[lxc-devel] [lxd/master] netnsid_getifaddrs: fix check for netnsid support
brauner on Github
lxc-bot at linuxcontainers.org
Wed Sep 19 07:43:06 UTC 2018
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 590 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20180919/48ca1a82/attachment.bin>
-------------- next part --------------
From 09a953359008706cd454e89db9b1c8c6f5052537 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 19 Sep 2018 09:40:59 +0200
Subject: [PATCH] netnsid_getifaddrs: fix check for netnsid support
The loopback device needs to be up for netnsid_getifaddrs() to actually
work. Let's avoid this churn and be smarter and assign a netnsid to the
host as seen from another network namespace.
Also, log an error on failure.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
lxd/main_checkfeature.go | 42 ++++++++++++++++++++++++++--------------
1 file changed, 28 insertions(+), 14 deletions(-)
diff --git a/lxd/main_checkfeature.go b/lxd/main_checkfeature.go
index 04773354db..86dd59c1ff 100644
--- a/lxd/main_checkfeature.go
+++ b/lxd/main_checkfeature.go
@@ -1,5 +1,9 @@
package main
+import (
+ "github.com/lxc/lxd/shared/logger"
+)
+
/*
#define _GNU_SOURCE
#include <errno.h>
@@ -18,6 +22,7 @@ package main
#include "../shared/netns_getifaddrs.c"
bool netnsid_aware = false;
+char errbuf[4096];
static int netns_set_nsid(int fd)
{
@@ -66,44 +71,44 @@ void checkfeature() {
hostnetns_fd = open("/proc/self/ns/net", O_RDONLY | O_CLOEXEC);
if (hostnetns_fd < 0) {
- fprintf(stderr, "Failed to preserve host network namespace\n");
+ (void)sprintf(errbuf, "%s", "Failed to preserve host network namespace\n");
goto on_error;
}
ret = unshare(CLONE_NEWNET);
if (ret < 0) {
- fprintf(stderr, "Failed to unshare network namespace\n");
+ (void)sprintf(errbuf, "%s", "Failed to unshare network namespace\n");
goto on_error;
}
newnetns_fd = open("/proc/self/ns/net", O_RDONLY | O_CLOEXEC);
if (newnetns_fd < 0) {
- fprintf(stderr, "Failed to preserve new network namespace\n");
- goto on_error;
- }
-
- ret = setns(hostnetns_fd, CLONE_NEWNET);
- if (ret < 0) {
- fprintf(stderr, "Failed to attach to host network namespace\n");
+ (void)sprintf(errbuf, "%s", "Failed to preserve new network namespace\n");
goto on_error;
}
- ret = netns_set_nsid(newnetns_fd);
+ ret = netns_set_nsid(hostnetns_fd);
if (ret < 0) {
- fprintf(stderr, "failed to set network namespace identifier\n");
+ (void)sprintf(errbuf, "%s", "failed to set network namespace identifier\n");
goto on_error;
}
- netnsid = netns_get_nsid(newnetns_fd);
+ netnsid = netns_get_nsid(hostnetns_fd);
if (netnsid < 0) {
- fprintf(stderr, "Failed to get network namespace identifier\n");
+ (void)sprintf(errbuf, "%s", "Failed to get network namespace identifier\n");
goto on_error;
}
ret = netns_getifaddrs(&ifaddrs, netnsid, &netnsid_aware);
netns_freeifaddrs(ifaddrs);
+ if (ret < 0) {
+ (void)sprintf(errbuf, "%s", "Netlink is not fully network namespace id aware\n");
+ goto on_error;
+ }
+
+ ret = setns(hostnetns_fd, CLONE_NEWNET);
if (ret < 0)
- fprintf(stderr, "Netlink is not fully network namespace id aware\n");
+ (void)sprintf(errbuf, "%s", "Failed to attach to host network namespace\n");
on_error:
if (hostnetns_fd >= 0)
@@ -112,9 +117,18 @@ on_error:
if (newnetns_fd >= 0)
close(newnetns_fd);
}
+
+static bool is_empty_string(char *s)
+{
+ return (errbuf[0] == '\0');
+}
*/
import "C"
func CanUseNetnsGetifaddrs() bool {
+ if bool(C.is_empty_string(&C.errbuf[0])) {
+ logger.Errorf("%s", C.GoString(&C.errbuf[0]))
+ }
+
return bool(C.netnsid_aware)
}
More information about the lxc-devel
mailing list