proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-08-16 20:25:34 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #2453 from 2xsec/bugfix

Browse Source 
add namespace api
This commit is contained in:
Christian Brauner 2018-07-06 21:34:34 +02:00 committed by GitHub
commit 74dc5be50c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 40 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
src/lxc/namespace.c
View File

@ -193,6 +193,40 @@ int lxc_namespace_2_ns_idx(const char *namespace)
return -EINVAL; return -EINVAL;
} }
extern int lxc_namespace_2_std_identifiers(char *namespaces)
{
char **it;
char *del;
/* The identifiers for namespaces used with lxc-attach and lxc-unshare
* as given on the manpage do not align with the standard identifiers.
* This affects network, mount, and uts namespaces. The standard identifiers
* are: "mnt", "uts", and "net" whereas lxc-attach and lxc-unshare uses
* "MOUNT", "UTSNAME", and "NETWORK". So let's use some cheap memmove()s
* to replace them by their standard identifiers.
* Let's illustrate this with an example:
* Assume the string:
*
* "IPC|MOUNT|PID"
*
* then we memmove()
*
* dest: del + 1 == OUNT|PID
* src: del + 3 == NT|PID
*/
if (!namespaces)
return -1;
while ((del = strstr(namespaces, "MOUNT")))
memmove(del + 1, del + 3, strlen(del) - 2);
for (it = (char *[]){"NETWORK", "UTSNAME", NULL}; it && *it; it++)
while ((del = strstr(namespaces, *it)))
memmove(del + 3, del + 7, strlen(del) - 6);
return 0;
}
int lxc_fill_namespace_flags(char *flaglist, int *flags) int lxc_fill_namespace_flags(char *flaglist, int *flags)
{ {
char *token, *saveptr = NULL; char *token, *saveptr = NULL;

1
src/lxc/namespace.h
View File

@ -181,6 +181,7 @@ extern pid_t lxc_raw_clone_cb(int (*fn)(void *), void *args,
extern int lxc_namespace_2_cloneflag(const char *namespace); extern int lxc_namespace_2_cloneflag(const char *namespace);
extern int lxc_namespace_2_ns_idx(const char *namespace); extern int lxc_namespace_2_ns_idx(const char *namespace);
extern int lxc_namespace_2_std_identifiers(char *namespaces);
extern int lxc_fill_namespace_flags(char *flaglist, int *flags); extern int lxc_fill_namespace_flags(char *flaglist, int *flags);
/** /**

27
src/lxc/tools/lxc_attach.c
View File

@ -100,8 +100,6 @@ static int add_to_simple_array(char ***array, ssize_t *capacity, char *value)
static int my_parser(struct lxc_arguments *args, int c, char *arg) static int my_parser(struct lxc_arguments *args, int c, char *arg)
{ {
char **it;
char *del;
int ret; int ret;
switch (c) { switch (c) {
@ -121,32 +119,13 @@ static int my_parser(struct lxc_arguments *args, int c, char *arg)
case 's': case 's':
namespace_flags = 0; namespace_flags = 0;
/* The identifiers for namespaces used with lxc-attach as given if (lxc_namespace_2_std_identifiers(arg) < 0)
* on the manpage do not align with the standard identifiers. return -1;
* This affects network, mount, and uts namespaces. The standard
* identifiers are: "mnt", "uts", and "net" whereas lxc-attach
* uses "MOUNT", "UTSNAME", and "NETWORK". So let's use some
* cheap memmove()s to replace them by their standard
* identifiers. Let's illustrate this with an example:
* Assume the string:
*
* "IPC|MOUNT|PID"
*
* then we memmove()
*
* dest: del + 1 == OUNT|PID
* src: del + 3 == NT|PID
*/
while ((del = strstr(arg, "MOUNT")))
memmove(del + 1, del + 3, strlen(del) - 2);
for (it = (char *[]){"NETWORK", "UTSNAME", NULL}; it && *it; it++)
while ((del = strstr(arg, *it)))
memmove(del + 3, del + 7, strlen(del) - 6);
ret = lxc_fill_namespace_flags(arg, &namespace_flags); ret = lxc_fill_namespace_flags(arg, &namespace_flags);
if (ret) if (ret)
return -1; return -1;
/* -s implies -e */ /* -s implies -e */
lxc_fill_elevated_privileges(NULL, &elevated_privileges); lxc_fill_elevated_privileges(NULL, &elevated_privileges);
break; break;

27
src/lxc/tools/lxc_unshare.c
View File

@ -244,8 +244,7 @@ static int write_id_mapping(pid_t pid, const char *buf, size_t buf_size)
int main(int argc, char *argv[]) int main(int argc, char *argv[])
{ {
char *del; char **args;
char **it, **args;
int opt; int opt;
int ret; int ret;
char *namespaces = NULL; char *namespaces = NULL;
@ -308,31 +307,9 @@ int main(int argc, char *argv[])
if (ret) if (ret)
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
/* The identifiers for namespaces used with lxc-unshare as given on the if (lxc_namespace_2_std_identifiers(namespaces) < 0)
* manpage do not align with the standard identifiers. This affects
* network, mount, and uts namespaces. The standard identifiers are:
* "mnt", "uts", and "net" whereas lxc-unshare uses "MOUNT", "UTSNAME",
* and "NETWORK". So let's use some cheap memmove()s to replace them by
* their standard identifiers. Let's illustrate this with an example:
* Assume the string:
*
* "IPC|MOUNT|PID"
*
* then we memmove()
*
* dest: del + 1 == OUNT|PID
* src: del + 3 == NT|PID
*/
if (!namespaces)
usage(argv[0]); usage(argv[0]);
while ((del = strstr(namespaces, "MOUNT")))
memmove(del + 1, del + 3, strlen(del) - 2);
for (it = (char *[]){"NETWORK", "UTSNAME", NULL}; it && *it; it++)
while ((del = strstr(namespaces, *it)))
memmove(del + 3, del + 7, strlen(del) - 6);
ret = lxc_fill_namespace_flags(namespaces, &flags); ret = lxc_fill_namespace_flags(namespaces, &flags);
if (ret) if (ret)
usage(argv[0]); usage(argv[0]);