Skip to content

L
lxc
Commit d21c3609 by Serge Hallyn Committed by GitHub
Options

Merge pull request #1626 from brauner/2017-06-13/new_networks_parser

new network config parser
parents 192f5e7b ce494418
Showing with 778 additions and 189 deletions
src/lxc/commands.c
...@@ -561,12 +561,12 @@ static int lxc_cmd_get_config_item_callback(int fd, struct lxc_cmd_req *req, ...@@ -561,12 +561,12 @@ static int lxc_cmd_get_config_item_callback(int fd, struct lxc_cmd_req *req,
item = lxc_getconfig(req->data); item = lxc_getconfig(req->data);
if (!item) if (!item)
goto err1; goto err1;
cilen = item->get(req->data, NULL, 0, handler->conf); cilen = item->get(req->data, NULL, 0, handler->conf, NULL);
if (cilen <= 0) if (cilen <= 0)
goto err1; goto err1;
cidata = alloca(cilen + 1); cidata = alloca(cilen + 1);
if (item->get(req->data, cidata, cilen + 1, handler->conf) != cilen) if (item->get(req->data, cidata, cilen + 1, handler->conf, NULL) != cilen)
goto err1; goto err1;
cidata[cilen] = '\0'; cidata[cilen] = '\0';
rsp.data = cidata; rsp.data = cidata;
......
src/lxc/conf.c
...@@ -77,6 +77,7 @@ ...@@ -77,6 +77,7 @@
#include "caps.h" /* for lxc_caps_last_cap() */ #include "caps.h" /* for lxc_caps_last_cap() */
#include "cgroup.h" #include "cgroup.h"
#include "conf.h" #include "conf.h"
#include "confile_utils.h"
#include "error.h" #include "error.h"
#include "log.h" #include "log.h"
#include "lxcaufs.h" #include "lxcaufs.h"
...@@ -2325,11 +2326,12 @@ static int setup_ipv6_addr(struct lxc_list *ip, int ifindex) ...@@ -2325,11 +2326,12 @@ static int setup_ipv6_addr(struct lxc_list *ip, int ifindex)
return 0; return 0;
} }
static int setup_netdev(struct lxc_netdev *netdev) static int lxc_setup_netdev_in_child_namespaces(struct lxc_netdev *netdev)
{ {
char ifname[IFNAMSIZ]; char ifname[IFNAMSIZ];
char *current_ifname = ifname;
int err; int err;
const char *net_type_name;
char *current_ifname = ifname;
/* empty network namespace */ /* empty network namespace */
if (!netdev->ifindex) { if (!netdev->ifindex) {
...@@ -2341,8 +2343,21 @@ static int setup_netdev(struct lxc_netdev *netdev) ...@@ -2341,8 +2343,21 @@ static int setup_netdev(struct lxc_netdev *netdev)
return -1; return -1;
} }
} }
if (netdev->type != LXC_NET_VETH)
if (netdev->type == LXC_NET_EMPTY)
return 0;
if (netdev->type == LXC_NET_NONE)
return 0; return 0;
if (netdev->type != LXC_NET_VETH) {
net_type_name = lxc_net_type_to_str(netdev->type);
ERROR("%s networks are not supported for containers "
"not setup up by privileged users",
net_type_name);
return -1;
}
netdev->ifindex = if_nametoindex(netdev->name); netdev->ifindex = if_nametoindex(netdev->name);
} }
...@@ -2507,16 +2522,18 @@ static int setup_netdev(struct lxc_netdev *netdev) ...@@ -2507,16 +2522,18 @@ static int setup_netdev(struct lxc_netdev *netdev)
return 0; return 0;
} }
static int setup_network(struct lxc_list *network) static int lxc_setup_networks_in_child_namespaces(const struct lxc_conf *conf,
struct lxc_list *network)
{ {
struct lxc_list *iterator; struct lxc_list *iterator;
struct lxc_netdev *netdev; struct lxc_netdev *netdev;
lxc_list_for_each(iterator, network) { lxc_log_configured_netdevs(conf);
lxc_list_for_each(iterator, network) {
netdev = iterator->elem; netdev = iterator->elem;
if (setup_netdev(netdev)) { if (lxc_setup_netdev_in_child_namespaces(netdev)) {
ERROR("failed to setup netdev"); ERROR("failed to setup netdev");
return -1; return -1;
} }
...@@ -3033,18 +3050,19 @@ int lxc_requests_empty_network(struct lxc_handler *handler) ...@@ -3033,18 +3050,19 @@ int lxc_requests_empty_network(struct lxc_handler *handler)
return 0; return 0;
} }
int lxc_create_network(struct lxc_handler *handler) int lxc_setup_networks_in_parent_namespaces(struct lxc_handler *handler)
{ {
struct lxc_list *network = &handler->conf->network; bool am_root;
struct lxc_list *iterator;
struct lxc_netdev *netdev; struct lxc_netdev *netdev;
int am_root = (getuid() == 0); struct lxc_list *iterator;
struct lxc_list *network = &handler->conf->network;
/* We need to be root. */
am_root = (getuid() == 0);
if (!am_root) if (!am_root)
return 0; return 0;
lxc_list_for_each(iterator, network) { lxc_list_for_each(iterator, network) {
netdev = iterator->elem; netdev = iterator->elem;
if (netdev->type < 0 || netdev->type > LXC_NET_MAXCONFTYPE) { if (netdev->type < 0 || netdev->type > LXC_NET_MAXCONFTYPE) {
...@@ -3053,6 +3071,24 @@ int lxc_create_network(struct lxc_handler *handler) ...@@ -3053,6 +3071,24 @@ int lxc_create_network(struct lxc_handler *handler)
return -1; return -1;
} }
if (netdev->type != LXC_NET_MACVLAN &&
netdev->priv.macvlan_attr.mode) {
ERROR("Invalid macvlan.mode for a non-macvlan netdev");
return -1;
}
if (netdev->type != LXC_NET_VETH &&
netdev->priv.veth_attr.pair) {
ERROR("Invalid veth pair for a non-veth netdev");
return -1;
}
if (netdev->type != LXC_NET_VLAN &&
netdev->priv.vlan_attr.vid > 0) {
ERROR("Invalid vlan.id for a non-macvlan netdev");
return -1;
}
if (netdev_conf[netdev->type](handler, netdev)) { if (netdev_conf[netdev->type](handler, netdev)) {
ERROR("failed to create netdev"); ERROR("failed to create netdev");
return -1; return -1;
...@@ -3267,9 +3303,11 @@ int lxc_assign_network(const char *lxcpath, char *lxcname, ...@@ -3267,9 +3303,11 @@ int lxc_assign_network(const char *lxcpath, char *lxcname,
INFO("mtu ignored due to insufficient privilege"); INFO("mtu ignored due to insufficient privilege");
if (unpriv_assign_nic(lxcpath, lxcname, netdev, pid)) if (unpriv_assign_nic(lxcpath, lxcname, netdev, pid))
return -1; return -1;
// lxc-user-nic has moved the nic to the new ns. /* lxc-user-nic has moved the nic to the new ns.
// unpriv_assign_nic() fills in netdev->name. * unpriv_assign_nic() fills in netdev->name.
// netdev->ifindex will be filed in at setup_netdev. * netdev->ifindex will be filed in at
* lxc_setup_netdev_in_child_namespaces.
*/
continue; continue;
} }
...@@ -4092,7 +4130,8 @@ int lxc_setup(struct lxc_handler *handler) ...@@ -4092,7 +4130,8 @@ int lxc_setup(struct lxc_handler *handler)
} }
} }
if (setup_network(&lxc_conf->network)) { if (lxc_setup_networks_in_child_namespaces(lxc_conf,
&lxc_conf->network)) {
ERROR("failed to setup the network for '%s'", name); ERROR("failed to setup the network for '%s'", name);
return -1; return -1;
} }
...@@ -4264,98 +4303,6 @@ int run_lxc_hooks(const char *name, char *hook, struct lxc_conf *conf, ...@@ -4264,98 +4303,6 @@ int run_lxc_hooks(const char *name, char *hook, struct lxc_conf *conf,
return 0; return 0;
} }
static void lxc_remove_nic(struct lxc_list *it)
{
struct lxc_netdev *netdev = it->elem;
struct lxc_list *it2,*next;
lxc_list_del(it);
free(netdev->link);
free(netdev->name);
if (netdev->type == LXC_NET_VETH)
free(netdev->priv.veth_attr.pair);
free(netdev->upscript);
free(netdev->hwaddr);
free(netdev->mtu);
free(netdev->ipv4_gateway);
free(netdev->ipv6_gateway);
lxc_list_for_each_safe(it2, &netdev->ipv4, next) {
lxc_list_del(it2);
free(it2->elem);
free(it2);
}
lxc_list_for_each_safe(it2, &netdev->ipv6, next) {
lxc_list_del(it2);
free(it2->elem);
free(it2);
}
free(netdev);
free(it);
}
/* we get passed in something like '0', '0.ipv4' or '1.ipv6' */
int lxc_clear_nic(struct lxc_conf *c, const char *key)
{
char *p1;
int ret, idx, i;
struct lxc_list *it;
struct lxc_netdev *netdev;
p1 = strchr(key, '.');
if (!p1 || *(p1+1) == '\0')
p1 = NULL;
ret = sscanf(key, "%d", &idx);
if (ret != 1) return -1;
if (idx < 0)
return -1;
i = 0;
lxc_list_for_each(it, &c->network) {
if (i == idx)
break;
i++;
}
if (i < idx) // we don't have that many nics defined
return -1;
if (!it || !it->elem)
return -1;
netdev = it->elem;
if (!p1) {
lxc_remove_nic(it);
} else if (strcmp(p1, ".ipv4") == 0) {
struct lxc_list *it2,*next;
lxc_list_for_each_safe(it2, &netdev->ipv4, next) {
lxc_list_del(it2);
free(it2->elem);
free(it2);
}
} else if (strcmp(p1, ".ipv6") == 0) {
struct lxc_list *it2,*next;
lxc_list_for_each_safe(it2, &netdev->ipv6, next) {
lxc_list_del(it2);
free(it2->elem);
free(it2);
}
}
else return -1;
return 0;
}
int lxc_clear_config_network(struct lxc_conf *c)
{
struct lxc_list *it,*next;
lxc_list_for_each_safe(it, &c->network, next) {
lxc_remove_nic(it);
}
return 0;
}
int lxc_clear_config_caps(struct lxc_conf *c) int lxc_clear_config_caps(struct lxc_conf *c)
{ {
struct lxc_list *it,*next; struct lxc_list *it,*next;
...@@ -4578,7 +4525,7 @@ void lxc_conf_free(struct lxc_conf *conf) ...@@ -4578,7 +4525,7 @@ void lxc_conf_free(struct lxc_conf *conf)
free(conf->unexpanded_config); free(conf->unexpanded_config);
free(conf->pty_names); free(conf->pty_names);
free(conf->syslog); free(conf->syslog);
lxc_clear_config_network(conf); lxc_free_networks(&conf->network);
free(conf->lsm_aa_profile); free(conf->lsm_aa_profile);
free(conf->lsm_se_context); free(conf->lsm_se_context);
lxc_seccomp_free(conf); lxc_seccomp_free(conf);
......
src/lxc/conf.h
...@@ -121,8 +121,10 @@ union netdev_p { ...@@ -121,8 +121,10 @@ union netdev_p {
* @ipv6 : a list of ipv6 addresses to be set on the network device * @ipv6 : a list of ipv6 addresses to be set on the network device
* @upscript : a script filename to be executed during interface configuration * @upscript : a script filename to be executed during interface configuration
* @downscript : a script filename to be executed during interface destruction * @downscript : a script filename to be executed during interface destruction
* @idx : network counter
*/ */
struct lxc_netdev { struct lxc_netdev {
ssize_t idx;
int type; int type;
int flags; int flags;
int ifindex; int ifindex;
...@@ -430,7 +432,7 @@ extern void lxc_conf_free(struct lxc_conf *conf); ...@@ -430,7 +432,7 @@ extern void lxc_conf_free(struct lxc_conf *conf);
extern int pin_rootfs(const char *rootfs); extern int pin_rootfs(const char *rootfs);
extern int lxc_requests_empty_network(struct lxc_handler *handler); extern int lxc_requests_empty_network(struct lxc_handler *handler);
extern int lxc_create_network(struct lxc_handler *handler); extern int lxc_setup_networks_in_parent_namespaces(struct lxc_handler *handler);
extern bool lxc_delete_network(struct lxc_handler *handler); extern bool lxc_delete_network(struct lxc_handler *handler);
extern int lxc_assign_network(const char *lxcpath, char *lxcname, extern int lxc_assign_network(const char *lxcpath, char *lxcname,
struct lxc_list *networks, pid_t pid); struct lxc_list *networks, pid_t pid);
...@@ -440,8 +442,6 @@ extern int lxc_find_gateway_addresses(struct lxc_handler *handler); ...@@ -440,8 +442,6 @@ extern int lxc_find_gateway_addresses(struct lxc_handler *handler);
extern int lxc_create_tty(const char *name, struct lxc_conf *conf); extern int lxc_create_tty(const char *name, struct lxc_conf *conf);
extern void lxc_delete_tty(struct lxc_tty_info *tty_info); extern void lxc_delete_tty(struct lxc_tty_info *tty_info);
extern int lxc_clear_config_network(struct lxc_conf *c);
extern int lxc_clear_nic(struct lxc_conf *c, const char *key);
extern int lxc_clear_config_caps(struct lxc_conf *c); extern int lxc_clear_config_caps(struct lxc_conf *c);
extern int lxc_clear_config_keepcaps(struct lxc_conf *c); extern int lxc_clear_config_keepcaps(struct lxc_conf *c);
extern int lxc_clear_cgroups(struct lxc_conf *c, const char *key); extern int lxc_clear_cgroups(struct lxc_conf *c, const char *key);
......
src/lxc/confile.c
This source diff could not be displayed because it is too large. You can view the blob instead.
src/lxc/confile.h
...@@ -31,9 +31,11 @@ ...@@ -31,9 +31,11 @@
struct lxc_conf; struct lxc_conf;
struct lxc_list; struct lxc_list;
typedef int (*config_set_cb)(const char *, const char *, struct lxc_conf *); typedef int (*config_set_cb)(const char *, const char *, struct lxc_conf *,
typedef int (*config_get_cb)(const char *, char *, int, struct lxc_conf *); void *data);
typedef int (*config_clr_cb)(const char *key, struct lxc_conf *c); typedef int (*config_get_cb)(const char *, char *, int, struct lxc_conf *,
void *);
typedef int (*config_clr_cb)(const char *, struct lxc_conf *c, void *data);
struct lxc_config_t { struct lxc_config_t {
char *name; char *name;
config_set_cb set; config_set_cb set;
......
src/lxc/confile_utils.c
...@@ -17,11 +17,23 @@ ...@@ -17,11 +17,23 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#include "config.h"
#include <stdio.h> #include <stdio.h>
#include <stdlib.h>
#include <string.h> #include <string.h>
#include <arpa/inet.h>
#include "conf.h"
#include "confile.h"
#include "confile_utils.h"
#include "error.h"
#include "log.h"
#include "list.h"
#include "utils.h" #include "utils.h"
lxc_log_define(lxc_confile_utils, lxc);
int parse_idmaps(const char *idmap, char *type, unsigned long *nsid, int parse_idmaps(const char *idmap, char *type, unsigned long *nsid,
unsigned long *hostid, unsigned long *range) unsigned long *hostid, unsigned long *range)
{ {
...@@ -146,3 +158,289 @@ on_error: ...@@ -146,3 +158,289 @@ on_error:
return ret; return ret;
} }
bool lxc_config_value_empty(const char *value)
{
if (value && strlen(value) > 0)
return false;
return true;
}
struct lxc_netdev *lxc_network_add(struct lxc_list *networks, int idx, bool tail)
{
struct lxc_list *newlist;
struct lxc_netdev *netdev = NULL;
/* network does not exist */
netdev = malloc(sizeof(*netdev));
if (!netdev)
return NULL;
memset(netdev, 0, sizeof(*netdev));
lxc_list_init(&netdev->ipv4);
lxc_list_init(&netdev->ipv6);
/* give network a unique index */
netdev->idx = idx;
/* prepare new list */
newlist = malloc(sizeof(*newlist));
if (!newlist) {
free(netdev);
return NULL;
}
lxc_list_init(newlist);
newlist->elem = netdev;
if (tail)
lxc_list_add_tail(networks, newlist);
else
lxc_list_add(networks, newlist);
return netdev;
}
/* Takes care of finding the correct netdev struct in the networks list or
* allocates a new one if it couldn't be found.
*/
struct lxc_netdev *lxc_get_netdev_by_idx(struct lxc_conf *conf,
unsigned int idx, bool allocate)
{
struct lxc_netdev *netdev = NULL;
struct lxc_list *networks = &conf->network;
struct lxc_list *insert = networks;
/* lookup network */
if (!lxc_list_empty(networks)) {
lxc_list_for_each(insert, networks) {
netdev = insert->elem;
if (netdev->idx == idx)
return netdev;
else if (netdev->idx > idx)
break;
}
}
if (!allocate)
return NULL;
return lxc_network_add(insert, idx, true);
}
void lxc_log_configured_netdevs(const struct lxc_conf *conf)
{
struct lxc_netdev *netdev;
struct lxc_list *it = (struct lxc_list *)&conf->network;;
if ((conf->loglevel != LXC_LOG_LEVEL_TRACE) &&
(lxc_log_get_level() != LXC_LOG_LEVEL_TRACE))
return;
if (lxc_list_empty(it)) {
TRACE("container has no networks configured");
return;
}
lxc_list_for_each(it, &conf->network) {
struct lxc_list *cur, *next;
struct lxc_inetdev *inet4dev;
struct lxc_inet6dev *inet6dev;
char bufinet4[INET_ADDRSTRLEN], bufinet6[INET6_ADDRSTRLEN];
netdev = it->elem;
TRACE("index: %zd", netdev->idx);
switch (netdev->type) {
case LXC_NET_VETH:
TRACE("type: veth");
if (netdev->priv.veth_attr.pair)
TRACE("veth pair: %s",
netdev->priv.veth_attr.pair);
break;
case LXC_NET_MACVLAN:
TRACE("type: macvlan");
if (netdev->priv.macvlan_attr.mode > 0) {
char *macvlan_mode;
macvlan_mode = lxc_macvlan_flag_to_mode(
netdev->priv.macvlan_attr.mode);
TRACE("macvlan mode: %s",
macvlan_mode ? macvlan_mode
: "(invalid mode)");
}
break;
case LXC_NET_VLAN:
TRACE("type: vlan");
TRACE("vlan id: %d", netdev->priv.vlan_attr.vid);
break;
case LXC_NET_PHYS:
TRACE("type: phys");
break;
case LXC_NET_EMPTY:
TRACE("type: empty");
break;
case LXC_NET_NONE:
TRACE("type: none");
break;
default:
ERROR("invalid network type %d", netdev->type);
return;
}
if (netdev->type != LXC_NET_EMPTY) {
TRACE("flags: %s",
netdev->flags == IFF_UP ? "up" : "none");
if (netdev->link)
TRACE("link: %s", netdev->link);
if (netdev->name)
TRACE("name: %s", netdev->name);
if (netdev->hwaddr)
TRACE("hwaddr: %s", netdev->hwaddr);
if (netdev->mtu)
TRACE("mtu: %s", netdev->mtu);
if (netdev->upscript)
TRACE("upscript: %s", netdev->upscript);
if (netdev->downscript)
TRACE("downscript: %s", netdev->downscript);
TRACE("ipv4 gateway auto: %s",
netdev->ipv4_gateway_auto ? "true" : "false");
if (netdev->ipv4_gateway) {
inet_ntop(AF_INET, netdev->ipv4_gateway,
bufinet4, sizeof(bufinet4));
TRACE("ipv4 gateway: %s", bufinet4);
}
lxc_list_for_each_safe(cur, &netdev->ipv4, next) {
inet4dev = cur->elem;
inet_ntop(AF_INET, &inet4dev->addr, bufinet4,
sizeof(bufinet4));
TRACE("ipv4 addr: %s", bufinet4);
}
TRACE("ipv6 gateway auto: %s",
netdev->ipv6_gateway_auto ? "true" : "false");
if (netdev->ipv6_gateway) {
inet_ntop(AF_INET6, netdev->ipv6_gateway,
bufinet6, sizeof(bufinet6));
TRACE("ipv6 gateway: %s", bufinet6);
}
lxc_list_for_each_safe(cur, &netdev->ipv6, next) {
inet6dev = cur->elem;
inet_ntop(AF_INET6, &inet6dev->addr, bufinet6,
sizeof(bufinet6));
TRACE("ipv6 addr: %s", bufinet6);
}
}
}
}
static void lxc_free_netdev(struct lxc_netdev *netdev)
{
struct lxc_list *cur, *next;
free(netdev->link);
free(netdev->name);
if (netdev->type == LXC_NET_VETH)
free(netdev->priv.veth_attr.pair);
free(netdev->upscript);
free(netdev->downscript);
free(netdev->hwaddr);
free(netdev->mtu);
free(netdev->ipv4_gateway);
lxc_list_for_each_safe(cur, &netdev->ipv4, next) {
lxc_list_del(cur);
free(cur->elem);
free(cur);
}
free(netdev->ipv6_gateway);
lxc_list_for_each_safe(cur, &netdev->ipv6, next) {
lxc_list_del(cur);
free(cur->elem);
free(cur);
}
free(netdev);
}
bool lxc_remove_nic_by_idx(struct lxc_conf *conf, unsigned int idx)
{
struct lxc_list *cur, *next;
struct lxc_netdev *netdev;
bool found = false;
lxc_list_for_each_safe(cur, &conf->network, next) {
netdev = cur->elem;
if (netdev->idx != idx)
continue;
lxc_list_del(cur);
found = true;
break;
}
if (!found)
return false;
lxc_free_netdev(netdev);
free(cur);
return true;
}
void lxc_free_networks(struct lxc_list *networks)
{
struct lxc_list *cur, *next;
struct lxc_netdev *netdev;
lxc_list_for_each_safe(cur, networks, next) {
netdev = cur->elem;
lxc_free_netdev(netdev);
free(cur);
}
/* prevent segfaults */
lxc_list_init(networks);
}
static struct macvlan_mode {
char *name;
int mode;
} macvlan_mode[] = {
{ "private", MACVLAN_MODE_PRIVATE },
{ "vepa", MACVLAN_MODE_VEPA },
{ "bridge", MACVLAN_MODE_BRIDGE },
{ "passthru", MACVLAN_MODE_PASSTHRU },
};
int lxc_macvlan_mode_to_flag(int *mode, const char *value)
{
size_t i;
for (i = 0; i < sizeof(macvlan_mode) / sizeof(macvlan_mode[0]); i++) {
if (strcmp(macvlan_mode[i].name, value))
continue;
*mode = macvlan_mode[i].mode;
return 0;
}
return -1;
}
char *lxc_macvlan_flag_to_mode(int mode)
{
size_t i;
for (i = 0; i < sizeof(macvlan_mode) / sizeof(macvlan_mode[0]); i++) {
if (macvlan_mode[i].mode == mode)
continue;
return macvlan_mode[i].name;
}
return NULL;
}
src/lxc/confile_utils.h
...@@ -20,7 +20,38 @@ ...@@ -20,7 +20,38 @@
#ifndef __LXC_CONFILE_UTILS_H #ifndef __LXC_CONFILE_UTILS_H
#define __LXC_CONFILE_UTILS_H #define __LXC_CONFILE_UTILS_H
#include <stdbool.h>
#include "conf.h"
#ifndef MACVLAN_MODE_PRIVATE
#define MACVLAN_MODE_PRIVATE 1
#endif
#ifndef MACVLAN_MODE_VEPA
#define MACVLAN_MODE_VEPA 2
#endif
#ifndef MACVLAN_MODE_BRIDGE
#define MACVLAN_MODE_BRIDGE 4
#endif
#ifndef MACVLAN_MODE_PASSTHRU
#define MACVLAN_MODE_PASSTHRU 8
#endif
extern int parse_idmaps(const char *idmap, char *type, unsigned long *nsid, extern int parse_idmaps(const char *idmap, char *type, unsigned long *nsid,
unsigned long *hostid, unsigned long *range); unsigned long *hostid, unsigned long *range);
extern bool lxc_config_value_empty(const char *value);
extern struct lxc_netdev *lxc_network_add(struct lxc_list *networks, int idx,
bool tail);
extern struct lxc_netdev *
lxc_get_netdev_by_idx(struct lxc_conf *conf, unsigned int idx, bool allocate);
extern void lxc_log_configured_netdevs(const struct lxc_conf *conf);
extern bool lxc_remove_nic_by_idx(struct lxc_conf *conf, unsigned int idx);
extern void lxc_free_networks(struct lxc_list *networks);
extern int lxc_macvlan_mode_to_flag(int *mode, const char *value);
extern char *lxc_macvlan_flag_to_mode(int mode);
#endif /* __LXC_CONFILE_UTILS_H */ #endif /* __LXC_CONFILE_UTILS_H */
src/lxc/lxccontainer.c
...@@ -1722,7 +1722,7 @@ static bool do_lxcapi_clear_config_item(struct lxc_container *c, ...@@ -1722,7 +1722,7 @@ static bool do_lxcapi_clear_config_item(struct lxc_container *c,
* implemented. * implemented.
*/ */
if (config && config->clr) if (config && config->clr)
ret = config->clr(key, c->lxc_conf); ret = config->clr(key, c->lxc_conf, NULL);
if (!ret) if (!ret)
do_clear_unexp_config_line(c->lxc_conf, key); do_clear_unexp_config_line(c->lxc_conf, key);
...@@ -2038,7 +2038,7 @@ static int do_lxcapi_get_config_item(struct lxc_container *c, const char *key, c ...@@ -2038,7 +2038,7 @@ static int do_lxcapi_get_config_item(struct lxc_container *c, const char *key, c
* implemented. * implemented.
*/ */
if (config && config->get) if (config && config->get)
ret = config->get(key, retv, inlen, c->lxc_conf); ret = config->get(key, retv, inlen, c->lxc_conf, NULL);
container_mem_unlock(c); container_mem_unlock(c);
return ret; return ret;
...@@ -2511,7 +2511,7 @@ static bool set_config_item_locked(struct lxc_container *c, const char *key, con ...@@ -2511,7 +2511,7 @@ static bool set_config_item_locked(struct lxc_container *c, const char *key, con
config = lxc_getconfig(key); config = lxc_getconfig(key);
if (!config) if (!config)
return false; return false;
if (config->set(key, v, c->lxc_conf) != 0) if (config->set(key, v, c->lxc_conf, NULL) != 0)
return false; return false;
return do_append_unexp_config_line(c->lxc_conf, key, v); return do_append_unexp_config_line(c->lxc_conf, key, v);
} }
......
src/lxc/start.c
...@@ -1239,7 +1239,7 @@ static int lxc_spawn(struct lxc_handler *handler) ...@@ -1239,7 +1239,7 @@ static int lxc_spawn(struct lxc_handler *handler)
/* That should be done before the clone because we will /* That should be done before the clone because we will
* fill the netdev index and use them in the child. * fill the netdev index and use them in the child.
*/ */
if (lxc_create_network(handler)) { if (lxc_setup_networks_in_parent_namespaces(handler)) {
ERROR("Failed to create the network."); ERROR("Failed to create the network.");
lxc_sync_fini(handler); lxc_sync_fini(handler);
return -1; return -1;
......
src/tests/get_item.c
...@@ -298,7 +298,7 @@ int main(int argc, char *argv[]) ...@@ -298,7 +298,7 @@ int main(int argc, char *argv[])
} }
printf("%d: get_config_item(lxc.network) returned %d %s\n", __LINE__, ret, v2); printf("%d: get_config_item(lxc.network) returned %d %s\n", __LINE__, ret, v2);
if (!c->set_config_item(c, "lxc.network.ipv4", "10.2.3.4")) { if (!c->set_config_item(c, "lxc.network.0.ipv4", "10.2.3.4")) {
fprintf(stderr, "%d: failed to set ipv4\n", __LINE__); fprintf(stderr, "%d: failed to set ipv4\n", __LINE__);
goto out; goto out;
} }
...@@ -318,7 +318,7 @@ int main(int argc, char *argv[]) ...@@ -318,7 +318,7 @@ int main(int argc, char *argv[])
goto out; goto out;
} }
if (!c->set_config_item(c, "lxc.network.ipv4.gateway", "10.2.3.254")) { if (!c->set_config_item(c, "lxc.network.0.ipv4.gateway", "10.2.3.254")) {
fprintf(stderr, "%d: failed to set ipv4.gateway\n", __LINE__); fprintf(stderr, "%d: failed to set ipv4.gateway\n", __LINE__);
goto out; goto out;
} }
......
src/tests/parse_config_file.c
...@@ -18,15 +18,14 @@ ...@@ -18,15 +18,14 @@
*/ */
#include <lxc/lxccontainer.h> #include <lxc/lxccontainer.h>
#include <unistd.h> #include <errno.h>
#include <signal.h> #include <signal.h>
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#include <string.h>
#include <sys/types.h> #include <sys/types.h>
#include <sys/wait.h> #include <sys/wait.h>
#include <stdlib.h> #include <unistd.h>
#include <errno.h>
#include <string.h>
#include "confile_utils.h" #include "confile_utils.h"
#include "lxc/state.h" #include "lxc/state.h"
...@@ -83,19 +82,70 @@ static int set_get_compare_clear_save_load(struct lxc_container *c, ...@@ -83,19 +82,70 @@ static int set_get_compare_clear_save_load(struct lxc_container *c,
return -1; return -1;
} }
if (config_file) { c->clear_config(c);
if (!c->save_config(c, config_file)) { c->lxc_conf = NULL;
lxc_error("%s\n", "failed to save config file");
return 0;
}
static int set_and_clear_complete_netdev(struct lxc_container *c)
{
if (!c->set_config_item(c, "lxc.network.1.type", "veth")) {
lxc_error("%s\n", "lxc.network.1.type");
return -1; return -1;
} }
c->clear_config(c); if (!c->set_config_item(c, "lxc.network.1.ipv4", "10.0.2.3/24")) {
c->lxc_conf = NULL; lxc_error("%s\n", "lxc.network.1.ipv4");
return -1;
}
if (!c->load_config(c, config_file)) { if (!c->set_config_item(c, "lxc.network.1.ipv4_gateway", "10.0.2.2")) {
lxc_error("%s\n", "failed to load config file"); lxc_error("%s\n", "lxc.network.1.ipv4");
return -1;
}
if (!c->set_config_item(c, "lxc.network.1.ipv6",
"2003:db8:1:0:214:1234:fe0b:3596/64")) {
lxc_error("%s\n", "lxc.network.1.ipv6");
return -1;
}
if (!c->set_config_item(c, "lxc.network.1.ipv6_gateway",
"2003:db8:1:0::1")) {
lxc_error("%s\n", "lxc.network.1.ipv6");
return -1;
}
if (!c->set_config_item(c, "lxc.network.1.flags", "up")) {
lxc_error("%s\n", "lxc.network.1.flags");
return -1;
}
if (!c->set_config_item(c, "lxc.network.1.link", "br0")) {
lxc_error("%s\n", "lxc.network.1.link");
return -1;
}
if (!c->set_config_item(c, "lxc.network.1.veth.pair", "bla")) {
lxc_error("%s\n", "lxc.network.1.veth.pair");
return -1;
}
if (!c->set_config_item(c, "lxc.network.1.hwaddr",
"52:54:00:80:7a:5d")) {
lxc_error("%s\n", "lxc.network.1.hwaddr");
return -1;
}
if (!c->set_config_item(c, "lxc.network.1.mtu", "2000")) {
lxc_error("%s\n", "lxc.network.1.mtu");
return -1; return -1;
} }
if (!c->clear_config_item(c, "lxc.network.1")) {
lxc_error("%s", "failed to clear \"lxc.network.1\"\n");
return -1;
} }
c->clear_config(c); c->clear_config(c);
...@@ -155,6 +205,72 @@ int test_idmap_parser(void) ...@@ -155,6 +205,72 @@ int test_idmap_parser(void)
return 0; return 0;
} }
static int set_get_compare_clear_save_load_network(
struct lxc_container *c, const char *key, const char *value,
const char *config_file, bool compare, const char *network_type)
{
char retval[4096] = {0};
int ret;
if (!c->set_config_item(c, "lxc.network.0.type", network_type)) {
lxc_error("%s\n", "lxc.network.0.type");
return -1;
}
if (!c->set_config_item(c, key, value)) {
lxc_error("failed to set config item \"%s\" to \"%s\"\n", key,
value);
return -1;
}
ret = c->get_config_item(c, key, retval, sizeof(retval));
if (ret < 0) {
lxc_error("failed to get config item \"%s\"\n", key);
return -1;
}
if (compare) {
ret = strcmp(retval, value);
if (ret != 0) {
lxc_error(
"expected value \"%s\" and retrieved value \"%s\" "
"for config key \"%s\" do not match\n",
value, retval, key);
return -1;
}
}
if (config_file) {
if (!c->save_config(c, config_file)) {
lxc_error("%s\n", "failed to save config file");
return -1;
}
c->clear_config(c);
c->lxc_conf = NULL;
if (!c->load_config(c, config_file)) {
lxc_error("%s\n", "failed to load config file");
return -1;
}
}
if (!c->clear_config_item(c, key)) {
lxc_error("failed to clear config item \"%s\"\n", key);
return -1;
}
if (!c->clear_config_item(c, "lxc.network.0.type")) {
lxc_error("%s\n", "lxc.network.0.type");
return -1;
}
c->clear_config(c);
c->lxc_conf = NULL;
return 0;
}
int main(int argc, char *argv[]) int main(int argc, char *argv[])
{ {
struct lxc_container *c; struct lxc_container *c;
...@@ -163,7 +279,7 @@ int main(int argc, char *argv[]) ...@@ -163,7 +279,7 @@ int main(int argc, char *argv[])
char tmpf[] = "lxc-parse-config-file-XXXXXX"; char tmpf[] = "lxc-parse-config-file-XXXXXX";
char retval[4096] = {0}; char retval[4096] = {0};
c = lxc_container_new("lxc-parse-config-file-testxyz", NULL); c = lxc_container_new(tmpf, NULL);
if (!c) { if (!c) {
lxc_error("%s\n", "failed to create new container"); lxc_error("%s\n", "failed to create new container");
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
...@@ -172,55 +288,63 @@ int main(int argc, char *argv[]) ...@@ -172,55 +288,63 @@ int main(int argc, char *argv[])
fd = mkstemp(tmpf); fd = mkstemp(tmpf);
if (fd < 0) { if (fd < 0) {
lxc_error("%s\n", "Could not create temporary file"); lxc_error("%s\n", "Could not create temporary file");
goto non_test_error; exit(ret);
} }
close(fd); close(fd);
/* lxc.arch */ /* lxc.arch */
if (set_get_compare_clear_save_load(c, "lxc.arch", "x86_64", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.arch", "x86_64", tmpf,
true) < 0) {
lxc_error("%s\n", "lxc.arch"); lxc_error("%s\n", "lxc.arch");
goto non_test_error; goto non_test_error;
} }
/* lxc.pts */ /* lxc.pts */
if (set_get_compare_clear_save_load(c, "lxc.pts", "1000", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.pts", "1000", tmpf, true) <
0) {
lxc_error("%s\n", "lxc.pts"); lxc_error("%s\n", "lxc.pts");
goto non_test_error; goto non_test_error;
} }
/* lxc.tty */ /* lxc.tty */
if (set_get_compare_clear_save_load(c, "lxc.tty", "4", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.tty", "4", tmpf, true) <
0) {
lxc_error("%s\n", "lxc.tty"); lxc_error("%s\n", "lxc.tty");
goto non_test_error; goto non_test_error;
} }
/* lxc.devttydir */ /* lxc.devttydir */
if (set_get_compare_clear_save_load(c, "lxc.devttydir", "not-dev", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.devttydir", "not-dev", tmpf,
true) < 0) {
lxc_error("%s\n", "lxc.devttydir"); lxc_error("%s\n", "lxc.devttydir");
goto non_test_error; goto non_test_error;
} }
/* lxc.kmsg */ /* lxc.kmsg */
if (set_get_compare_clear_save_load(c, "lxc.kmsg", "1", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.kmsg", "1", tmpf, true) <
0) {
lxc_error("%s\n", "lxc.kmsg"); lxc_error("%s\n", "lxc.kmsg");
goto non_test_error; goto non_test_error;
} }
/* lxc.aa_profile */ /* lxc.aa_profile */
if (set_get_compare_clear_save_load(c, "lxc.aa_profile", "unconfined", tmpf, true) < if (set_get_compare_clear_save_load(c, "lxc.aa_profile", "unconfined",
0) { tmpf, true) < 0) {
lxc_error("%s\n", "lxc.aa_profile"); lxc_error("%s\n", "lxc.aa_profile");
goto non_test_error; goto non_test_error;
} }
/* lxc.aa_allow_incomplete */ /* lxc.aa_allow_incomplete */
if (set_get_compare_clear_save_load(c, "lxc.aa_allow_incomplete", "1", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.aa_allow_incomplete", "1",
tmpf, true) < 0) {
lxc_error("%s\n", "lxc.aa_allow_incomplete"); lxc_error("%s\n", "lxc.aa_allow_incomplete");
goto non_test_error; goto non_test_error;
} }
/* lxc.cgroup.cpuset.cpus */ /* lxc.cgroup.cpuset.cpus */
if (set_get_compare_clear_save_load(c, "lxc.cgroup.cpuset.cpus", "1-100", tmpf, false) < 0) { if (set_get_compare_clear_save_load(c, "lxc.cgroup.cpuset.cpus",
"1-100", tmpf, false) < 0) {
lxc_error("%s\n", "lxc.cgroup.cpuset.cpus"); lxc_error("%s\n", "lxc.cgroup.cpuset.cpus");
goto non_test_error; goto non_test_error;
} }
...@@ -254,8 +378,8 @@ int main(int argc, char *argv[]) ...@@ -254,8 +378,8 @@ int main(int argc, char *argv[])
* chown the container's directory but we haven't created an on-disk * chown the container's directory but we haven't created an on-disk
* container. So let's test set-get-clear. * container. So let's test set-get-clear.
*/ */
if (set_get_compare_clear_save_load(c, "lxc.id_map", "u 0 100000 1000000000", if (set_get_compare_clear_save_load(
NULL, false) < 0) { c, "lxc.id_map", "u 0 100000 1000000000", NULL, false) < 0) {
lxc_error("%s\n", "lxc.id_map"); lxc_error("%s\n", "lxc.id_map");
goto non_test_error; goto non_test_error;
} }
...@@ -281,19 +405,22 @@ int main(int argc, char *argv[]) ...@@ -281,19 +405,22 @@ int main(int argc, char *argv[])
c->lxc_conf = NULL; c->lxc_conf = NULL;
/* lxc.loglevel */ /* lxc.loglevel */
if (set_get_compare_clear_save_load(c, "lxc.loglevel", "DEBUG", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.loglevel", "DEBUG", tmpf,
true) < 0) {
lxc_error("%s\n", "lxc.loglevel"); lxc_error("%s\n", "lxc.loglevel");
goto non_test_error; goto non_test_error;
} }
/* lxc.logfile */ /* lxc.logfile */
if (set_get_compare_clear_save_load(c, "lxc.logfile", "/some/path", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.logfile", "/some/path",
tmpf, true) < 0) {
lxc_error("%s\n", "lxc.logfile"); lxc_error("%s\n", "lxc.logfile");
goto non_test_error; goto non_test_error;
} }
/* lxc.mount */ /* lxc.mount */
if (set_get_compare_clear_save_load(c, "lxc.mount", "/some/path", NULL, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.mount", "/some/path", NULL,
true) < 0) {
lxc_error("%s\n", "lxc.mount"); lxc_error("%s\n", "lxc.mount");
goto non_test_error; goto non_test_error;
} }
...@@ -302,7 +429,9 @@ int main(int argc, char *argv[]) ...@@ -302,7 +429,9 @@ int main(int argc, char *argv[])
* Note that we cannot compare the values since the getter for * Note that we cannot compare the values since the getter for
* lxc.mount.auto does not preserve ordering. * lxc.mount.auto does not preserve ordering.
*/ */
if (set_get_compare_clear_save_load(c, "lxc.mount.auto", "proc:rw sys:rw cgroup-full:rw", tmpf, false) < 0) { if (set_get_compare_clear_save_load(c, "lxc.mount.auto",
"proc:rw sys:rw cgroup-full:rw",
tmpf, false) < 0) {
lxc_error("%s\n", "lxc.mount.auto"); lxc_error("%s\n", "lxc.mount.auto");
goto non_test_error; goto non_test_error;
} }
...@@ -313,230 +442,269 @@ int main(int argc, char *argv[]) ...@@ -313,230 +442,269 @@ int main(int argc, char *argv[])
*/ */
if (set_get_compare_clear_save_load( if (set_get_compare_clear_save_load(
c, "lxc.mount.entry", c, "lxc.mount.entry",
"/dev/dri dev/dri none bind,optional,create=dir", tmpf, false) < 0) { "/dev/dri dev/dri none bind,optional,create=dir", tmpf,
false) < 0) {
lxc_error("%s\n", "lxc.mount.entry"); lxc_error("%s\n", "lxc.mount.entry");
goto non_test_error; goto non_test_error;
} }
/* lxc.rootfs */ /* lxc.rootfs */
if (set_get_compare_clear_save_load(c, "lxc.rootfs", "/some/path", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.rootfs", "/some/path", tmpf,
true) < 0) {
lxc_error("%s\n", "lxc.rootfs"); lxc_error("%s\n", "lxc.rootfs");
goto non_test_error; goto non_test_error;
} }
/* lxc.rootfs.mount */ /* lxc.rootfs.mount */
if (set_get_compare_clear_save_load(c, "lxc.rootfs.mount", "/some/path", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.rootfs.mount", "/some/path",
tmpf, true) < 0) {
lxc_error("%s\n", "lxc.rootfs.mount"); lxc_error("%s\n", "lxc.rootfs.mount");
goto non_test_error; goto non_test_error;
} }
/* lxc.rootfs.options */ /* lxc.rootfs.options */
if (set_get_compare_clear_save_load(c, "lxc.rootfs.options", "ext4,discard", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.rootfs.options",
"ext4,discard", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.rootfs.options"); lxc_error("%s\n", "lxc.rootfs.options");
goto non_test_error; goto non_test_error;
} }
/* lxc.rootfs.backend */ /* lxc.rootfs.backend */
if (set_get_compare_clear_save_load(c, "lxc.rootfs.backend", "btrfs", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.rootfs.backend", "btrfs",
tmpf, true) < 0) {
lxc_error("%s\n", "lxc.rootfs.backend"); lxc_error("%s\n", "lxc.rootfs.backend");
goto non_test_error; goto non_test_error;
} }
/* lxc.utsname */ /* lxc.utsname */
if (set_get_compare_clear_save_load(c, "lxc.utsname", "the-shire", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.utsname", "the-shire", tmpf,
true) < 0) {
lxc_error("%s\n", "lxc.utsname"); lxc_error("%s\n", "lxc.utsname");
goto non_test_error; goto non_test_error;
} }
/* lxc.hook.pre-start */ /* lxc.hook.pre-start */
if (set_get_compare_clear_save_load(c, "lxc.hook.pre-start", "/some/pre-start", tmpf, false) < 0) { if (set_get_compare_clear_save_load(
c, "lxc.hook.pre-start", "/some/pre-start", tmpf, false) < 0) {
lxc_error("%s\n", "lxc.hook.pre-start"); lxc_error("%s\n", "lxc.hook.pre-start");
goto non_test_error; goto non_test_error;
} }
/* lxc.hook.pre-mount */ /* lxc.hook.pre-mount */
if (set_get_compare_clear_save_load(c, "lxc.hook.pre-mount", "/some/pre-mount", tmpf, false) < 0) { if (set_get_compare_clear_save_load(
c, "lxc.hook.pre-mount", "/some/pre-mount", tmpf, false) < 0) {
lxc_error("%s\n", "lxc.hook.pre-mount"); lxc_error("%s\n", "lxc.hook.pre-mount");
goto non_test_error; goto non_test_error;
} }
/* lxc.hook.mount */ /* lxc.hook.mount */
if (set_get_compare_clear_save_load(c, "lxc.hook.mount", "/some/mount", tmpf, false) < 0) { if (set_get_compare_clear_save_load(c, "lxc.hook.mount", "/some/mount",
tmpf, false) < 0) {
lxc_error("%s\n", "lxc.hook.mount"); lxc_error("%s\n", "lxc.hook.mount");
goto non_test_error; goto non_test_error;
} }
/* lxc.hook.autodev */ /* lxc.hook.autodev */
if (set_get_compare_clear_save_load(c, "lxc.hook.autodev", "/some/autodev", tmpf, false) < 0) { if (set_get_compare_clear_save_load(c, "lxc.hook.autodev",
"/some/autodev", tmpf, false) < 0) {
lxc_error("%s\n", "lxc.hook.autodev"); lxc_error("%s\n", "lxc.hook.autodev");
goto non_test_error; goto non_test_error;
} }
/* lxc.hook.start */ /* lxc.hook.start */
if (set_get_compare_clear_save_load(c, "lxc.hook.start", "/some/start", tmpf, false) < 0) { if (set_get_compare_clear_save_load(c, "lxc.hook.start", "/some/start",
tmpf, false) < 0) {
lxc_error("%s\n", "lxc.hook.start"); lxc_error("%s\n", "lxc.hook.start");
goto non_test_error; goto non_test_error;
} }
/* lxc.hook.stop */ /* lxc.hook.stop */
if (set_get_compare_clear_save_load(c, "lxc.hook.stop", "/some/stop", tmpf, false) < 0) { if (set_get_compare_clear_save_load(c, "lxc.hook.stop", "/some/stop",
tmpf, false) < 0) {
lxc_error("%s\n", "lxc.hook.stop"); lxc_error("%s\n", "lxc.hook.stop");
goto non_test_error; goto non_test_error;
} }
/* lxc.hook.post-stop */ /* lxc.hook.post-stop */
if (set_get_compare_clear_save_load(c, "lxc.hook.post-stop", "/some/post-stop", tmpf, false) < 0) { if (set_get_compare_clear_save_load(
c, "lxc.hook.post-stop", "/some/post-stop", tmpf, false) < 0) {
lxc_error("%s\n", "lxc.hook.post-stop"); lxc_error("%s\n", "lxc.hook.post-stop");
goto non_test_error; goto non_test_error;
} }
/* lxc.hook.clone */ /* lxc.hook.clone */
if (set_get_compare_clear_save_load(c, "lxc.hook.clone", "/some/clone", tmpf, false) < 0) { if (set_get_compare_clear_save_load(c, "lxc.hook.clone", "/some/clone",
tmpf, false) < 0) {
lxc_error("%s\n", "lxc.hook.clone"); lxc_error("%s\n", "lxc.hook.clone");
goto non_test_error; goto non_test_error;
} }
/* lxc.hook.destroy */ /* lxc.hook.destroy */
if (set_get_compare_clear_save_load(c, "lxc.hook.destroy", "/some/destroy", tmpf, false) < 0) { if (set_get_compare_clear_save_load(c, "lxc.hook.destroy",
"/some/destroy", tmpf, false) < 0) {
lxc_error("%s\n", "lxc.hook.destroy"); lxc_error("%s\n", "lxc.hook.destroy");
goto non_test_error; goto non_test_error;
} }
/* lxc.cap.drop */ /* lxc.cap.drop */
if (set_get_compare_clear_save_load(c, "lxc.cap.drop", "sys_module mknod setuid net_raw", tmpf, false) < 0) { if (set_get_compare_clear_save_load(c, "lxc.cap.drop",
"sys_module mknod setuid net_raw",
tmpf, false) < 0) {
lxc_error("%s\n", "lxc.cap.drop"); lxc_error("%s\n", "lxc.cap.drop");
goto non_test_error; goto non_test_error;
} }
/* lxc.cap.keep */ /* lxc.cap.keep */
if (set_get_compare_clear_save_load(c, "lxc.cap.keep", "sys_module mknod setuid net_raw", tmpf, false) < 0) { if (set_get_compare_clear_save_load(c, "lxc.cap.keep",
"sys_module mknod setuid net_raw",
tmpf, false) < 0) {
lxc_error("%s\n", "lxc.cap.keep"); lxc_error("%s\n", "lxc.cap.keep");
goto non_test_error; goto non_test_error;
} }
/* lxc.console */ /* lxc.console */
if (set_get_compare_clear_save_load(c, "lxc.console", "none", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.console", "none", tmpf,
true) < 0) {
lxc_error("%s\n", "lxc.console"); lxc_error("%s\n", "lxc.console");
goto non_test_error; goto non_test_error;
} }
/* lxc.console.logfile */ /* lxc.console.logfile */
if (set_get_compare_clear_save_load(c, "lxc.console.logfile", "/some/logfile", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.console.logfile",
"/some/logfile", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.console.logfile"); lxc_error("%s\n", "lxc.console.logfile");
goto non_test_error; goto non_test_error;
} }
/* lxc.seccomp */ /* lxc.seccomp */
if (set_get_compare_clear_save_load(c, "lxc.seccomp", "/some/seccomp/file", tmpf, true) < 0) { if (set_get_compare_clear_save_load(
c, "lxc.seccomp", "/some/seccomp/file", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.seccomp"); lxc_error("%s\n", "lxc.seccomp");
goto non_test_error; goto non_test_error;
} }
/* lxc.autodev */ /* lxc.autodev */
if (set_get_compare_clear_save_load(c, "lxc.autodev", "1", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.autodev", "1", tmpf, true) <
0) {
lxc_error("%s\n", "lxc.autodev"); lxc_error("%s\n", "lxc.autodev");
goto non_test_error; goto non_test_error;
} }
/* lxc.haltsignal */ /* lxc.haltsignal */
if (set_get_compare_clear_save_load(c, "lxc.haltsignal", "1", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.haltsignal", "1", tmpf,
true) < 0) {
lxc_error("%s\n", "lxc.haltsignal"); lxc_error("%s\n", "lxc.haltsignal");
goto non_test_error; goto non_test_error;
} }
/* lxc.rebootsignal */ /* lxc.rebootsignal */
if (set_get_compare_clear_save_load(c, "lxc.rebootsignal", "1", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.rebootsignal", "1", tmpf,
true) < 0) {
lxc_error("%s\n", "lxc.rebootsignal"); lxc_error("%s\n", "lxc.rebootsignal");
goto non_test_error; goto non_test_error;
} }
/* lxc.stopsignal */ /* lxc.stopsignal */
if (set_get_compare_clear_save_load(c, "lxc.stopsignal", "1", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.stopsignal", "1", tmpf,
true) < 0) {
lxc_error("%s\n", "lxc.stopsignal"); lxc_error("%s\n", "lxc.stopsignal");
goto non_test_error; goto non_test_error;
} }
/* lxc.start.auto */ /* lxc.start.auto */
if (set_get_compare_clear_save_load(c, "lxc.start.auto", "1", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.start.auto", "1", tmpf,
true) < 0) {
lxc_error("%s\n", "lxc.start.auto"); lxc_error("%s\n", "lxc.start.auto");
goto non_test_error; goto non_test_error;
} }
/* lxc.start.delay */ /* lxc.start.delay */
if (set_get_compare_clear_save_load(c, "lxc.start.delay", "5", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.start.delay", "5", tmpf,
true) < 0) {
lxc_error("%s\n", "lxc.start.delay"); lxc_error("%s\n", "lxc.start.delay");
goto non_test_error; goto non_test_error;
} }
/* lxc.start.order */ /* lxc.start.order */
if (set_get_compare_clear_save_load(c, "lxc.start.order", "1", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.start.order", "1", tmpf,
true) < 0) {
lxc_error("%s\n", "lxc.start.order"); lxc_error("%s\n", "lxc.start.order");
goto non_test_error; goto non_test_error;
} }
/* lxc.syslog */ /* lxc.syslog */
if (set_get_compare_clear_save_load(c, "lxc.syslog", "local0", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.syslog", "local0", tmpf,
true) < 0) {
lxc_error("%s\n", "lxc.syslog"); lxc_error("%s\n", "lxc.syslog");
goto non_test_error; goto non_test_error;
} }
/* lxc.utsname */ /* lxc.utsname */
if (set_get_compare_clear_save_load(c, "lxc.utsname", "get-schwifty", tmpf, true) < if (set_get_compare_clear_save_load(c, "lxc.utsname", "get-schwifty",
0) { tmpf, true) < 0) {
lxc_error("%s\n", "lxc.utsname"); lxc_error("%s\n", "lxc.utsname");
goto non_test_error; goto non_test_error;
} }
/* lxc.monitor.unshare */ /* lxc.monitor.unshare */
if (set_get_compare_clear_save_load(c, "lxc.monitor.unshare", "1", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.monitor.unshare", "1", tmpf,
true) < 0) {
lxc_error("%s\n", "lxc.monitor.unshare"); lxc_error("%s\n", "lxc.monitor.unshare");
goto non_test_error; goto non_test_error;
} }
/* lxc.group */ /* lxc.group */
if (set_get_compare_clear_save_load(c, "lxc.group", "some,container,groups", tmpf, false) < 0) { if (set_get_compare_clear_save_load(
c, "lxc.group", "some,container,groups", tmpf, false) < 0) {
lxc_error("%s\n", "lxc.group"); lxc_error("%s\n", "lxc.group");
goto non_test_error; goto non_test_error;
} }
/* lxc.environment */ /* lxc.environment */
if (set_get_compare_clear_save_load(c, "lxc.environment", "FOO=BAR", tmpf, false) < 0) { if (set_get_compare_clear_save_load(c, "lxc.environment", "FOO=BAR",
tmpf, false) < 0) {
lxc_error("%s\n", "lxc.environment"); lxc_error("%s\n", "lxc.environment");
goto non_test_error; goto non_test_error;
} }
/* lxc.init_cmd */ /* lxc.init_cmd */
if (set_get_compare_clear_save_load(c, "lxc.init_cmd", "/bin/bash", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.init_cmd", "/bin/bash",
tmpf, true) < 0) {
lxc_error("%s\n", "lxc.init_cmd"); lxc_error("%s\n", "lxc.init_cmd");
goto non_test_error; goto non_test_error;
} }
/* lxc.init_uid */ /* lxc.init_uid */
if (set_get_compare_clear_save_load(c, "lxc.init_uid", "1000", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.init_uid", "1000", tmpf,
true) < 0) {
lxc_error("%s\n", "lxc.init_uid"); lxc_error("%s\n", "lxc.init_uid");
goto non_test_error; goto non_test_error;
} }
/* lxc.init_gid */ /* lxc.init_gid */
if (set_get_compare_clear_save_load(c, "lxc.init_gid", "1000", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.init_gid", "1000", tmpf,
true) < 0) {
lxc_error("%s\n", "lxc.init_gid"); lxc_error("%s\n", "lxc.init_gid");
goto non_test_error; goto non_test_error;
} }
/* lxc.ephemeral */ /* lxc.ephemeral */
if (set_get_compare_clear_save_load(c, "lxc.ephemeral", "1", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.ephemeral", "1", tmpf,
true) < 0) {
lxc_error("%s\n", "lxc.ephemeral"); lxc_error("%s\n", "lxc.ephemeral");
goto non_test_error; goto non_test_error;
} }
/* lxc.no_new_privs */ /* lxc.no_new_privs */
if (set_get_compare_clear_save_load(c, "lxc.no_new_privs", "1", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.no_new_privs", "1", tmpf,
true) < 0) {
lxc_error("%s\n", "lxc.no_new_privs"); lxc_error("%s\n", "lxc.no_new_privs");
goto non_test_error; goto non_test_error;
} }
/* lxc.limit.nofile */ /* lxc.limit.nofile */
if (set_get_compare_clear_save_load(c, "lxc.limit.nofile", "65536", tmpf, true) < 0) { if (set_get_compare_clear_save_load(c, "lxc.limit.nofile", "65536",
tmpf, true) < 0) {
lxc_error("%s\n", "lxc.limit.nofile"); lxc_error("%s\n", "lxc.limit.nofile");
goto non_test_error; goto non_test_error;
} }
...@@ -546,8 +714,151 @@ int main(int argc, char *argv[]) ...@@ -546,8 +714,151 @@ int main(int argc, char *argv[])
goto non_test_error; goto non_test_error;
} }
if (set_get_compare_clear_save_load(c, "lxc.network.0.type", "veth",
tmpf, true)) {
lxc_error("%s\n", "lxc.network.0.type");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.network.2.type", "none",
tmpf, true)) {
lxc_error("%s\n", "lxc.network.2.type");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.network.3.type", "empty",
tmpf, true)) {
lxc_error("%s\n", "lxc.network.3.type");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.network.4.type", "vlan",
tmpf, true)) {
lxc_error("%s\n", "lxc.network.4.type");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.network.0.type", "macvlan",
tmpf, true)) {
lxc_error("%s\n", "lxc.network.0.type");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.network.1000.type", "phys",
tmpf, true)) {
lxc_error("%s\n", "lxc.network.1000.type");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.network.0.flags", "up",
tmpf, true)) {
lxc_error("%s\n", "lxc.network.0.flags");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.network.0.name", "eth0",
tmpf, true)) {
lxc_error("%s\n", "lxc.network.0.name");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.network.0.link", "bla",
tmpf, true)) {
lxc_error("%s\n", "lxc.network.0.link");
goto non_test_error;
}
if (set_get_compare_clear_save_load_network(
c, "lxc.network.0.macvlan.mode", "private", tmpf, true,
"macvlan")) {
lxc_error("%s\n", "lxc.network.0.macvlan.mode");
goto non_test_error;
}
if (set_get_compare_clear_save_load_network(
c, "lxc.network.0.macvlan.mode", "vepa", tmpf, true,
"macvlan")) {
lxc_error("%s\n", "lxc.network.0.macvlan.mode");
goto non_test_error;
}
if (set_get_compare_clear_save_load_network(
c, "lxc.network.0.macvlan.mode", "bridge", tmpf, true,
"macvlan")) {
lxc_error("%s\n", "lxc.network.0.macvlan.mode");
goto non_test_error;
}
if (set_get_compare_clear_save_load_network(
c, "lxc.network.0.veth.pair", "clusterfuck", tmpf, true,
"veth")) {
lxc_error("%s\n", "lxc.network.0.veth.pair");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.network.0.script.up",
"/some/up/path", tmpf, true)) {
lxc_error("%s\n", "lxc.network.0.script.up");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.network.0.script.down",
"/some/down/path", tmpf, true)) {
lxc_error("%s\n", "lxc.network.0.script.down");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.network.0.hwaddr",
"52:54:00:80:7a:5d", tmpf, true)) {
lxc_error("%s\n", "lxc.network.0.hwaddr");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.network.0.mtu", "2000",
tmpf, true)) {
lxc_error("%s\n", "lxc.network.0.mtu");
goto non_test_error;
}
if (set_get_compare_clear_save_load_network(c, "lxc.network.0.vlan.id",
"2", tmpf, true, "vlan")) {
lxc_error("%s\n", "lxc.network.0.vlan.id");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.network.0.ipv4.gateway",
"10.0.2.2", tmpf, true)) {
lxc_error("%s\n", "lxc.network.0.ipv4.gateway");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.network.0.ipv6.gateway",
"2003:db8:1::1", tmpf, true)) {
lxc_error("%s\n", "lxc.network.0.ipv6.gateway");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.network.0.ipv4",
"10.0.2.3/24", tmpf, true)) {
lxc_error("%s\n", "lxc.network.0.ipv4");
goto non_test_error;
}
if (set_get_compare_clear_save_load(
c, "lxc.network.0.ipv6", "2003:db8:1:0:214:1234:fe0b:3596/64",
tmpf, true)) {
lxc_error("%s\n", "lxc.network.0.ipv6");
goto non_test_error;
}
if (set_and_clear_complete_netdev(c) < 0) {
lxc_error("%s\n", "failed to clear whole network");
goto non_test_error;
}
ret = EXIT_SUCCESS; ret = EXIT_SUCCESS;
non_test_error: non_test_error:
(void)unlink(tmpf);
c->destroy(c); c->destroy(c);
lxc_container_put(c); lxc_container_put(c);
exit(ret); exit(ret);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment