Skip to content

L
lxc
Commit 7456fb2c by Serge Hallyn Committed by GitHub
Options

Merge pull request #1750 from brauner/2017-08-10/further_lxc_2.1_preparations

further lxc 2.1. preparations
parents 4393ebc3 7ec2e32a
Showing with 435 additions and 139 deletions
.gitignore
......@@ -37,6 +37,7 @@ src/lxc/lxc-attach
src/lxc/lxc-autostart
src/lxc/lxc-cgroup
src/lxc/tools/lxc-checkconfig
src/lxc/tools/lxc-update-config
src/lxc/lxc-checkpoint
src/lxc/lxc-clone
src/lxc/lxc-console
......
configure.ac
......@@ -914,6 +914,7 @@ AC_CONFIG_FILES([
src/lxc/lxc.functions
src/lxc/tools/lxc-checkconfig
src/lxc/tools/lxc-start-ephemeral
src/lxc/tools/lxc-update-config
src/lxc/version.h
src/python-lxc/Makefile
......
src/lxc/Makefile.am
......@@ -208,7 +208,8 @@ liblxc_la_LIBADD += $(CGMANAGER_LIBS) $(DBUS_LIBS) $(NIH_LIBS) $(NIH_DBUS_LIBS)
liblxc_la_CFLAGS += $(CGMANAGER_CFLAGS) $(DBUS_CFLAGS) $(NIH_CFLAGS) $(NIH_DBUS_CFLAGS)
endif
bin_SCRIPTS = tools/lxc-checkconfig
bin_SCRIPTS = tools/lxc-checkconfig \
tools/lxc-update-config
EXTRA_DIST = \
tools/lxc-top.lua
......
src/lxc/commands.c
......@@ -516,7 +516,7 @@ static int lxc_cmd_get_config_item_callback(int fd, struct lxc_cmd_req *req,
struct lxc_config_t *item;
memset(&rsp, 0, sizeof(rsp));
item = lxc_getconfig(req->data);
item = lxc_get_config(req->data);
if (!item)
goto err1;
cilen = item->get(req->data, NULL, 0, handler->conf, NULL);
......
src/lxc/conf.h
......@@ -408,6 +408,12 @@ struct lxc_conf {
/* RLIMIT_* limits */
struct lxc_list limits;
/* REMOVE IN LXC 3.0
* Indicator whether the current config file we're using contained any
* legacy configuration keys.
*/
bool contains_legacy_key;
};
#ifdef HAVE_TLS
......
src/lxc/confile.c
......@@ -137,137 +137,139 @@ lxc_config_define(no_new_privs);
lxc_config_define(prlimit);
static struct lxc_config_t config[] = {
{ "lxc.arch", set_config_personality, get_config_personality, clr_config_personality, },
{ "lxc.pty.max", set_config_pty_max, get_config_pty_max, clr_config_pty_max, },
{ "lxc.tty.dir", set_config_tty_dir, get_config_tty_dir, clr_config_tty_dir, },
{ "lxc.tty.max", set_config_tty_max, get_config_tty_max, clr_config_tty_max, },
/* REMOVE in LXC 3.0 */
{ "lxc.arch", false, set_config_personality, get_config_personality, clr_config_personality, },
{ "lxc.pty.max", false, set_config_pty_max, get_config_pty_max, clr_config_pty_max, },
{ "lxc.tty.dir", false, set_config_tty_dir, get_config_tty_dir, clr_config_tty_dir, },
{ "lxc.tty.max", false, set_config_tty_max, get_config_tty_max, clr_config_tty_max, },
/* [START]: REMOVE IN LXC 3.0 */
{ "lxc.pts", set_config_pty_max, get_config_pty_max, clr_config_pty_max, },
{ "lxc.devttydir", set_config_tty_dir, get_config_tty_dir, clr_config_tty_dir, },
{ "lxc.tty", set_config_tty_max, get_config_tty_max, clr_config_tty_max, },
{ "lxc.pts", true, set_config_pty_max, get_config_pty_max, clr_config_pty_max, },
{ "lxc.devttydir", true, set_config_tty_dir, get_config_tty_dir, clr_config_tty_dir, },
{ "lxc.tty", true, set_config_tty_max, get_config_tty_max, clr_config_tty_max, },
/* [END]: REMOVE IN LXC 3.0 */
{ "lxc.apparmor.profile", set_config_apparmor_profile, get_config_apparmor_profile, clr_config_apparmor_profile, },
{ "lxc.apparmor.allow_incomplete", set_config_apparmor_allow_incomplete, get_config_apparmor_allow_incomplete, clr_config_apparmor_allow_incomplete, },
{ "lxc.selinux.context", set_config_selinux_context, get_config_selinux_context, clr_config_selinux_context, },
{ "lxc.apparmor.profile", false, set_config_apparmor_profile, get_config_apparmor_profile, clr_config_apparmor_profile, },
{ "lxc.apparmor.allow_incomplete", false, set_config_apparmor_allow_incomplete, get_config_apparmor_allow_incomplete, clr_config_apparmor_allow_incomplete, },
{ "lxc.selinux.context", false, set_config_selinux_context, get_config_selinux_context, clr_config_selinux_context, },
/* [START]: REMOVE IN LXC 3.0 */
{ "lxc.aa_profile", set_config_lsm_aa_profile, get_config_lsm_aa_profile, clr_config_lsm_aa_profile, },
{ "lxc.aa_allow_incomplete", set_config_lsm_aa_incomplete, get_config_lsm_aa_incomplete, clr_config_lsm_aa_incomplete, },
{ "lxc.se_context", set_config_lsm_se_context, get_config_lsm_se_context, clr_config_lsm_se_context, },
{ "lxc.aa_profile", true, set_config_lsm_aa_profile, get_config_lsm_aa_profile, clr_config_lsm_aa_profile, },
{ "lxc.aa_allow_incomplete", true, set_config_lsm_aa_incomplete, get_config_lsm_aa_incomplete, clr_config_lsm_aa_incomplete, },
{ "lxc.se_context", true, set_config_lsm_se_context, get_config_lsm_se_context, clr_config_lsm_se_context, },
/* [END]: REMOVE IN LXC 3.0 */
{ "lxc.cgroup", set_config_cgroup, get_config_cgroup, clr_config_cgroup, },
{ "lxc.id_map", set_config_idmaps, get_config_idmaps, clr_config_idmaps, },
{ "lxc.mount.entry", set_config_mount, get_config_mount, clr_config_mount, },
{ "lxc.mount.auto", set_config_mount_auto, get_config_mount_auto, clr_config_mount_auto, },
{ "lxc.mount.fstab", set_config_mount_fstab, get_config_mount_fstab, clr_config_mount_fstab, },
{ "lxc.rootfs.mount", set_config_rootfs_mount, get_config_rootfs_mount, clr_config_rootfs_mount, },
{ "lxc.rootfs.options", set_config_rootfs_options, get_config_rootfs_options, clr_config_rootfs_options, },
{ "lxc.rootfs.path", set_config_rootfs_path, get_config_rootfs_path, clr_config_rootfs_path, },
{ "lxc.cgroup", false, set_config_cgroup, get_config_cgroup, clr_config_cgroup, },
{ "lxc.idmap", false, set_config_idmaps, get_config_idmaps, clr_config_idmaps, },
{ "lxc.mount.entry", false, set_config_mount, get_config_mount, clr_config_mount, },
{ "lxc.mount.auto", false, set_config_mount_auto, get_config_mount_auto, clr_config_mount_auto, },
{ "lxc.mount.fstab", false, set_config_mount_fstab, get_config_mount_fstab, clr_config_mount_fstab, },
{ "lxc.rootfs.mount", false, set_config_rootfs_mount, get_config_rootfs_mount, clr_config_rootfs_mount, },
{ "lxc.rootfs.options", false, set_config_rootfs_options, get_config_rootfs_options, clr_config_rootfs_options, },
{ "lxc.rootfs.path", false, set_config_rootfs_path, get_config_rootfs_path, clr_config_rootfs_path, },
/* [START]: REMOVE IN LXC 3.0 */
{ "lxc.mount", set_config_mount_fstab, get_config_mount_fstab, clr_config_mount_fstab, },
{ "lxc.rootfs.backend", set_config_rootfs_backend, get_config_rootfs_backend, clr_config_rootfs_backend, },
{ "lxc.rootfs", set_config_rootfs_path, get_config_rootfs_path, clr_config_rootfs_path, },
{ "lxc.utsname", set_config_uts_name, get_config_uts_name, clr_config_uts_name, },
{ "lxc.id_map", true, set_config_idmaps, get_config_idmaps, clr_config_idmaps, },
{ "lxc.mount", true, set_config_mount_fstab, get_config_mount_fstab, clr_config_mount_fstab, },
{ "lxc.rootfs.backend", true, set_config_rootfs_backend, get_config_rootfs_backend, clr_config_rootfs_backend, },
{ "lxc.rootfs", true, set_config_rootfs_path, get_config_rootfs_path, clr_config_rootfs_path, },
{ "lxc.utsname", true, set_config_uts_name, get_config_uts_name, clr_config_uts_name, },
/* [END]: REMOVE IN LXC 3.0 */
{ "lxc.uts.name", set_config_uts_name, get_config_uts_name, clr_config_uts_name, },
{ "lxc.hook.pre-start", set_config_hooks, get_config_hooks, clr_config_hooks, },
{ "lxc.hook.pre-mount", set_config_hooks, get_config_hooks, clr_config_hooks, },
{ "lxc.hook.mount", set_config_hooks, get_config_hooks, clr_config_hooks, },
{ "lxc.hook.autodev", set_config_hooks, get_config_hooks, clr_config_hooks, },
{ "lxc.hook.start", set_config_hooks, get_config_hooks, clr_config_hooks, },
{ "lxc.hook.stop", set_config_hooks, get_config_hooks, clr_config_hooks, },
{ "lxc.hook.post-stop", set_config_hooks, get_config_hooks, clr_config_hooks, },
{ "lxc.hook.clone", set_config_hooks, get_config_hooks, clr_config_hooks, },
{ "lxc.hook.destroy", set_config_hooks, get_config_hooks, clr_config_hooks, },
{ "lxc.hook", set_config_hooks, get_config_hooks, clr_config_hooks, },
{ "lxc.uts.name", false, set_config_uts_name, get_config_uts_name, clr_config_uts_name, },
{ "lxc.hook.pre-start", false, set_config_hooks, get_config_hooks, clr_config_hooks, },
{ "lxc.hook.pre-mount", false, set_config_hooks, get_config_hooks, clr_config_hooks, },
{ "lxc.hook.mount", false, set_config_hooks, get_config_hooks, clr_config_hooks, },
{ "lxc.hook.autodev", false, set_config_hooks, get_config_hooks, clr_config_hooks, },
{ "lxc.hook.start", false, set_config_hooks, get_config_hooks, clr_config_hooks, },
{ "lxc.hook.stop", false, set_config_hooks, get_config_hooks, clr_config_hooks, },
{ "lxc.hook.post-stop", false, set_config_hooks, get_config_hooks, clr_config_hooks, },
{ "lxc.hook.clone", false, set_config_hooks, get_config_hooks, clr_config_hooks, },
{ "lxc.hook.destroy", false, set_config_hooks, get_config_hooks, clr_config_hooks, },
{ "lxc.hook", false, set_config_hooks, get_config_hooks, clr_config_hooks, },
/* [START]: REMOVE IN LXC 3.0 */
{ "lxc.network.type", set_config_network_legacy_type, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.flags", set_config_network_legacy_flags, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.link", set_config_network_legacy_link, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.name", set_config_network_legacy_name, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.macvlan.mode", set_config_network_legacy_macvlan_mode, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.veth.pair", set_config_network_legacy_veth_pair, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.script.up", set_config_network_legacy_script_up, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.script.down", set_config_network_legacy_script_down, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.hwaddr", set_config_network_legacy_hwaddr, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.mtu", set_config_network_legacy_mtu, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.vlan.id", set_config_network_legacy_vlan_id, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.ipv4.gateway", set_config_network_legacy_ipv4_gateway, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.ipv4", set_config_network_legacy_ipv4, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.ipv6.gateway", set_config_network_legacy_ipv6_gateway, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.ipv6", set_config_network_legacy_ipv6, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.", set_config_network_legacy_nic, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network", set_config_network_legacy, get_config_network_legacy, clr_config_network_legacy, },
{ "lxc.network.type", true, set_config_network_legacy_type, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.flags", true, set_config_network_legacy_flags, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.link", true, set_config_network_legacy_link, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.name", true, set_config_network_legacy_name, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.macvlan.mode", true, set_config_network_legacy_macvlan_mode, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.veth.pair", true, set_config_network_legacy_veth_pair, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.script.up", true, set_config_network_legacy_script_up, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.script.down", true, set_config_network_legacy_script_down, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.hwaddr", true, set_config_network_legacy_hwaddr, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.mtu", true, set_config_network_legacy_mtu, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.vlan.id", true, set_config_network_legacy_vlan_id, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.ipv4.gateway", true, set_config_network_legacy_ipv4_gateway, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.ipv4", true, set_config_network_legacy_ipv4, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.ipv6.gateway", true, set_config_network_legacy_ipv6_gateway, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.ipv6", true, set_config_network_legacy_ipv6, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network.", true, set_config_network_legacy_nic, get_config_network_legacy_item, clr_config_network_legacy_item, },
{ "lxc.network", true, set_config_network_legacy, get_config_network_legacy, clr_config_network_legacy, },
/* [END]: REMOVE IN LXC 3.0 */
{ "lxc.net.type", set_config_net_type, get_config_net_type, clr_config_net_type, },
{ "lxc.net.flags", set_config_net_flags, get_config_net_flags, clr_config_net_flags, },
{ "lxc.net.link", set_config_net_link, get_config_net_link, clr_config_net_link, },
{ "lxc.net.name", set_config_net_name, get_config_net_name, clr_config_net_name, },
{ "lxc.net.macvlan.mode", set_config_net_macvlan_mode, get_config_net_macvlan_mode, clr_config_net_macvlan_mode, },
{ "lxc.net.veth.pair", set_config_net_veth_pair, get_config_net_veth_pair, clr_config_net_veth_pair, },
{ "lxc.net.script.up", set_config_net_script_up, get_config_net_script_up, clr_config_net_script_up, },
{ "lxc.net.script.down", set_config_net_script_down, get_config_net_script_down, clr_config_net_script_down, },
{ "lxc.net.hwaddr", set_config_net_hwaddr, get_config_net_hwaddr, clr_config_net_hwaddr, },
{ "lxc.net.mtu", set_config_net_mtu, get_config_net_mtu, clr_config_net_mtu, },
{ "lxc.net.vlan.id", set_config_net_vlan_id, get_config_net_vlan_id, clr_config_net_vlan_id, },
{ "lxc.net.ipv4.gateway", set_config_net_ipv4_gateway, get_config_net_ipv4_gateway, clr_config_net_ipv4_gateway, },
{ "lxc.net.ipv4.address", set_config_net_ipv4_address, get_config_net_ipv4_address, clr_config_net_ipv4_address, },
{ "lxc.net.ipv6.gateway", set_config_net_ipv6_gateway, get_config_net_ipv6_gateway, clr_config_net_ipv6_gateway, },
{ "lxc.net.ipv6.address", set_config_net_ipv6_address, get_config_net_ipv6_address, clr_config_net_ipv6_address, },
{ "lxc.net.", set_config_net_nic, get_config_net_nic, clr_config_net_nic, },
{ "lxc.net", set_config_net, get_config_net, clr_config_net, },
{ "lxc.cap.drop", set_config_cap_drop, get_config_cap_drop, clr_config_cap_drop, },
{ "lxc.cap.keep", set_config_cap_keep, get_config_cap_keep, clr_config_cap_keep, },
{ "lxc.console.logfile", set_config_console_logfile, get_config_console_logfile, clr_config_console_logfile, },
{ "lxc.console.path", set_config_console_path, get_config_console_path, clr_config_console_path, },
{ "lxc.seccomp.profile", set_config_seccomp_profile, get_config_seccomp_profile, clr_config_seccomp_profile, },
{ "lxc.include", set_config_includefiles, get_config_includefiles, clr_config_includefiles, },
{ "lxc.autodev", set_config_autodev, get_config_autodev, clr_config_autodev, },
{ "lxc.net.type", false, set_config_net_type, get_config_net_type, clr_config_net_type, },
{ "lxc.net.flags", false, set_config_net_flags, get_config_net_flags, clr_config_net_flags, },
{ "lxc.net.link", false, set_config_net_link, get_config_net_link, clr_config_net_link, },
{ "lxc.net.name", false, set_config_net_name, get_config_net_name, clr_config_net_name, },
{ "lxc.net.macvlan.mode", false, set_config_net_macvlan_mode, get_config_net_macvlan_mode, clr_config_net_macvlan_mode, },
{ "lxc.net.veth.pair", false, set_config_net_veth_pair, get_config_net_veth_pair, clr_config_net_veth_pair, },
{ "lxc.net.script.up", false, set_config_net_script_up, get_config_net_script_up, clr_config_net_script_up, },
{ "lxc.net.script.down", false, set_config_net_script_down, get_config_net_script_down, clr_config_net_script_down, },
{ "lxc.net.hwaddr", false, set_config_net_hwaddr, get_config_net_hwaddr, clr_config_net_hwaddr, },
{ "lxc.net.mtu", false, set_config_net_mtu, get_config_net_mtu, clr_config_net_mtu, },
{ "lxc.net.vlan.id", false, set_config_net_vlan_id, get_config_net_vlan_id, clr_config_net_vlan_id, },
{ "lxc.net.ipv4.gateway", false, set_config_net_ipv4_gateway, get_config_net_ipv4_gateway, clr_config_net_ipv4_gateway, },
{ "lxc.net.ipv4.address", false, set_config_net_ipv4_address, get_config_net_ipv4_address, clr_config_net_ipv4_address, },
{ "lxc.net.ipv6.gateway", false, set_config_net_ipv6_gateway, get_config_net_ipv6_gateway, clr_config_net_ipv6_gateway, },
{ "lxc.net.ipv6.address", false, set_config_net_ipv6_address, get_config_net_ipv6_address, clr_config_net_ipv6_address, },
{ "lxc.net.", false, set_config_net_nic, get_config_net_nic, clr_config_net_nic, },
{ "lxc.net", false, set_config_net, get_config_net, clr_config_net, },
{ "lxc.cap.drop", false, set_config_cap_drop, get_config_cap_drop, clr_config_cap_drop, },
{ "lxc.cap.keep", false, set_config_cap_keep, get_config_cap_keep, clr_config_cap_keep, },
{ "lxc.console.logfile", false, set_config_console_logfile, get_config_console_logfile, clr_config_console_logfile, },
{ "lxc.console.path", false, set_config_console_path, get_config_console_path, clr_config_console_path, },
{ "lxc.seccomp.profile", false, set_config_seccomp_profile, get_config_seccomp_profile, clr_config_seccomp_profile, },
{ "lxc.include", false, set_config_includefiles, get_config_includefiles, clr_config_includefiles, },
{ "lxc.autodev", false, set_config_autodev, get_config_autodev, clr_config_autodev, },
/* [START]: REMOVE IN LXC 3.0 */
{ "lxc.seccomp", set_config_seccomp_profile, get_config_seccomp_profile, clr_config_seccomp_profile, },
{ "lxc.console", set_config_console_path, get_config_console_path, clr_config_console_path, },
{ "lxc.haltsignal", set_config_signal_halt, get_config_signal_halt, clr_config_signal_halt, },
{ "lxc.rebootsignal", set_config_signal_reboot, get_config_signal_reboot, clr_config_signal_reboot, },
{ "lxc.stopsignal", set_config_signal_stop, get_config_signal_stop, clr_config_signal_stop, },
{ "lxc.seccomp", true, set_config_seccomp_profile, get_config_seccomp_profile, clr_config_seccomp_profile, },
{ "lxc.console", true, set_config_console_path, get_config_console_path, clr_config_console_path, },
{ "lxc.haltsignal", true, set_config_signal_halt, get_config_signal_halt, clr_config_signal_halt, },
{ "lxc.rebootsignal", true, set_config_signal_reboot, get_config_signal_reboot, clr_config_signal_reboot, },
{ "lxc.stopsignal", true, set_config_signal_stop, get_config_signal_stop, clr_config_signal_stop, },
/* [END]: REMOVE IN LXC 3.0 */
{ "lxc.signal.halt", set_config_signal_halt, get_config_signal_halt, clr_config_signal_halt, },
{ "lxc.signal.reboot", set_config_signal_reboot, get_config_signal_reboot, clr_config_signal_reboot, },
{ "lxc.signal.stop", set_config_signal_stop, get_config_signal_stop, clr_config_signal_stop, },
{ "lxc.start.auto", set_config_start, get_config_start, clr_config_start, },
{ "lxc.start.delay", set_config_start, get_config_start, clr_config_start, },
{ "lxc.start.order", set_config_start, get_config_start, clr_config_start, },
{ "lxc.monitor.unshare", set_config_monitor, get_config_monitor, clr_config_monitor, },
{ "lxc.group", set_config_group, get_config_group, clr_config_group, },
{ "lxc.environment", set_config_environment, get_config_environment, clr_config_environment, },
{ "lxc.ephemeral", set_config_ephemeral, get_config_ephemeral, clr_config_ephemeral, },
{ "lxc.no_new_privs", set_config_no_new_privs, get_config_no_new_privs, clr_config_no_new_privs, },
{ "lxc.signal.halt", false, set_config_signal_halt, get_config_signal_halt, clr_config_signal_halt, },
{ "lxc.signal.reboot", false, set_config_signal_reboot, get_config_signal_reboot, clr_config_signal_reboot, },
{ "lxc.signal.stop", false, set_config_signal_stop, get_config_signal_stop, clr_config_signal_stop, },
{ "lxc.start.auto", false, set_config_start, get_config_start, clr_config_start, },
{ "lxc.start.delay", false, set_config_start, get_config_start, clr_config_start, },
{ "lxc.start.order", false, set_config_start, get_config_start, clr_config_start, },
{ "lxc.monitor.unshare", false, set_config_monitor, get_config_monitor, clr_config_monitor, },
{ "lxc.group", false, set_config_group, get_config_group, clr_config_group, },
{ "lxc.environment", false, set_config_environment, get_config_environment, clr_config_environment, },
{ "lxc.ephemeral", false, set_config_ephemeral, get_config_ephemeral, clr_config_ephemeral, },
{ "lxc.no_new_privs", false, set_config_no_new_privs, get_config_no_new_privs, clr_config_no_new_privs, },
/* [START]: REMOVE IN LXC 3.0 */
{ "lxc.syslog", set_config_log_syslog, get_config_log_syslog, clr_config_log_syslog, },
{ "lxc.loglevel", set_config_log_level, get_config_log_level, clr_config_log_level, },
{ "lxc.logfile", set_config_log_file, get_config_log_file, clr_config_log_file, },
{ "lxc.init_cmd", set_config_init_cmd, get_config_init_cmd, clr_config_init_cmd, },
{ "lxc.init_uid", set_config_init_uid, get_config_init_uid, clr_config_init_uid, },
{ "lxc.init_gid", set_config_init_gid, get_config_init_gid, clr_config_init_gid, },
{ "lxc.limit", set_config_limit, get_config_limit, clr_config_limit, },
{ "lxc.syslog", true, set_config_log_syslog, get_config_log_syslog, clr_config_log_syslog, },
{ "lxc.loglevel", true, set_config_log_level, get_config_log_level, clr_config_log_level, },
{ "lxc.logfile", true, set_config_log_file, get_config_log_file, clr_config_log_file, },
{ "lxc.init_cmd", true, set_config_init_cmd, get_config_init_cmd, clr_config_init_cmd, },
{ "lxc.init_uid", true, set_config_init_uid, get_config_init_uid, clr_config_init_uid, },
{ "lxc.init_gid", true, set_config_init_gid, get_config_init_gid, clr_config_init_gid, },
{ "lxc.limit", true, set_config_limit, get_config_limit, clr_config_limit, },
/* [END]: REMOVE IN LXC 3.0 */
{ "lxc.log.syslog", set_config_log_syslog, get_config_log_syslog, clr_config_log_syslog, },
{ "lxc.log.level", set_config_log_level, get_config_log_level, clr_config_log_level, },
{ "lxc.log.file", set_config_log_file, get_config_log_file, clr_config_log_file, },
{ "lxc.init.cmd", set_config_init_cmd, get_config_init_cmd, clr_config_init_cmd, },
{ "lxc.init.uid", set_config_init_uid, get_config_init_uid, clr_config_init_uid, },
{ "lxc.init.gid", set_config_init_gid, get_config_init_gid, clr_config_init_gid, },
{ "lxc.prlimit", set_config_prlimit, get_config_prlimit, clr_config_prlimit, },
{ "lxc.log.syslog", false, set_config_log_syslog, get_config_log_syslog, clr_config_log_syslog, },
{ "lxc.log.level", false, set_config_log_level, get_config_log_level, clr_config_log_level, },
{ "lxc.log.file", false, set_config_log_file, get_config_log_file, clr_config_log_file, },
{ "lxc.init.cmd", false, set_config_init_cmd, get_config_init_cmd, clr_config_init_cmd, },
{ "lxc.init.uid", false, set_config_init_uid, get_config_init_uid, clr_config_init_uid, },
{ "lxc.init.gid", false, set_config_init_gid, get_config_init_gid, clr_config_init_gid, },
{ "lxc.prlimit", false, set_config_prlimit, get_config_prlimit, clr_config_prlimit, },
};
struct signame {
......@@ -356,13 +358,14 @@ static const struct signame signames[] = {
static const size_t config_size = sizeof(config) / sizeof(struct lxc_config_t);
extern struct lxc_config_t *lxc_getconfig(const char *key)
struct lxc_config_t *lxc_get_config(const char *key)
{
size_t i;
for (i = 0; i < config_size; i++)
if (!strncmp(config[i].name, key, strlen(config[i].name)))
return &config[i];
return NULL;
}
......@@ -2038,12 +2041,24 @@ static int parse_line(char *buffer, void *data)
}
}
config = lxc_getconfig(key);
config = lxc_get_config(key);
if (!config) {
ERROR("unknown key %s", key);
goto out;
}
/* [START]: REMOVE IN LXC 3.0 */
if (config->is_legacy_key && !plc->conf->contains_legacy_key) {
plc->conf->contains_legacy_key = true;
/* Warn the user once loud and clear that there is at least one
* legacy configuration item in the configuration file and then
* an update is required.
*/
fprintf(stderr, "The configuration file contains legacy configuration keys.\n"
"Please update your configuration file!\n");
}
/* [END]: REMOVE IN LXC 3.0 */
ret = config->set(key, value, plc->conf, NULL);
out:
......@@ -3607,7 +3622,7 @@ static struct lxc_config_t *get_network_config_ops(const char *key,
memmove(copy + 8, idx_end + 1, strlen(idx_end + 1));
copy[strlen(key) - numstrlen + 1] = '\0';
config = lxc_getconfig(copy);
config = lxc_get_config(copy);
if (!config) {
ERROR("unknown network configuration key %s", key);
goto on_error;
......@@ -4442,14 +4457,77 @@ int lxc_list_config_items(char *retv, int inlen)
for (i = 0; i < config_size; i++) {
char *s = config[i].name;
if (s[strlen(s) - 1] == '.')
continue;
strprint(retv, inlen, "%s\n", s);
}
return fulllen;
}
int lxc_list_subkeys(struct lxc_conf *conf, const char *key, char *retv,
int inlen)
{
int len;
int fulllen = 0;
if (!retv)
inlen = 0;
else
memset(retv, 0, inlen);
if (!strcmp(key, "lxc.apparmor")) {
strprint(retv, inlen, "allow_incomplete\n");
strprint(retv, inlen, "profile\n");
} else if (!strcmp(key, "lxc.selinux")) {
strprint(retv, inlen, "context\n");
} else if (!strcmp(key, "lxc.mount")) {
strprint(retv, inlen, "auto\n");
strprint(retv, inlen, "entry\n");
strprint(retv, inlen, "fstab\n");
} else if (!strcmp(key, "lxc.rootfs")) {
strprint(retv, inlen, "mount\n");
strprint(retv, inlen, "options\n");
strprint(retv, inlen, "path\n");
} else if (!strcmp(key, "lxc.uts")) {
strprint(retv, inlen, "name\n");
} else if (!strcmp(key, "lxc.hook")) {
strprint(retv, inlen, "autodev\n");
strprint(retv, inlen, "clone\n");
strprint(retv, inlen, "destroy\n");
strprint(retv, inlen, "mount\n");
strprint(retv, inlen, "post-stop\n");
strprint(retv, inlen, "pre-mount\n");
strprint(retv, inlen, "pre-start\n");
strprint(retv, inlen, "start\n");
strprint(retv, inlen, "stop\n");
} else if (!strcmp(key, "lxc.cap")) {
strprint(retv, inlen, "drop\n");
strprint(retv, inlen, "keep\n");
} else if (!strcmp(key, "lxc.console")) {
strprint(retv, inlen, "logfile\n");
strprint(retv, inlen, "path\n");
} else if (!strcmp(key, "lxc.seccomp")) {
strprint(retv, inlen, "profile\n");
} else if (!strcmp(key, "lxc.signal")) {
strprint(retv, inlen, "halt\n");
strprint(retv, inlen, "reboot\n");
strprint(retv, inlen, "stop\n");
} else if (!strcmp(key, "lxc.start")) {
strprint(retv, inlen, "auto\n");
strprint(retv, inlen, "delay\n");
strprint(retv, inlen, "order\n");
} else if (!strcmp(key, "lxc.monitor")) {
strprint(retv, inlen, "unshare\n");
} else {
fulllen = -1;
}
return fulllen;
}
int lxc_list_net(struct lxc_conf *c, const char *key, char *retv, int inlen)
{
int len;
......
src/lxc/confile.h
......@@ -33,21 +33,44 @@
struct lxc_conf;
struct lxc_list;
/* Callback prototype to set a configuration item.
* Must be implemented when adding a new configuration key.
*/
typedef int (*config_set_cb)(const char *key, const char *value,
struct lxc_conf *conf, void *data);
/* Callback prototype to get a configuration item.
* Must be implemented when adding a new configuration key.
*/
typedef int (*config_get_cb)(const char *key, char *value, int inlen,
struct lxc_conf *conf, void *data);
/* Callback prototype to clear a configuration item.
* Must be implemented when adding a new configuration key.
*/
typedef int (*config_clr_cb)(const char *key, struct lxc_conf *conf,
void *data);
struct lxc_config_t {
char *name;
bool is_legacy_key; /* REMOVE in LXC 3.0 */
config_set_cb set;
config_get_cb get;
config_clr_cb clr;
};
extern struct lxc_config_t *lxc_getconfig(const char *key);
/* Get the jump table entry for the given configuration key. */
extern struct lxc_config_t *lxc_get_config(const char *key);
/* List all available config items. */
extern int lxc_list_config_items(char *retv, int inlen);
/* Given a configuration key namespace (e.g. lxc.apparmor) list all associated
* subkeys for that namespace.
* Must be implemented when adding a new configuration key.
*/
extern int lxc_list_subkeys(struct lxc_conf *conf, const char *key, char *retv,
int inlen);
/* List all configuration items associated with a given network. For example
* pass "lxc.net.[i]" to retrieve all configuration items associated with
......@@ -55,29 +78,41 @@ extern struct lxc_config_t *lxc_getconfig(const char *key);
*/
extern int lxc_list_net(struct lxc_conf *c, const char *key, char *retv,
int inlen);
extern int lxc_list_config_items(char *retv, int inlen);
extern int lxc_config_read(const char *file, struct lxc_conf *conf, bool from_include);
extern int lxc_config_read(const char *file, struct lxc_conf *conf,
bool from_include);
extern int append_unexp_config_line(const char *line, struct lxc_conf *conf);
extern int lxc_config_define_add(struct lxc_list *defines, char* arg);
extern int lxc_config_define_load(struct lxc_list *defines,
struct lxc_conf *conf);
/* needed for lxc-attach */
extern signed long lxc_config_parse_arch(const char *arch);
extern int lxc_fill_elevated_privileges(char *flaglist, int *flags);
extern int lxc_clear_config_item(struct lxc_conf *c, const char *key);
extern void write_config(FILE *fout, struct lxc_conf *c);
extern bool do_append_unexp_config_line(struct lxc_conf *conf, const char *key, const char *v);
extern bool do_append_unexp_config_line(struct lxc_conf *conf, const char *key,
const char *v);
/* These are used when cloning a container */
extern void clear_unexp_config_line(struct lxc_conf *conf, const char *key, bool rm_subkeys);
extern void clear_unexp_config_line(struct lxc_conf *conf, const char *key,
bool rm_subkeys);
extern bool clone_update_unexp_hooks(struct lxc_conf *conf, const char *oldpath,
const char *newpath, const char *oldname, const char *newmame);
const char *newpath, const char *oldname,
const char *newmame);
bool clone_update_unexp_ovl_paths(struct lxc_conf *conf, const char *oldpath,
const char *newpath, const char *oldname,
const char *newname, const char *ovldir);
extern bool network_new_hwaddrs(struct lxc_conf *conf);
#endif
#endif /* __LXC_CONFILE_H */
src/lxc/confile_legacy.c
......@@ -91,7 +91,7 @@ int set_config_network_legacy_nic(const char *key, const char *value,
goto out;
strcpy(copy + 12, p + 1);
config = lxc_getconfig(copy);
config = lxc_get_config(copy);
if (!config) {
ERROR("unknown key %s", key);
goto out;
......
src/lxc/lxccontainer.c
......@@ -1902,7 +1902,7 @@ static bool do_lxcapi_clear_config_item(struct lxc_container *c,
if (container_mem_lock(c))
return false;
config = lxc_getconfig(key);
config = lxc_get_config(key);
/* Verify that the config key exists and that it has a callback
* implemented.
*/
......@@ -2218,7 +2218,7 @@ static int do_lxcapi_get_config_item(struct lxc_container *c, const char *key, c
if (container_mem_lock(c))
return -1;
config = lxc_getconfig(key);
config = lxc_get_config(key);
/* Verify that the config key exists and that it has a callback
* implemented.
*/
......@@ -2248,22 +2248,29 @@ WRAP_API_1(char *, lxcapi_get_running_config_item, const char *)
static int do_lxcapi_get_keys(struct lxc_container *c, const char *key, char *retv, int inlen)
{
int ret = -1;
/* List all config items. */
if (!key)
return lxc_list_config_items(retv, inlen);
/*
* Support 'lxc.net.<idx>', i.e. 'lxc.net.0'
* This is an intelligent result to show which keys are valid given
* the type of nic it is
*/
if (!c || !c->lxc_conf)
return -1;
if (container_mem_lock(c))
return -1;
int ret = -1;
/* Support 'lxc.net.<idx>', i.e. 'lxc.net.0'
* This is an intelligent result to show which keys are valid given the
* type of nic it is.
*/
if (!strncmp(key, "lxc.net.", 8))
ret = lxc_list_net(c->lxc_conf, key, retv, inlen);
else if (strncmp(key, "lxc.network.", 12) == 0)
ret = lxc_list_nicconfigs_legacy(c->lxc_conf, key, retv, inlen);
else
ret = lxc_list_subkeys(c->lxc_conf, key, retv, inlen);
container_mem_unlock(c);
return ret;
}
......@@ -2755,7 +2762,7 @@ static bool set_config_item_locked(struct lxc_container *c, const char *key, con
if (!c->lxc_conf)
return false;
config = lxc_getconfig(key);
config = lxc_get_config(key);
if (!config)
return false;
......@@ -4867,5 +4874,5 @@ free_ct_name:
bool lxc_config_item_is_supported(const char *key)
{
return !!lxc_getconfig(key);
return !!lxc_get_config(key);
}
src/lxc/tools/lxc-checkconfig.in
......@@ -105,16 +105,16 @@ echo
echo -n "User namespace: " && is_enabled CONFIG_USER_NS
echo
if is_set CONFIG_USER_NS; then
if type newuidmap > /dev/null 2>&1; then
f=`type -P newuidmap`
if which newuidmap > /dev/null 2>&1; then
f=`which newuidmap`
if [ ! -u "${f}" ]; then
echo "Warning: newuidmap is not setuid-root"
fi
else
echo "newuidmap is not installed"
fi
if type newgidmap > /dev/null 2>&1; then
f=`type -P newgidmap`
if which newgidmap > /dev/null 2>&1; then
f=`which newgidmap`
if [ ! -u "${f}" ]; then
echo "Warning: newgidmap is not setuid-root"
fi
......
src/lxc/tools/lxc-update-config.in 0 → 100644
#!/bin/sh
# Make sure the usual locations are in PATH
export PATH=$PATH:/usr/sbin:/usr/bin:/sbin:/bin
set -e
usage()
{
cat <<EOF
$1 -h|--help [-c|--config]
config: the container configuration to update
EOF
return 0
}
OPTIONS=`getopt -o c:h --long config:,help -- "${@}"`
eval set -- "${OPTIONS}"
while true; do
case "${1}" in
-h|--help)
usage "${0}"
exit 0
;;
-c|--config)
CONFIGPATH="${2}"
shift 2
;;
--)
shift 1
break
;;
*)
break
;;
esac
done
echo "${CONFIGPATH}"
sed -i".backup" \
-e 's/\([[:blank:]*]\|#*\)\(lxc\.rootfs\)\([[:blank:]*]\|=\)/\1lxc\.rootfs\.path\3/g' \
-e 's/\([[:blank:]*]\|#*\)\(lxc\.id_map\)\([[:blank:]*]\|=\)/\1lxc\.idmap\3/g' \
-e 's/\([[:blank:]*]\|#*\)\(lxc\.pts\)\([[:blank:]*]\|=\)/\1lxc\.pty\.max\3/g' \
-e 's/\([[:blank:]*]\|#*\)\(lxc\.tty\)\([[:blank:]*]\|=\)/\1lxc\.tty\.max\3/g' \
-e 's/\([[:blank:]*]\|#*\)\(lxc\.devttydir\)\([[:blank:]*]\|=\)/\1lxc\.tty\.dir\3/g' \
-e 's/\([[:blank:]*]\|#*\)\(lxc\.aa_profile\)\([[:blank:]*]\|=\)/\1lxc\.apparmor\.profile\3/g' \
-e 's/\([[:blank:]*]\|#*\)\(lxc\.aa_allow_incomplete\)\([[:blank:]*]\|=\)/\1lxc\.apparmor\.allow_incomplete\3/g' \
-e 's/\([[:blank:]*]\|#*\)\(lxc\.se_context\)\([[:blank:]*]\|=\)/\1lxc\.selinux\.context\3/g' \
-e 's/\([[:blank:]*]\|#*\)\(lxc\.mount\)\([[:blank:]*]\|=\)/\1lxc\.mount\.fstab\3/g' \
-e 's/\([[:blank:]*]\|#*\)\(lxc\.utsname\)\([[:blank:]*]\|=\)/\1lxc\.uts\.name\3/g' \
-e 's/\([[:blank:]*]\|#*\)\(lxc\.rootfs\)\([[:blank:]*]\|=\)/\1lxc\.rootfs\.path\3/g' \
-e 's/\([[:blank:]*]\|#*\)\(lxc\.seccomp\)\([[:blank:]*]\|=\)/\1lxc\.seccomp\.profile\3/g' \
-e 's/\([[:blank:]*]\|#*\)\(lxc\.console\)\([[:blank:]*]\|=\)/\1lxc\.console\.path\3/g' \
-e 's/\([[:blank:]*]\|#*\)\(lxc\.haltsignal\)\([[:blank:]*]\|=\)/\1lxc\.signal\.halt\3/g' \
-e 's/\([[:blank:]*]\|#*\)\(lxc\.rebootsignal\)\([[:blank:]*]\|=\)/\1lxc\.signal\.reboot\3/g' \
-e 's/\([[:blank:]*]\|#*\)\(lxc\.stopsignal\)\([[:blank:]*]\|=\)/\1lxc\.signal\.stop\3/g' \
-e 's/\([[:blank:]*]\|#*\)\(lxc\.syslog\)\([[:blank:]*]\|=\)/\1lxc\.log\.syslog\3/g' \
-e 's/\([[:blank:]*]\|#*\)\(lxc\.loglevel\)\([[:blank:]*]\|=\)/\1lxc\.log\.level\3/g' \
-e 's/\([[:blank:]*]\|#*\)\(lxc\.logfile\)\([[:blank:]*]\|=\)/1lxc\.log\.file\3/g' \
-e 's/\([[:blank:]*]\|#*\)\(lxc\.init_cmd\)\([[:blank:]*]\|=\)/\1lxc\.init\.cmd\3/g' \
-e 's/\([[:blank:]*]\|#*\)\(lxc\.init_uid\)\([[:blank:]*]\|=\)/\1lxc\.init\.uid\3/g' \
-e 's/\([[:blank:]*]\|#*\)\(lxc\.init_gid\)\([[:blank:]*]\|=\)/\1lxc\.init\.gid\3/g' \
-e 's/\([[:blank:]*]\|#*\)\(lxc\.limit\)\([[:blank:]*]\|=\)/\1lxc\.prlimit\3/g' \
-e 's/\([[:blank:]*]\|#*\)\(lxc\.network\)\.\([^[:digit:]*]\)/\1lxc\.net\.0\.\3/g' \
-e 's/\([[:blank:]*]\|#*\)\(lxc\.network\)\(\.[[:digit:]*]\)/\1lxc\.net\3/g' \
-e 's/\([[:blank:]*]\|#*\)\(lxc\.network\)\([[:blank:]*]\|=\)/\1lxc\.net\3/g' \
"${CONFIGPATH}"
src/tests/config_jump_table.c
......@@ -54,7 +54,7 @@ int main(int argc, char *argv[])
for (key = strtok_r(keys, "\n", &saveptr); key != NULL;
key = strtok_r(NULL, "\n", &saveptr)) {
struct lxc_config_t *config;
config = lxc_getconfig(key);
config = lxc_get_config(key);
if (!config) {
lxc_error("configuration key \"%s\" not implemented in "
"jump table",
......
src/tests/getkeys.c
......@@ -16,15 +16,17 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#include <lxc/lxccontainer.h>
#include <unistd.h>
#include <errno.h>
#include <signal.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <stdlib.h>
#include <errno.h>
#include <lxc/lxccontainer.h>
#include "lxc/state.h"
#define MYNAME "lxctest1"
......@@ -64,6 +66,103 @@ int main(int argc, char *argv[])
goto out;
}
printf("get_keys for nic 1 returned %d\n%s", ret, v3);
ret = c->get_keys(c, "lxc.apparmor", v3, 2000);
if (ret < 0) {
fprintf(stderr, "%d: failed to get keys(%d)\n", __LINE__, ret);
ret = 1;
goto out;
}
printf("get_keys returned %d\n%s", ret, v3);
ret = c->get_keys(c, "lxc.selinux", v3, 2000);
if (ret < 0) {
fprintf(stderr, "%d: failed to get keys(%d)\n", __LINE__, ret);
ret = 1;
goto out;
}
printf("get_keys returned %d\n%s", ret, v3);
ret = c->get_keys(c, "lxc.mount", v3, 2000);
if (ret < 0) {
fprintf(stderr, "%d: failed to get keys(%d)\n", __LINE__, ret);
ret = 1;
goto out;
}
printf("get_keys returned %d\n%s", ret, v3);
ret = c->get_keys(c, "lxc.rootfs", v3, 2000);
if (ret < 0) {
fprintf(stderr, "%d: failed to get keys(%d)\n", __LINE__, ret);
ret = 1;
goto out;
}
printf("get_keys returned %d\n%s", ret, v3);
ret = c->get_keys(c, "lxc.uts", v3, 2000);
if (ret < 0) {
fprintf(stderr, "%d: failed to get keys(%d)\n", __LINE__, ret);
ret = 1;
goto out;
}
printf("get_keys returned %d\n%s", ret, v3);
ret = c->get_keys(c, "lxc.hook", v3, 2000);
if (ret < 0) {
fprintf(stderr, "%d: failed to get keys(%d)\n", __LINE__, ret);
ret = 1;
goto out;
}
printf("get_keys returned %d\n%s", ret, v3);
ret = c->get_keys(c, "lxc.cap", v3, 2000);
if (ret < 0) {
fprintf(stderr, "%d: failed to get keys(%d)\n", __LINE__, ret);
ret = 1;
goto out;
}
printf("get_keys returned %d\n%s", ret, v3);
ret = c->get_keys(c, "lxc.console", v3, 2000);
if (ret < 0) {
fprintf(stderr, "%d: failed to get keys(%d)\n", __LINE__, ret);
ret = 1;
goto out;
}
printf("get_keys returned %d\n%s", ret, v3);
ret = c->get_keys(c, "lxc.seccomp", v3, 2000);
if (ret < 0) {
fprintf(stderr, "%d: failed to get keys(%d)\n", __LINE__, ret);
ret = 1;
goto out;
}
printf("get_keys returned %d\n%s", ret, v3);
ret = c->get_keys(c, "lxc.signal", v3, 2000);
if (ret < 0) {
fprintf(stderr, "%d: failed to get keys(%d)\n", __LINE__, ret);
ret = 1;
goto out;
}
printf("get_keys returned %d\n%s", ret, v3);
ret = c->get_keys(c, "lxc.start", v3, 2000);
if (ret < 0) {
fprintf(stderr, "%d: failed to get keys(%d)\n", __LINE__, ret);
ret = 1;
goto out;
}
printf("get_keys returned %d\n%s", ret, v3);
ret = c->get_keys(c, "lxc.monitor", v3, 2000);
if (ret < 0) {
fprintf(stderr, "%d: failed to get keys(%d)\n", __LINE__, ret);
ret = 1;
goto out;
}
printf("get_keys returned %d\n%s", ret, v3);
ret = 0;
out:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment