Commit 9e60f51d by Dwight Engen Committed by Serge Hallyn

move monitor-fifo and monitor-sock to /run

Moving these files should allow $lxcpath to be a read-only fs. Signed-off-by: 's avatarDwight Engen <dwight.engen@oracle.com> Signed-off-by: 's avatarSerge Hallyn <serge.hallyn@ubuntu.com>
parent 692ba18f
......@@ -76,11 +76,9 @@ static int lxc_monitord_fifo_create(struct lxc_monitor *mon)
char fifo_path[PATH_MAX];
int ret;
ret = snprintf(fifo_path, sizeof(fifo_path), "%s/monitor-fifo", mon->lxcpath);
if (ret < 0 || ret >= sizeof(fifo_path)) {
ERROR("lxcpath too long to monitor fifo");
return -1;
}
ret = lxc_monitor_fifo_name(mon->lxcpath, fifo_path, sizeof(fifo_path), 1);
if (ret < 0)
return ret;
ret = mknod(fifo_path, S_IFIFO|S_IRUSR|S_IWUSR, 0);
if (ret < 0) {
......@@ -102,11 +100,10 @@ static int lxc_monitord_fifo_delete(struct lxc_monitor *mon)
char fifo_path[PATH_MAX];
int ret;
ret = snprintf(fifo_path, sizeof(fifo_path), "%s/monitor-fifo", mon->lxcpath);
if (ret < 0 || ret >= sizeof(fifo_path)) {
ERROR("lxcpath too long to monitor fifo");
return -1;
}
ret = lxc_monitor_fifo_name(mon->lxcpath, fifo_path, sizeof(fifo_path), 0);
if (ret < 0)
return ret;
unlink(fifo_path);
return 0;
}
......
......@@ -56,10 +56,7 @@ static char *lxclock_name(const char *p, const char *n)
/* length of "/lock/lxc/" + $lxcpath + "/" + $lxcname + '\0' */
len = strlen("/lock/lxc/") + strlen(n) + strlen(p) + 2;
rundir = getenv("XDG_RUNTIME_DIR");
if (geteuid() == 0 || rundir == NULL)
rundir = "/run";
rundir = get_rundir();
len += strlen(rundir);
if ((dest = malloc(len)) == NULL)
......
......@@ -40,6 +40,7 @@
#include "af_unix.h"
#include <lxc/log.h>
#include <lxc/lxclock.h>
#include <lxc/state.h>
#include <lxc/monitor.h>
#include <lxc/utils.h>
......@@ -47,17 +48,45 @@
lxc_log_define(lxc_monitor, lxc);
/* routines used by monitor publishers (containers) */
int lxc_monitor_fifo_name(const char *lxcpath, char *fifo_path, size_t fifo_path_sz,
int do_mkdirp)
{
int ret;
const char *rundir;
rundir = get_rundir();
if (do_mkdirp) {
ret = snprintf(fifo_path, fifo_path_sz, "%s/lxc/%s", rundir, lxcpath);
if (ret < 0 || ret >= fifo_path_sz) {
ERROR("rundir/lxcpath (%s/%s) too long for monitor fifo", rundir, lxcpath);
return -1;
}
process_lock();
ret = mkdir_p(fifo_path, 0755);
process_unlock();
if (ret < 0) {
ERROR("unable to create monitor fifo dir %s", fifo_path);
return ret;
}
}
ret = snprintf(fifo_path, fifo_path_sz, "%s/lxc/%s/monitor-fifo", rundir, lxcpath);
if (ret < 0 || ret >= fifo_path_sz) {
ERROR("rundir/lxcpath (%s/%s) too long for monitor fifo", rundir, lxcpath);
return -1;
}
return 0;
}
static void lxc_monitor_fifo_send(struct lxc_msg *msg, const char *lxcpath)
{
int fd,ret;
char fifo_path[PATH_MAX];
BUILD_BUG_ON(sizeof(*msg) > PIPE_BUF); /* write not guaranteed atomic */
ret = snprintf(fifo_path, sizeof(fifo_path), "%s/monitor-fifo", lxcpath);
if (ret < 0 || ret >= sizeof(fifo_path)) {
ERROR("lxcpath too long to open monitor fifo");
ret = lxc_monitor_fifo_name(lxcpath, fifo_path, sizeof(fifo_path), 0);
if (ret < 0)
return;
}
fd = open(fifo_path, O_WRONLY);
if (fd < 0) {
......@@ -98,6 +127,7 @@ int lxc_monitor_sock_name(const char *lxcpath, struct sockaddr_un *addr) {
size_t len;
int ret;
char *sockname = &addr->sun_path[0]; // 1 for abstract
const char *rundir;
/* addr.sun_path is only 108 bytes.
* should we take a hash of lxcpath? a subset of it? ftok()? we need
......@@ -106,9 +136,23 @@ int lxc_monitor_sock_name(const char *lxcpath, struct sockaddr_un *addr) {
memset(addr, 0, sizeof(*addr));
addr->sun_family = AF_UNIX;
len = sizeof(addr->sun_path) - 1;
ret = snprintf(sockname, len, "%s/monitor-sock", lxcpath);
rundir = get_rundir();
ret = snprintf(sockname, len, "%s/lxc/%s", rundir, lxcpath);
if (ret < 0 || ret >= len) {
ERROR("rundir/lxcpath (%s/%s) too long for monitor unix socket", rundir, lxcpath);
return -1;
}
process_lock();
ret = mkdir_p(sockname, 0755);
process_unlock();
if (ret < 0) {
ERROR("unable to create monitor sock %s", sockname);
return ret;
}
ret = snprintf(sockname, len, "%s/lxc/%s/monitor-sock", rundir, lxcpath);
if (ret < 0 || ret >= len) {
ERROR("lxcpath too long for unix socket");
ERROR("rundir/lxcpath (%s/%s) too long for monitor unix socket", rundir, lxcpath);
return -1;
}
return 0;
......
......@@ -41,6 +41,8 @@ struct lxc_msg {
extern int lxc_monitor_open(const char *lxcpath);
extern int lxc_monitor_sock_name(const char *lxcpath, struct sockaddr_un *addr);
extern int lxc_monitor_fifo_name(const char *lxcpath, char *fifo_path,
size_t fifo_path_sz, int do_mkdirp);
extern void lxc_monitor_send_state(const char *name, lxc_state_t state,
const char *lxcpath);
extern int lxc_monitord_spawn(const char *lxcpath);
......
......@@ -318,6 +318,16 @@ const char *default_lxc_path(void)
return lxc_global_config_value("lxcpath");
}
const char *get_rundir()
{
const char *rundir;
rundir = getenv("XDG_RUNTIME_DIR");
if (geteuid() == 0 || rundir == NULL)
rundir = "/run";
return rundir;
}
int wait_for_pid(pid_t pid)
{
int status, ret;
......
......@@ -37,6 +37,8 @@ extern int lxc_rmdir_onedev(char *path);
extern int lxc_setup_fs(void);
extern int get_u16(unsigned short *val, const char *arg, int base);
extern int mkdir_p(const char *dir, mode_t mode);
extern const char *get_rundir(void);
/*
* Return a buffer containing the default container path.
* Caller must NOT free this buffer, since it may be static.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment