proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-07-13 23:01:44 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Allow veth that is not attached to a bridge on unprivileged container

Browse Source 
Signed-off-by: Fajar A. Nugraha <github@fajar.net>
This commit is contained in:
Fajar A. Nugraha 2015-03-17 18:05:14 +07:00
parent d3b6301135
commit cff7b5eb80
2 changed files with 23 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/lxc/conf.c
View File

@ -2979,6 +2979,7 @@ static int unpriv_assign_nic(struct lxc_netdev *netdev, pid_t pid)
int bytes, pipefd[2]; int bytes, pipefd[2];
char *token, *saveptr = NULL; char *token, *saveptr = NULL;
char buffer[MAX_BUFFER_SIZE]; char buffer[MAX_BUFFER_SIZE];
char netdev_link[IFNAMSIZ+1];
if (netdev->type != LXC_NET_VETH) { if (netdev->type != LXC_NET_VETH) {
ERROR("nic type %d not support for unprivileged use", ERROR("nic type %d not support for unprivileged use",
@ -3008,7 +3009,12 @@ static int unpriv_assign_nic(struct lxc_netdev *netdev, pid_t pid)
// Call lxc-user-nic pid type bridge // Call lxc-user-nic pid type bridge
char pidstr[20]; char pidstr[20];
char *args[] = {LXC_USERNIC_PATH, pidstr, "veth", netdev->link, netdev->name, NULL }; if (netdev->link) {
strncpy(netdev_link, netdev->link, IFNAMSIZ);
} else {
strncpy(netdev_link, "none", IFNAMSIZ);
}
char *args[] = {LXC_USERNIC_PATH, pidstr, "veth", netdev_link, netdev->name, NULL };
snprintf(pidstr, 19, "%lu", (unsigned long) pid); snprintf(pidstr, 19, "%lu", (unsigned long) pid);
pidstr[19] = '\0'; pidstr[19] = '\0';
execvp(args[0], args); execvp(args[0], args);

4
src/lxc/lxc_user_nic.c
View File

@ -187,6 +187,8 @@ static bool nic_exists(char *nic)
int ret; int ret;
struct stat sb; struct stat sb;
if (strcmp(nic, "none") == 0)
return true;
ret = snprintf(path, MAXPATHLEN, "/sys/class/net/%s", nic); ret = snprintf(path, MAXPATHLEN, "/sys/class/net/%s", nic);
if (ret < 0 || ret >= MAXPATHLEN) // should never happen! if (ret < 0 || ret >= MAXPATHLEN) // should never happen!
return false; return false;
@ -250,6 +252,7 @@ static bool create_nic(char *nic, char *br, int pid, char **cnic)
return false; return false;
} }
if (strcmp(br, "none") != 0) {
/* copy the bridge's mtu to both ends */ /* copy the bridge's mtu to both ends */
mtu = get_mtu(br); mtu = get_mtu(br);
if (mtu != -1) { if (mtu != -1) {
@ -265,6 +268,7 @@ static bool create_nic(char *nic, char *br, int pid, char **cnic)
fprintf(stderr, "Error attaching %s to %s\n", veth1buf, br); fprintf(stderr, "Error attaching %s to %s\n", veth1buf, br);
goto out_del; goto out_del;
} }
}
/* pass veth2 to target netns */ /* pass veth2 to target netns */
ret = lxc_netdev_move_by_name(veth2buf, pid, NULL); ret = lxc_netdev_move_by_name(veth2buf, pid, NULL);