support lxc.execute.cmd container configuration option

Signed-off-by: Serge Hallyn <shallyn@cisco.com>
2025-08-14 09:47:06 +00:00 · 2017-10-02 20:23:34 +00:00 · 2017-10-02 20:23:34 +00:00 · 5cda27c18f
commit 5cda27c18f
parent 08dd280543
5 changed files with 68 additions and 11 deletions
--- a/doc/lxc.container.conf.sgml.in
+++ b/doc/lxc.container.conf.sgml.in
@ -260,6 +260,19 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA

        Defaults to: /sbin/init
      </para>
+      <variablelist>
+        <varlistentry>
+          <term>
+            <option>lxc.execute.cmd</option>
+          </term>
+          <listitem>
+            <para>
+              Absolute path from container rootfs to the binary to run by default.  This
+	      mostly makes sense for lxc-execute.
+            </para>
+          </listitem>
+        </varlistentry>
+      </variablelist>
      <variablelist>
        <varlistentry>
          <term>
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@ -3525,6 +3525,7 @@ void lxc_conf_free(struct lxc_conf *conf)
 	free(conf->ttydir);
 	free(conf->fstab);
 	free(conf->rcfile);
+	free(conf->execute_cmd);
 	free(conf->init_cmd);
 	free(conf->unexpanded_config);
 	free(conf->pty_names);
--- a/src/lxc/conf.h
+++ b/src/lxc/conf.h
@ -309,6 +309,9 @@ struct lxc_conf {
 	char *unexpanded_config;
 	size_t unexpanded_len, unexpanded_alloced;

+	/* default command for lxc-execute */
+	char *execute_cmd;
+
 	/* init command */
 	char *init_cmd;

--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@ -127,6 +127,7 @@ lxc_config_define(start);
 lxc_config_define(monitor);
 lxc_config_define(group);
 lxc_config_define(environment);
+lxc_config_define(execute_cmd);
 lxc_config_define(init_cmd);
 lxc_config_define(init_uid);
 lxc_config_define(init_gid);
@ -149,6 +150,7 @@ static struct lxc_config_t config[] = {
 	{ "lxc.console.path",              false,                  set_config_console_path,                get_config_console_path,                clr_config_console_path,              },
 	{ "lxc.environment",               false,                  set_config_environment,                 get_config_environment,                 clr_config_environment,               },
 	{ "lxc.ephemeral",                 false,                  set_config_ephemeral,                   get_config_ephemeral,                   clr_config_ephemeral,                 },
+	{ "lxc.execute.cmd",               false,                  set_config_execute_cmd,                 get_config_execute_cmd,                 clr_config_execute_cmd,                  },
 	{ "lxc.group",                     false,                  set_config_group,                       get_config_group,                       clr_config_group,                     },
 	{ "lxc.hook.autodev",              false,                  set_config_hooks,                       get_config_hooks,                       clr_config_hooks,                     },
 	{ "lxc.hook.clone",                false,                  set_config_hooks,                       get_config_hooks,                       clr_config_hooks,                     },
@ -920,6 +922,12 @@ static int set_config_seccomp_profile(const char *key, const char *value,
 	return set_config_path_item(&lxc_conf->seccomp, value);
 }

+static int set_config_execute_cmd(const char *key, const char *value,
+			       struct lxc_conf *lxc_conf, void *data)
+{
+	return set_config_path_item(&lxc_conf->execute_cmd, value);
+}
+
 static int set_config_init_cmd(const char *key, const char *value,
 			       struct lxc_conf *lxc_conf, void *data)
 {
@ -3095,6 +3103,12 @@ static int get_config_environment(const char *key, char *retv, int inlen,
 	return fulllen;
 }

+static int get_config_execute_cmd(const char *key, char *retv, int inlen,
+			       struct lxc_conf *c, void *data)
+{
+	return lxc_get_conf_str(retv, inlen, c->execute_cmd);
+}
+
 static int get_config_init_cmd(const char *key, char *retv, int inlen,
 			       struct lxc_conf *c, void *data)
 {
@ -3450,6 +3464,14 @@ static inline int clr_config_environment(const char *key, struct lxc_conf *c,
 	return lxc_clear_environment(c);
 }

+static inline int clr_config_execute_cmd(const char *key, struct lxc_conf *c,
+				      void *data)
+{
+	free(c->execute_cmd);
+	c->execute_cmd = NULL;
+	return 0;
+}
+
 static inline int clr_config_init_cmd(const char *key, struct lxc_conf *c,
 				      void *data)
 {
--- a/src/lxc/tools/lxc_execute.c
+++ b/src/lxc/tools/lxc_execute.c
@ -46,16 +46,6 @@ lxc_log_define(lxc_execute_ui, lxc);

 static struct lxc_list defines;

-static int my_checker(const struct lxc_arguments* args)
-{
-	if (!args->argc) {
-		lxc_error(args, "missing command to execute !");
-		return -1;
-	}
-
-	return 0;
-}
-
 static int my_parser(struct lxc_arguments* args, int c, char* arg)
 {
 	switch (c) {
@ -100,9 +90,29 @@ Options :\n\
  -g, --gid=GID        Execute COMMAND with GID inside the container\n",
 	.options  = my_longopts,
 	.parser   = my_parser,
-	.checker  = my_checker,
 };

+static bool set_argv(struct lxc_conf *conf, struct lxc_arguments *args)
+{
+	char **components, **p;
+
+	if (!conf->execute_cmd)
+		return false;
+
+	/* TODO -
+	   we should honor '"' etc; This seems worth a new helper in utils.c.
+	 */
+	components = lxc_string_split(conf->execute_cmd, ' ');
+	if (!components)
+		return false;
+
+	args->argv = components;
+	for (p = components; *p; p++)
+		args->argc++;
+
+	return true;
+}
+
 int main(int argc, char *argv[])
 {
 	struct lxc_container *c;
@ -150,6 +160,14 @@ int main(int argc, char *argv[])
 		}
 	}

+	if (my_args.argc == 0) {
+		if (!set_argv(c->lxc_conf, &my_args)) {
+			ERROR("missing command to execute!");
+			lxc_container_put(c);
+			exit(EXIT_FAILURE);
+		}
+	}
+
 	if (my_args.uid)
 		c->lxc_conf->init_uid = my_args.uid;