigned long *hostid
, unsigned long *range
)
49 unsigned long tmp_hostid
, tmp_nsid
, tmp_range
;
54 /* Duplicate string. */
59 /* A prototypical idmap entry would be: "u 1000 1000000 65536" */
64 slide
+= strspn(slide
, " \t\r");
65 if (slide
!= window
&& *slide
== '\0')
69 if (*slide
!= 'u' && *slide
!= 'g') {
70 ERROR("Invalid id mapping type: %c", *slide
);
77 /* move beyond type */
81 /* Validate that only whitespace follows. */
82 slide
+= strspn(slide
, " \t\r");
83 /* There must be whitespace. */
87 /* Mark beginning of nsid. */
89 /* Validate that non-whitespace follows. */
90 slide
+= strcspn(slide
, " \t\r");
91 /* There must be non-whitespace. */
92 if (slide
== window
|| *slide
== '\0')
94 /* Mark end of nsid. */
98 if (lxc_safe_ulong(window
, &tmp_nsid
) < 0) {
99 ERROR("Failed to parse nsid: %s", window
);
103 /* Move beyond \0. */
105 /* Validate that only whitespace follows. */
106 slide
+= strspn(slide
, " \t\r");
107 /* If there was only one whitespace then we whiped it with our \0 above.
108 * So only ensure that we're not at the end of the string.
113 /* Mark beginning of hostid. */
115 /* Validate that non-whitespace follows. */
116 slide
+= strcspn(slide
, " \t\r");
117 /* There must be non-whitespace. */
118 if (slide
== window
|| *slide
== '\0')
120 /* Mark end of nsid. */
124 if (lxc_safe_ulong(window
, &tmp_hostid
) < 0) {
125 ERROR("Failed to parse hostid: %s", window
);
129 /* Move beyond \0. */
131 /* Validate that only whitespace follows. */
132 slide
+= strspn(slide
, " \t\r");
133 /* If there was only one whitespace then we whiped it with our \0 above.
134 * So only ensure that we're not at the end of the string.
139 /* Mark beginning of range. */
141 /* Validate that non-whitespace follows. */
142 slide
+= strcspn(slide
, " \t\r");
143 /* There must be non-whitespace. */
147 /* The range is the last valid entry we expect. So make sure that there
148 * is no trailing garbage and if there is, error out.
150 if (*(slide
+ strspn(slide
, " \t\r\n")) != '\0')
153 /* Mark end of range. */
157 if (lxc_safe_ulong(window
, &tmp_range
) < 0) {
158 ERROR("Failed to parse id mapping range: %s", window
);
164 *hostid
= tmp_hostid
;
167 /* Yay, we survived. */
176 bool lxc_config_value_empty(const char *value
)
178 if (value
&& strlen(value
) > 0)
184 struct lxc_netdev
*lxc_network_add(struct lxc_list
*networks
, int idx
, bool tail
)
186 struct lxc_list
*newlist
;
187 struct lxc_netdev
*netdev
= NULL
;
189 /* network does not exist */
190 netdev
= malloc(sizeof(*netdev
));
194 memset(netdev
, 0, sizeof(*netdev
));
195 lxc_list_init(&netdev
->ipv4
);
196 lxc_list_init(&netdev
->ipv6
);
198 /* give network a unique index */
201 /* prepare new list */
202 newlist
= malloc(sizeof(*newlist
));
208 lxc_list_init(newlist
);
209 newlist
->elem
= netdev
;
212 lxc_list_add_tail(networks
, newlist
);
214 lxc_list_add(networks
, newlist
);
219 /* Takes care of finding the correct netdev struct in the networks list or
220 * allocates a new one if it couldn't be found.
222 struct lxc_netdev
*lxc_get_netdev_by_idx(struct lxc_conf
*conf
,
223 unsigned int idx
, bool allocate
)
225 struct lxc_netdev
*netdev
= NULL
;
226 struct lxc_list
*networks
= &conf
->network
;
227 struct lxc_list
*insert
= networks
;
230 if (!lxc_list_empty(networks
)) {
231 lxc_list_for_each(insert
, networks
) {
232 netdev
= insert
->elem
;
233 if (netdev
->idx
== idx
)
235 else if (netdev
->idx
> idx
)
243 return lxc_network_add(insert
, idx
, true);
246 void lxc_log_configured_netdevs(const struct lxc_conf
*conf
)
248 struct lxc_netdev
*netdev
;
249 struct lxc_list
*it
= (struct lxc_list
*)&conf
->network
;;
251 if ((conf
->loglevel
!= LXC_LOG_LEVEL_TRACE
) &&
252 (lxc_log_get_level() != LXC_LOG_LEVEL_TRACE
))
255 if (lxc_list_empty(it
)) {
256 TRACE("container has no networks configured");
260 lxc_list_for_each(it
, &conf
->network
) {
261 struct lxc_list
*cur
, *next
;
262 struct lxc_inetdev
*inet4dev
;
263 struct lxc_inet6dev
*inet6dev
;
264 char bufinet4
[INET_ADDRSTRLEN
], bufinet6
[INET6_ADDRSTRLEN
];
268 TRACE("index: %zd", netdev
->idx
);
269 TRACE("ifindex: %d", netdev
->ifindex
);
271 switch (netdev
->type
) {
275 if (netdev
->priv
.veth_attr
.pair
[0] != '\0')
276 TRACE("veth pair: %s",
277 netdev
->priv
.veth_attr
.pair
);
279 if (netdev
->priv
.veth_attr
.veth1
[0] != '\0')
281 netdev
->priv
.veth_attr
.veth1
);
283 if (netdev
->priv
.veth_attr
.ifindex
> 0)
284 TRACE("host side ifindex for veth device: %d",
285 netdev
->priv
.veth_attr
.ifindex
);
287 case LXC_NET_MACVLAN
:
288 TRACE("type: macvlan");
290 if (netdev
->priv
.macvlan_attr
.mode
> 0) {
293 macvlan_mode
= lxc_macvlan_flag_to_mode(
294 netdev
->priv
.macvlan_attr
.mode
);
295 TRACE("macvlan mode: %s",
296 macvlan_mode
? macvlan_mode
302 TRACE("vlan id: %d", netdev
->priv
.vlan_attr
.vid
);
307 if (netdev
->priv
.phys_attr
.ifindex
> 0)
308 TRACE("host side ifindex for phys device: %d",
309 netdev
->priv
.phys_attr
.ifindex
);
312 TRACE("type: empty");
318 ERROR("invalid network type %d", netdev
->type
);
322 if (netdev
->type
!= LXC_NET_EMPTY
) {
324 netdev
->flags
== IFF_UP
? "up" : "none");
326 if (netdev
->link
[0] != '\0')
327 TRACE("link: %s", netdev
->link
);
329 if (netdev
->name
[0] != '\0')
330 TRACE("name: %s", netdev
->name
);
333 TRACE("hwaddr: %s", netdev
->hwaddr
);
336 TRACE("mtu: %s", netdev
->mtu
);
338 if (netdev
->upscript
)
339 TRACE("upscript: %s", netdev
->upscript
);
341 if (netdev
->downscript
)
342 TRACE("downscript: %s", netdev
->downscript
);
344 TRACE("ipv4 gateway auto: %s",
345 netdev
->ipv4_gateway_auto
? "true" : "false");
347 if (netdev
->ipv4_gateway
) {
348 inet_ntop(AF_INET
, netdev
->ipv4_gateway
,
349 bufinet4
, sizeof(bufinet4
));
350 TRACE("ipv4 gateway: %s", bufinet4
);
353 lxc_list_for_each_safe(cur
, &netdev
->ipv4
, next
) {
354 inet4dev
= cur
->elem
;
355 inet_ntop(AF_INET
, &inet4dev
->addr
, bufinet4
,
357 TRACE("ipv4 addr: %s", bufinet4
);
360 TRACE("ipv6 gateway auto: %s",
361 netdev
->ipv6_gateway_auto
? "true" : "false");
363 if (netdev
->ipv6_gateway
) {
364 inet_ntop(AF_INET6
, netdev
->ipv6_gateway
,
365 bufinet6
, sizeof(bufinet6
));
366 TRACE("ipv6 gateway: %s", bufinet6
);
369 lxc_list_for_each_safe(cur
, &netdev
->ipv6
, next
) {
370 inet6dev
= cur
->elem
;
371 inet_ntop(AF_INET6
, &inet6dev
->addr
, bufinet6
,
373 TRACE("ipv6 addr: %s", bufinet6
);
379 static void lxc_free_netdev(struct lxc_netdev
*netdev
)
381 struct lxc_list
*cur
, *next
;
383 free(netdev
->upscript
);
384 free(netdev
->downscript
);
385 free(netdev
->hwaddr
);
388 free(netdev
->ipv4_gateway
);
389 lxc_list_for_each_safe(cur
, &netdev
->ipv4
, next
) {
395 free(netdev
->ipv6_gateway
);
396 lxc_list_for_each_safe(cur
, &netdev
->ipv6
, next
) {
405 bool lxc_remove_nic_by_idx(struct lxc_conf
*conf
, unsigned int idx
)
407 struct lxc_list
*cur
, *next
;
408 struct lxc_netdev
*netdev
;
411 lxc_list_for_each_safe(cur
, &conf
->network
, next
) {
413 if (netdev
->idx
!= idx
)
424 lxc_free_netdev(netdev
);
430 void lxc_free_networks(struct lxc_list
*networks
)
432 struct lxc_list
*cur
, *next
;
433 struct lxc_netdev
*netdev
;
435 lxc_list_for_each_safe(cur
, networks
, next
) {
437 lxc_free_netdev(netdev
);
441 /* prevent segfaults */
442 lxc_list_init(networks
);
445 static struct macvlan_mode
{
449 { "private", MACVLAN_MODE_PRIVATE
},
450 { "vepa", MACVLAN_MODE_VEPA
},
451 { "bridge", MACVLAN_MODE_BRIDGE
},
452 { "passthru", MACVLAN_MODE_PASSTHRU
},
455 int lxc_macvlan_mode_to_flag(int *mode
, const char *value
)
459 for (i
= 0; i
< sizeof(macvlan_mode
) / sizeof(macvlan_mode
[0]); i
++) {
460 if (strcmp(macvlan_mode
[i
].name
, value
))
463 *mode
= macvlan_mode
[i
].mode
;
470 char *lxc_macvlan_flag_to_mode(int mode
)
474 for (i
= 0; i
< sizeof(macvlan_mode
) / sizeof(macvlan_mode
[0]); i
++) {
475 if (macvlan_mode
[i
].mode
== mode
)
478 return macvlan_mode
[i
].name
;
484 int set_config_string_item(char **conf_item
, const char *value
)
488 if (lxc_config_value_empty(value
)) {
494 new_value
= strdup(value
);
496 SYSERROR("Failed to duplicate string \"%s\"", value
);
501 *conf_item
= new_value
;
505 int set_config_string_item_max(char **conf_item
, const char *value
, size_t max
)
507 if (strlen(value
) >= max
) {
508 ERROR("%s is too long (>= %lu)", value
, (unsigned long)max
);
512 return set_config_string_item(conf_item
, value
);
515 int set_config_path_item(char **conf_item
, const char *value
)
517 return set_config_string_item_max(conf_item
, value
, PATH_MAX
);
520 int config_ip_prefix(struct in_addr
*addr
)
522 if (IN_CLASSA(addr
->s_addr
))
523 return 32 - IN_CLASSA_NSHIFT
;
525 if (IN_CLASSB(addr
->s_addr
))
526 return 32 - IN_CLASSB_NSHIFT
;
528 if (IN_CLASSC(addr
->s_addr
))
529 return 32 - IN_CLASSC_NSHIFT
;
534 int network_ifname(char *valuep
, const char *value
, size_t size
)
538 if (!valuep
|| !value
)
541 retlen
= strlcpy(valuep
, value
, size
);
543 ERROR("Network devie name \"%s\" is too long (>= %zu)", value
,
549 void rand_complete_hwaddr(char *hwaddr
)
551 const char hex
[] = "0123456789abcdef";
559 seed
= randseed(false);
561 while (*curs
!= '\0' && *curs
!= '\n') {
562 if (*curs
== 'x' || *curs
== 'X') {
563 if (curs
- hwaddr
== 1) {
564 /* ensure address is unicast */
566 *curs
= hex
[rand_r(&seed
) & 0x0E];
568 *curs
= hex
[rand_r(&seed
) & 0x0F];
570 *curs
= hex
[rand() & 0x0E];
572 *curs
= hex
[rand() & 0x0F];
580 bool lxc_config_net_hwaddr(const char *line
)
585 if (strncmp(line
, "lxc.net", 7) != 0)
588 if (strncmp(line
, "lxc.net.hwaddr", 14) == 0)
591 if (strncmp(line
, "lxc.network.hwaddr", 18) == 0)
594 if (sscanf(line
, "lxc.net.%u.%6s", &index
, tmp
) == 2 ||
595 sscanf(line
, "lxc.network.%u.%6s", &index
, tmp
) == 2)
596 return strncmp(tmp
, "hwaddr", 6) == 0;
602 * If we find a lxc.net.[i].hwaddr or lxc.network.hwaddr in the original config
603 * file, we expand it in the unexpanded_config, so that after a save_config we
604 * store the hwaddr for re-use.
605 * This is only called when reading the config file, not when executing a
607 * 'x' and 'X' are substituted in-place.
609 void update_hwaddr(const char *line
)
613 line
+= lxc_char_left_gc(line
, strlen(line
));
617 if (!lxc_config_net_hwaddr(line
))
620 /* Let config_net_hwaddr raise the error. */
621 p
= strchr(line
, '=');
632 rand_complete_hwaddr(p
);
635 bool new_hwaddr(char *hwaddr
)
639 (void)randseed(true);
641 ret
= snprintf(hwaddr
, 18, "00:16:3e:%02x:%02x:%02x", rand() % 255,
642 rand() % 255, rand() % 255);
643 if (ret
< 0 || ret
>= 18) {
644 SYSERROR("Failed to call snprintf().");
651 int lxc_get_conf_str(char *retv
, int inlen
, const char *value
)
658 value_len
= strlen(value
);
659 if (retv
&& inlen
>= value_len
+ 1)
660 memcpy(retv
, value
, value_len
+ 1);
665 int lxc_get_conf_int(struct lxc_conf
*c
, char *retv
, int inlen
, int v
)
673 memset(retv
, 0, inlen
);
675 strprint(retv
, inlen
, "%d", v
);
680 int lxc_get_conf_size_t(struct lxc_conf
*c
, char *retv
, int inlen
, size_t v
)
688 memset(retv
, 0, inlen
);
690 strprint(retv
, inlen
, "%zu", v
);
695 int lxc_get_conf_uint64(struct lxc_conf
*c
, char *retv
, int inlen
, uint64_t v
)
703 memset(retv
, 0, inlen
);
705 strprint(retv
, inlen
, "%"PRIu64
, v
);
710 bool parse_limit_value(const char **value
, rlim_t
*res
)
714 if (strncmp(*value
, "unlimited", sizeof("unlimited") - 1) == 0) {
715 *res
= RLIM_INFINITY
;
716 *value
+= sizeof("unlimited") - 1;
721 *res
= strtoull(*value
, &endptr
, 10);
722 if (errno
|| !endptr
)
730 static int lxc_container_name_to_pid(const char *lxcname_or_pid
,
737 pid
= strtol(lxcname_or_pid
, &err
, 10);
738 if (*err
!= '\0' || pid
< 1) {
739 struct lxc_container
*c
;
741 c
= lxc_container_new(lxcname_or_pid
, lxcpath
);
743 ERROR("\"%s\" is not a valid pid nor a container name",
748 if (!c
->may_control(c
)) {
749 ERROR("Insufficient privileges to control container "
751 lxc_container_put(c
);
755 pid
= c
->init_pid(c
);
757 ERROR("Container \"%s\" is not running", c
->name
);
758 lxc_container_put(c
);
762 lxc_container_put(c
);
767 SYSERROR("Failed to send signal to pid %d", (int)pid
);
774 int lxc_inherit_namespace(const char *lxcname_or_pid
, const char *lxcpath
,
775 const char *namespace)
778 char *dup
, *lastslash
;
780 lastslash
= strrchr(lxcname_or_pid
, '/');
782 dup
= strdup(lxcname_or_pid
);
786 dup
[lastslash
- lxcname_or_pid
] = '\0';
787 pid
= lxc_container_name_to_pid(lastslash
+ 1, dup
);
790 pid
= lxc_container_name_to_pid(lxcname_or_pid
, lxcpath
);
796 fd
= lxc_preserve_ns(pid
, namespace);
808 static const struct signame signames
[] = {
841 { SIGSTKFLT
, "STKFLT" },
856 { SIGVTALRM
, "VTALRM" },
862 { SIGWINCH
, "WINCH" },
880 { SIGUNUSED
, "UNUSED" },
887 static int sig_num(const char *sig
)
891 if (lxc_safe_uint(sig
, &signum
) < 0)
897 static int rt_sig_num(const char *signame
)
899 int rtmax
= 0, sig_n
= 0;
901 if (strncasecmp(signame
, "max-", 4) == 0)
905 if (!isdigit(*signame
))
908 sig_n
= sig_num(signame
);
909 sig_n
= rtmax
? SIGRTMAX
- sig_n
: SIGRTMIN
+ sig_n
;
910 if (sig_n
> SIGRTMAX
|| sig_n
< SIGRTMIN
)
916 int sig_parse(const char *signame
)
920 if (isdigit(*signame
)) {
921 return sig_num(signame
);
922 } else if (strncasecmp(signame
, "sig", 3) == 0) {
924 if (strncasecmp(signame
, "rt", 2) == 0)
925 return rt_sig_num(signame
+ 2);
927 for (n
= 0; n
< sizeof(signames
) / sizeof((signames
)[0]); n
++)
928 if (strcasecmp(signames
[n
].name
, signame
) == 0)
929 return signames
[n
].num
;