diff --git a/lxc.spec.in b/lxc.spec.in index c8ff08e8f..5e68df26c 100644 --- a/lxc.spec.in +++ b/lxc.spec.in @@ -124,7 +124,6 @@ rm -rf %{buildroot} %files %defattr(-,root,root) %{_bindir}/* -%attr(4111,root,root) %{_bindir}/lxc-user-nic %{_mandir}/man1/lxc* %{_mandir}/man5/lxc* %{_mandir}/man7/lxc* @@ -150,6 +149,7 @@ rm -rf %{buildroot} %endif %{_localstatedir}/* %attr(4555,root,root) %{_libexecdir}/%{name}/lxc-init +%attr(4111,root,root) %{_libexecdir}/%{name}/lxc-user-nic %if %{with_systemd} %attr(555,root,root) %{_libexecdir}/%{name}/lxc-devsetup %endif diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am index 602447e37..25cdf6d86 100644 --- a/src/lxc/Makefile.am +++ b/src/lxc/Makefile.am @@ -113,6 +113,7 @@ AM_CFLAGS=-I$(top_srcdir)/src \ -DLXCPATH=\"$(LXCPATH)\" \ -DLXC_GLOBAL_CONF=\"$(LXC_GLOBAL_CONF)\" \ -DLXCINITDIR=\"$(LXCINITDIR)\" \ + -DLIBEXECDIR=\"$(LIBEXECDIR)\" \ -DLXCTEMPLATEDIR=\"$(LXCTEMPLATEDIR)\" \ -DLOGPATH=\"$(LOGPATH)\" \ -DLXC_DEFAULT_CONFIG=\"$(LXC_DEFAULT_CONFIG)\" \ @@ -181,28 +182,28 @@ endif bin_PROGRAMS = \ lxc-attach \ lxc-autostart \ - lxc-unshare \ - lxc-stop \ - lxc-start \ + lxc-cgroup \ lxc-clone \ - lxc-execute \ - lxc-monitor \ - lxc-monitord \ - lxc-wait \ + lxc-config \ lxc-console \ + lxc-create \ + lxc-destroy \ + lxc-execute \ lxc-freeze \ lxc-info \ - lxc-cgroup \ - lxc-unfreeze \ - lxc-config \ - lxc-destroy \ - lxc-create \ - lxc-user-nic \ + lxc-monitor \ lxc-snapshot \ - lxc-usernsexec + lxc-start \ + lxc-stop \ + lxc-unfreeze \ + lxc-unshare \ + lxc-usernsexec \ + lxc-wait pkglibexec_PROGRAMS = \ - lxc-init + lxc-init \ + lxc-monitord \ + lxc-user-nic AM_LDFLAGS = -Wl,-E if ENABLE_RPATH @@ -245,7 +246,9 @@ install-exec-local: install-soPROGRAMS cd $(DESTDIR)$(libdir); \ ln -sf liblxc.so.$(VERSION) liblxc.so.$(firstword $(subst ., ,$(VERSION))); \ ln -sf liblxc.so.$(firstword $(subst ., ,$(VERSION))) liblxc.so - chmod u+s $(DESTDIR)$(bindir)/lxc-user-nic + +install-exec-hook: + chmod u+s $(DESTDIR)$(libexecdir)/lxc/lxc-user-nic uninstall-local: $(RM) $(DESTDIR)$(libdir)/liblxc.so* diff --git a/src/lxc/conf.c b/src/lxc/conf.c index 8ce783bef..30d72d4f8 100644 --- a/src/lxc/conf.c +++ b/src/lxc/conf.c @@ -2979,6 +2979,8 @@ void lxc_delete_network(struct lxc_handler *handler) } } +#define LXC_USERNIC_PATH LIBEXECDIR "/lxc/lxc-user-nic" + static int unpriv_assign_nic(struct lxc_netdev *netdev, pid_t pid) { pid_t child; @@ -2998,11 +3000,12 @@ static int unpriv_assign_nic(struct lxc_netdev *netdev, pid_t pid) return wait_for_pid(child); // Call lxc-user-nic pid type bridge + char pidstr[20]; - char *args[] = { "lxc-user-nic", pidstr, "veth", netdev->link, netdev->name, NULL }; + char *args[] = {LXC_USERNIC_PATH, pidstr, "veth", netdev->link, netdev->name, NULL }; snprintf(pidstr, 19, "%lu", (unsigned long) pid); pidstr[19] = '\0'; - execvp("lxc-user-nic", args); + execvp(args[0], args); SYSERROR("execvp lxc-user-nic"); exit(1); } diff --git a/src/lxc/monitor.c b/src/lxc/monitor.c index 1fe117072..87925dc74 100644 --- a/src/lxc/monitor.c +++ b/src/lxc/monitor.c @@ -269,6 +269,7 @@ int lxc_monitor_read(int fd, struct lxc_msg *msg) } +#define LXC_MONITORD_PATH LIBEXECDIR "/lxc/lxc-monitord" /* used to spawn a monitord either on startup of a daemon container, or when * lxc-monitor starts @@ -280,7 +281,7 @@ int lxc_monitord_spawn(const char *lxcpath) char pipefd_str[11]; char * const args[] = { - "lxc-monitord", + LXC_MONITORD_PATH, (char *)lxcpath, pipefd_str, NULL, diff --git a/src/tests/lxc-test-usernic b/src/tests/lxc-test-usernic index 801419a87..e641cb9bc 100755 --- a/src/tests/lxc-test-usernic +++ b/src/tests/lxc-test-usernic @@ -68,13 +68,15 @@ brctl addbr usernic-br1 ifconfig usernic-br0 0.0.0.0 up ifconfig usernic-br1 0.0.0.0 up +LXC_USERNIC_PATH=$(ls -1 /usr/lib/*/lxc/lxc-user-nic | head -1) + # Create three containers su -l usernic-user -c "lxc-create -P /tmp/usernic-test/lxcbase -t busybox -n b1 -f /tmp/lxc-usernic.conf" su -l usernic-user -c "lxc-start -P /tmp/usernic-test/lxcbase -n b1 -d" p1=`lxc-info -P /tmp/usernic-test/lxcbase -n b1 -p | awk -F: '{ print $2 }'` # Assign one veth, should fail as no allowed entries yet -su -l usernic-user -c "lxc-user-nic $p1 veth usernic-br0 xx1" +su -l usernic-user -c "$LXC_USERNIC_PATH $p1 veth usernic-br0 xx1" if [ $? -eq 0 ]; then echo "FAIL: able to create nic with no entries" cleanup 1 @@ -86,26 +88,26 @@ sed -i '/^lxc-usernet/d' /etc/lxc/lxc-usernet echo "lxc-usernet veth usernic-br0 2" >> /etc/lxc/lxc-usernet # Assign one veth to second bridge, should fail -su -l usernic-user -c "lxc-user-nic $p1 veth usernic-br1 xx1" +su -l usernic-user -c "$LXC_USERNIC_PATH $p1 veth usernic-br1 xx1" if [ $? -eq 0 ]; then echo "FAIL: able to create nic with no entries" cleanup 1 fi # Assign two veths, should succeed -su -l usernic-user -c "lxc-user-nic $p1 veth usernic-br0 xx2" +su -l usernic-user -c "$LXC_USERNIC_PATH $p1 veth usernic-br0 xx2" if [ $? -ne 0 ]; then echo "FAIL: unable to create first nic" cleanup 1 fi -su -l usernic-user -c "lxc-user-nic $p1 veth usernic-br0 xx3" +su -l usernic-user -c "$LXC_USERNIC_PATH $p1 veth usernic-br0 xx3" if [ $? -ne 0 ]; then echo "FAIL: unable to create second nic" cleanup 1 fi # Assign one more veth, should fail. -su -l usernic-user -c "lxc-user-nic $p1 veth usernic-br0 xx4" +su -l usernic-user -c "$LXC_USERNIC_PATH $p1 veth usernic-br0 xx4" if [ $? -eq 0 ]; then echo "FAIL: able to create third nic" cleanup 1 @@ -115,7 +117,7 @@ fi su -l usernic-user -c "lxc-stop -P /tmp/usernic-test/lxcbase -n b1" su -l usernic-user -c "lxc-start -P /tmp/usernic-test/lxcbase -n b1 -d" p1=`lxc-info -P /tmp/usernic-test/lxcbase -n b1 -p | awk -F: '{ print $2 }'` -su -l usernic-user -c "lxc-user-nic $p1 veth usernic-br0 xx5" +su -l usernic-user -c "$LXC_USERNIC_PATH $p1 veth usernic-br0 xx5" if [ $? -ne 0 ]; then echo "FAIL: unable to create nic after destroying the old" cleanup 1 @@ -129,7 +131,7 @@ lxc-start -n usernic-c1 -d p2=`lxc-info -n usernic-c1 -p | awk -F: '{ print $2}'` # assign veth to it - should fail -su -l usernic-user -c "lxc-user-nic $p2 veth usernic-br0 xx6" +su -l usernic-user -c "$LXC_USERNIC_PATH $p2 veth usernic-br0 xx6" ret=$? lxc-stop -n usernic-c1 lxc-destroy -n usernic-c1