[lxc-devel] [PATCH 1/1] lxc-user-nic: use common code from network.c
Stéphane Graber
stgraber at ubuntu.com
Mon Nov 25 19:44:36 UTC 2013
On Fri, Nov 22, 2013 at 08:04:59PM -0600, Serge Hallyn wrote:
> This pulls a lot of common code out of lxc_user_nic.c. It also
> moves one function from conf.c that was duplicated in lxc_user_nic.c
> (It removes a DEBUG statement because (a) it doesn't seem actually
> useful and (b) DEBUG doesn't work in network.c).
>
> Also replace the old test of only parsing code with a skeleton for
> a full test. (Note - the test will need some work, it's just there
> as do-what-i-mean code example)
>
> Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Wow, this is much cleaner!
I'm assuming that those functions you moved over are identical (didn't
re-check the code within those) and I didn't do a test-run of the new
script but I'm also assuming you did.
Thanks for the cleanup!
Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> ---
> src/lxc/Makefile.am | 2 +-
> src/lxc/conf.c | 41 -----
> src/lxc/lxc_user_nic.c | 403 +--------------------------------------------
> src/lxc/network.c | 45 ++++-
> src/lxc/network.h | 4 +
> src/tests/Makefile.am | 4 +-
> src/tests/lxc-test-usernic | 126 +++++++++++---
> 7 files changed, 156 insertions(+), 469 deletions(-)
>
> diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
> index bcb644e..6534381 100644
> --- a/src/lxc/Makefile.am
> +++ b/src/lxc/Makefile.am
> @@ -222,7 +222,7 @@ lxc_kill_SOURCES = lxc_kill.c
> lxc_create_SOURCES = lxc_create.c
> lxc_snapshot_SOURCES = lxc_snapshot.c
> lxc_usernsexec_SOURCES = lxc_usernsexec.c
> -lxc_user_nic_SOURCES = lxc_user_nic.c
> +lxc_user_nic_SOURCES = lxc_user_nic.c network.c network.h
>
> install-exec-local: install-soPROGRAMS
> mkdir -p $(DESTDIR)$(datadir)/lxc
> diff --git a/src/lxc/conf.c b/src/lxc/conf.c
> index 4b786b1..860fc5b 100644
> --- a/src/lxc/conf.c
> +++ b/src/lxc/conf.c
> @@ -2583,47 +2583,6 @@ void lxc_rename_phys_nics_on_shutdown(struct lxc_conf *conf)
> free(conf->saved_nics);
> }
>
> -static int setup_private_host_hw_addr(char *veth1)
> -{
> - struct ifreq ifr;
> - int err;
> - int sockfd;
> -
> - process_lock();
> - sockfd = socket(AF_INET, SOCK_DGRAM, 0);
> - process_unlock();
> - if (sockfd < 0)
> - return -errno;
> -
> - snprintf((char *)ifr.ifr_name, IFNAMSIZ, "%s", veth1);
> - err = ioctl(sockfd, SIOCGIFHWADDR, &ifr);
> - if (err < 0) {
> - process_lock();
> - close(sockfd);
> - process_unlock();
> - return -errno;
> - }
> -
> - ifr.ifr_hwaddr.sa_data[0] = 0xfe;
> - err = ioctl(sockfd, SIOCSIFHWADDR, &ifr);
> - process_lock();
> - close(sockfd);
> - process_unlock();
> - if (err < 0)
> - return -errno;
> -
> - DEBUG("mac address of host interface '%s' changed to private "
> - "%02x:%02x:%02x:%02x:%02x:%02x", veth1,
> - ifr.ifr_hwaddr.sa_data[0] & 0xff,
> - ifr.ifr_hwaddr.sa_data[1] & 0xff,
> - ifr.ifr_hwaddr.sa_data[2] & 0xff,
> - ifr.ifr_hwaddr.sa_data[3] & 0xff,
> - ifr.ifr_hwaddr.sa_data[4] & 0xff,
> - ifr.ifr_hwaddr.sa_data[5] & 0xff);
> -
> - return 0;
> -}
> -
> static char *default_rootfs_mount = LXCROOTFSMOUNT;
>
> struct lxc_conf *lxc_conf_init(void)
> diff --git a/src/lxc/lxc_user_nic.c b/src/lxc/lxc_user_nic.c
> index 952fe14..af1e944 100644
> --- a/src/lxc/lxc_user_nic.c
> +++ b/src/lxc/lxc_user_nic.c
> @@ -45,51 +45,9 @@
> #include <linux/rtnetlink.h>
> #include <linux/sockios.h>
> #include <sys/param.h>
> -#include <sched.h>
> #include "config.h"
> #include "utils.h"
> -
> -#if ISTEST
> -#define CONF_FILE "/tmp/lxc-usernet"
> -#define DB_FILE "/tmp/nics"
> -#else
> -#define CONF_FILE LXC_USERNIC_CONF
> -#define DB_FILE LXC_USERNIC_DB
> -#endif
> -
> -#include "nl.h"
> -
> -#ifndef IFLA_LINKMODE
> -# define IFLA_LINKMODE 17
> -#endif
> -
> -#ifndef IFLA_LINKINFO
> -# define IFLA_LINKINFO 18
> -#endif
> -
> -#ifndef IFLA_NET_NS_PID
> -# define IFLA_NET_NS_PID 19
> -#endif
> -
> -#ifndef IFLA_INFO_KIND
> -# define IFLA_INFO_KIND 1
> -#endif
> -
> -#ifndef IFLA_VLAN_ID
> -# define IFLA_VLAN_ID 1
> -#endif
> -
> -#ifndef IFLA_INFO_DATA
> -# define IFLA_INFO_DATA 2
> -#endif
> -
> -#ifndef VETH_INFO_PEER
> -# define VETH_INFO_PEER 1
> -#endif
> -
> -#ifndef IFLA_MACVLAN_MODE
> -# define IFLA_MACVLAN_MODE 1
> -#endif
> +#include "network.h"
>
> void usage(char *me, bool fail)
> {
> @@ -146,14 +104,14 @@ static char *get_username(void)
> */
> static int get_alloted(char *me, char *intype, char *link)
> {
> - FILE *fin = fopen(CONF_FILE, "r");
> + FILE *fin = fopen(LXC_USERNIC_CONF, "r");
> char *line = NULL;
> char user[100], type[100], br[100];
> size_t len = 0;
> int n = -1, ret;
>
> if (!fin) {
> - fprintf(stderr, "Failed to open %s: %s\n", CONF_FILE,
> + fprintf(stderr, "Failed to open %s: %s\n", LXC_USERNIC_CONF,
> strerror(errno));
> return -1;
> }
> @@ -229,11 +187,7 @@ static bool nic_exists(char *nic)
> int ret;
> struct stat sb;
>
> -#if ISTEST
> - ret = snprintf(path, MAXPATHLEN, "/tmp/lxcnettest/%s", nic);
> -#else
> ret = snprintf(path, MAXPATHLEN, "/sys/class/net/%s", nic);
> -#endif
> if (ret < 0 || ret >= MAXPATHLEN) // should never happen!
> return true;
> ret = stat(path, &sb);
> @@ -242,198 +196,6 @@ static bool nic_exists(char *nic)
> return true;
> }
>
> -struct link_req {
> - struct nlmsg nlmsg;
> - struct ifinfomsg ifinfomsg;
> -};
> -
> -#if ! ISTEST
> -
> -static int lxc_veth_create(const char *name1, const char *name2)
> -{
> - struct nl_handler nlh;
> - struct nlmsg *nlmsg = NULL, *answer = NULL;
> - struct link_req *link_req;
> - struct rtattr *nest1, *nest2, *nest3;
> - int len, err;
> -
> - err = netlink_open(&nlh, NETLINK_ROUTE);
> - if (err)
> - return err;
> -
> - err = -EINVAL;
> - len = strlen(name1);
> - if (len == 1 || len >= IFNAMSIZ)
> - goto out;
> -
> - len = strlen(name2);
> - if (len == 1 || len >= IFNAMSIZ)
> - goto out;
> -
> - err = -ENOMEM;
> - nlmsg = nlmsg_alloc(NLMSG_GOOD_SIZE);
> - if (!nlmsg)
> - goto out;
> -
> - answer = nlmsg_alloc(NLMSG_GOOD_SIZE);
> - if (!answer)
> - goto out;
> -
> - link_req = (struct link_req *)nlmsg;
> - link_req->ifinfomsg.ifi_family = AF_UNSPEC;
> - nlmsg->nlmsghdr.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg));
> - nlmsg->nlmsghdr.nlmsg_flags =
> - NLM_F_REQUEST|NLM_F_CREATE|NLM_F_EXCL|NLM_F_ACK;
> - nlmsg->nlmsghdr.nlmsg_type = RTM_NEWLINK;
> -
> - err = -EINVAL;
> - nest1 = nla_begin_nested(nlmsg, IFLA_LINKINFO);
> - if (!nest1)
> - goto out;
> -
> - if (nla_put_string(nlmsg, IFLA_INFO_KIND, "veth"))
> - goto out;
> -
> - nest2 = nla_begin_nested(nlmsg, IFLA_INFO_DATA);
> - if (!nest2)
> - goto out;
> -
> - nest3 = nla_begin_nested(nlmsg, VETH_INFO_PEER);
> - if (!nest3)
> - goto out;
> -
> - nlmsg->nlmsghdr.nlmsg_len += sizeof(struct ifinfomsg);
> -
> - if (nla_put_string(nlmsg, IFLA_IFNAME, name2))
> - goto out;
> -
> - nla_end_nested(nlmsg, nest3);
> -
> - nla_end_nested(nlmsg, nest2);
> -
> - nla_end_nested(nlmsg, nest1);
> -
> - if (nla_put_string(nlmsg, IFLA_IFNAME, name1))
> - goto out;
> -
> - err = netlink_transaction(&nlh, nlmsg, answer);
> -out:
> - netlink_close(&nlh);
> - nlmsg_free(answer);
> - nlmsg_free(nlmsg);
> - return err;
> -}
> -
> -static int lxc_netdev_move(char *ifname, pid_t pid)
> -{
> - struct nl_handler nlh;
> - struct nlmsg *nlmsg = NULL;
> - struct link_req *link_req;
> - int err, index;
> -
> - index = if_nametoindex(ifname);
> - if (!ifname)
> - return -EINVAL;
> -
> - err = netlink_open(&nlh, NETLINK_ROUTE);
> - if (err)
> - return err;
> -
> - err = -ENOMEM;
> - nlmsg = nlmsg_alloc(NLMSG_GOOD_SIZE);
> - if (!nlmsg)
> - goto out;
> -
> - link_req = (struct link_req *)nlmsg;
> - link_req->ifinfomsg.ifi_family = AF_UNSPEC;
> - link_req->ifinfomsg.ifi_index = index;
> - nlmsg->nlmsghdr.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg));
> - nlmsg->nlmsghdr.nlmsg_flags = NLM_F_REQUEST|NLM_F_ACK;
> - nlmsg->nlmsghdr.nlmsg_type = RTM_NEWLINK;
> -
> - if (nla_put_u32(nlmsg, IFLA_NET_NS_PID, pid))
> - goto out;
> -
> - err = netlink_transaction(&nlh, nlmsg, nlmsg);
> -out:
> - netlink_close(&nlh);
> - nlmsg_free(nlmsg);
> - return err;
> -}
> -
> -static int setup_private_host_hw_addr(char *veth1)
> -{
> - struct ifreq ifr;
> - int err;
> - int sockfd;
> -
> - sockfd = socket(AF_INET, SOCK_DGRAM, 0);
> - if (sockfd < 0)
> - return -errno;
> -
> - snprintf((char *)ifr.ifr_name, IFNAMSIZ, "%s", veth1);
> - err = ioctl(sockfd, SIOCGIFHWADDR, &ifr);
> - if (err < 0) {
> - close(sockfd);
> - return -errno;
> - }
> -
> - ifr.ifr_hwaddr.sa_data[0] = 0xfe;
> - err = ioctl(sockfd, SIOCSIFHWADDR, &ifr);
> - close(sockfd);
> - if (err < 0)
> - return -errno;
> -
> - return 0;
> -}
> -
> -static int netdev_set_flag(const char *name, int flag)
> -{
> - struct nl_handler nlh;
> - struct nlmsg *nlmsg = NULL, *answer = NULL;
> - struct link_req *link_req;
> - int index, len, err;
> -
> - err = netlink_open(&nlh, NETLINK_ROUTE);
> - if (err)
> - return err;
> -
> - err = -EINVAL;
> - len = strlen(name);
> - if (len == 1 || len >= IFNAMSIZ)
> - goto out;
> -
> - err = -ENOMEM;
> - nlmsg = nlmsg_alloc(NLMSG_GOOD_SIZE);
> - if (!nlmsg)
> - goto out;
> -
> - answer = nlmsg_alloc(NLMSG_GOOD_SIZE);
> - if (!answer)
> - goto out;
> -
> - err = -EINVAL;
> - index = if_nametoindex(name);
> - if (!index)
> - goto out;
> -
> - link_req = (struct link_req *)nlmsg;
> - link_req->ifinfomsg.ifi_family = AF_UNSPEC;
> - link_req->ifinfomsg.ifi_index = index;
> - link_req->ifinfomsg.ifi_change |= IFF_UP;
> - link_req->ifinfomsg.ifi_flags |= flag;
> - nlmsg->nlmsghdr.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg));
> - nlmsg->nlmsghdr.nlmsg_flags = NLM_F_REQUEST|NLM_F_ACK;
> - nlmsg->nlmsghdr.nlmsg_type = RTM_NEWLINK;
> -
> - err = netlink_transaction(&nlh, nlmsg, answer);
> -out:
> - netlink_close(&nlh);
> - nlmsg_free(nlmsg);
> - nlmsg_free(answer);
> - return err;
> -}
> -
> static int instanciate_veth(char *n1, char **n2)
> {
> int err;
> @@ -463,99 +225,8 @@ static int instanciate_veth(char *n1, char **n2)
> return netdev_set_flag(n1, IFF_UP);
> }
>
> -static int lxc_bridge_attach(const char *bridge, const char *ifname)
> -{
> - int fd, index, err;
> - struct ifreq ifr;
> -
> - if (strlen(ifname) >= IFNAMSIZ)
> - return -EINVAL;
> -
> - index = if_nametoindex(ifname);
> - if (!index)
> - return -EINVAL;
> -
> - fd = socket(AF_INET, SOCK_STREAM, 0);
> - if (fd < 0)
> - return -errno;
> -
> - strncpy(ifr.ifr_name, bridge, IFNAMSIZ-1);
> - ifr.ifr_name[IFNAMSIZ-1] = '\0';
> - ifr.ifr_ifindex = index;
> - err = ioctl(fd, SIOCBRADDIF, &ifr);
> - close(fd);
> - if (err)
> - err = -errno;
> -
> - return err;
> -}
> -
> -static int lxc_netdev_delete_by_index(int ifindex)
> -{
> - struct nl_handler nlh;
> - struct nlmsg *nlmsg = NULL, *answer = NULL;
> - struct link_req *link_req;
> - int err;
> -
> - err = netlink_open(&nlh, NETLINK_ROUTE);
> - if (err)
> - return err;
> -
> - err = -ENOMEM;
> - nlmsg = nlmsg_alloc(NLMSG_GOOD_SIZE);
> - if (!nlmsg)
> - goto out;
> -
> - answer = nlmsg_alloc(NLMSG_GOOD_SIZE);
> - if (!answer)
> - goto out;
> -
> - link_req = (struct link_req *)nlmsg;
> - link_req->ifinfomsg.ifi_family = AF_UNSPEC;
> - link_req->ifinfomsg.ifi_index = ifindex;
> - nlmsg->nlmsghdr.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg));
> - nlmsg->nlmsghdr.nlmsg_flags = NLM_F_ACK|NLM_F_REQUEST;
> - nlmsg->nlmsghdr.nlmsg_type = RTM_DELLINK;
> -
> - err = netlink_transaction(&nlh, nlmsg, answer);
> -out:
> - netlink_close(&nlh);
> - nlmsg_free(answer);
> - nlmsg_free(nlmsg);
> - return err;
> -}
> -
> -static int lxc_netdev_delete_by_name(const char *name)
> -{
> - int index;
> -
> - index = if_nametoindex(name);
> - if (!index)
> - return -EINVAL;
> -
> - return lxc_netdev_delete_by_index(index);
> -}
> -#else
> -static int lxc_netdev_delete_by_name(const char *name)
> -{
> - char path[200];
> - sprintf(path, "/tmp/lxcnettest/%s", name);
> - return unlink(path);
> -}
> -
> -#endif
> -
> static bool create_nic(char *nic, char *br, int pid, char **cnic)
> {
> -#if ISTEST
> - char path[200];
> - sprintf(path, "/tmp/lxcnettest/%s", nic);
> - int fd = open(path, O_RDWR|O_CREAT, S_IWUSR | S_IRUSR);
> - if (fd < 0)
> - return false;
> - close(fd);
> - return true;
> -#else
> char *veth1buf, *veth2buf;
> veth1buf = alloca(IFNAMSIZ);
> veth2buf = alloca(IFNAMSIZ);
> @@ -580,7 +251,7 @@ static bool create_nic(char *nic, char *br, int pid, char **cnic)
> }
>
> /* pass veth2 to target netns */
> - ret = lxc_netdev_move(veth2buf, pid);
> + ret = lxc_netdev_move_by_name(veth2buf, pid);
> if (ret < 0) {
> fprintf(stderr, "Error moving %s to netns %d\n", veth2buf, pid);
> goto out_del;
> @@ -591,7 +262,6 @@ static bool create_nic(char *nic, char *br, int pid, char **cnic)
> out_del:
> lxc_netdev_delete_by_name(veth1buf);
> return false;
> -#endif
> }
>
> /*
> @@ -775,65 +445,6 @@ again:
> goto again;
> }
>
> -static int lxc_netdev_rename_by_index(int ifindex, const char *newname)
> -{
> - struct nl_handler nlh;
> - struct nlmsg *nlmsg = NULL, *answer = NULL;
> - struct link_req *link_req;
> - int len, err;
> -
> - err = netlink_open(&nlh, NETLINK_ROUTE);
> - if (err)
> - return err;
> -
> - len = strlen(newname);
> - if (len == 1 || len >= IFNAMSIZ)
> - goto out;
> -
> - err = -ENOMEM;
> - nlmsg = nlmsg_alloc(NLMSG_GOOD_SIZE);
> - if (!nlmsg)
> - goto out;
> -
> - answer = nlmsg_alloc(NLMSG_GOOD_SIZE);
> - if (!answer)
> - goto out;
> -
> - link_req = (struct link_req *)nlmsg;
> - link_req->ifinfomsg.ifi_family = AF_UNSPEC;
> - link_req->ifinfomsg.ifi_index = ifindex;
> - nlmsg->nlmsghdr.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg));
> - nlmsg->nlmsghdr.nlmsg_flags = NLM_F_ACK|NLM_F_REQUEST;
> - nlmsg->nlmsghdr.nlmsg_type = RTM_NEWLINK;
> -
> - if (nla_put_string(nlmsg, IFLA_IFNAME, newname))
> - goto out;
> -
> - err = netlink_transaction(&nlh, nlmsg, answer);
> -out:
> - netlink_close(&nlh);
> - nlmsg_free(answer);
> - nlmsg_free(nlmsg);
> - return err;
> -}
> -
> -static int lxc_netdev_rename_by_name(const char *oldname, const char *newname)
> -{
> - int len, index;
> -
> - len = strlen(oldname);
> - if (len == 1 || len >= IFNAMSIZ)
> - return -EINVAL;
> -
> - index = if_nametoindex(oldname);
> - if (!index) {
> - fprintf(stderr, "Error getting ifindex for %s\n", oldname);
> - return -EINVAL;
> - }
> -
> - return lxc_netdev_rename_by_index(index, newname);
> -}
> -
> static int rename_in_ns(int pid, char *oldname, char *newname)
> {
> char nspath[MAXPATHLEN];
> @@ -952,13 +563,13 @@ int main(int argc, char *argv[])
> exit(1);
> }
>
> - if (!create_db_dir(DB_FILE)) {
> + if (!create_db_dir(LXC_USERNIC_DB)) {
> fprintf(stderr, "Failed to create directory for db file\n");
> exit(1);
> }
>
> - if ((fd = open_and_lock(DB_FILE)) < 0) {
> - fprintf(stderr, "Failed to lock %s\n", DB_FILE);
> + if ((fd = open_and_lock(LXC_USERNIC_DB)) < 0) {
> + fprintf(stderr, "Failed to lock %s\n", LXC_USERNIC_DB);
> exit(1);
> }
>
> diff --git a/src/lxc/network.c b/src/lxc/network.c
> index c30287e..94ff1f0 100644
> --- a/src/lxc/network.c
> +++ b/src/lxc/network.c
> @@ -130,6 +130,17 @@ out:
> return err;
> }
>
> +int lxc_netdev_move_by_name(char *ifname, pid_t pid)
> +{
> + int index;
> +
> + index = if_nametoindex(ifname);
> + if (!ifname)
> + return -EINVAL;
> +
> + return lxc_netdev_move_by_index(index, pid);
> +}
> +
> int lxc_netdev_delete_by_index(int ifindex)
> {
> struct nl_handler nlh;
> @@ -233,7 +244,7 @@ int lxc_netdev_rename_by_name(const char *oldname, const char *newname)
> return lxc_netdev_rename_by_index(index, newname);
> }
>
> -static int netdev_set_flag(const char *name, int flag)
> +int netdev_set_flag(const char *name, int flag)
> {
> struct nl_handler nlh;
> struct nlmsg *nlmsg = NULL, *answer = NULL;
> @@ -1036,3 +1047,35 @@ const char *lxc_net_type_to_str(int type)
> return NULL;
> return lxc_network_types[type];
> }
> +
> +int setup_private_host_hw_addr(char *veth1)
> +{
> + struct ifreq ifr;
> + int err;
> + int sockfd;
> +
> + process_lock();
> + sockfd = socket(AF_INET, SOCK_DGRAM, 0);
> + process_unlock();
> + if (sockfd < 0)
> + return -errno;
> +
> + snprintf((char *)ifr.ifr_name, IFNAMSIZ, "%s", veth1);
> + err = ioctl(sockfd, SIOCGIFHWADDR, &ifr);
> + if (err < 0) {
> + process_lock();
> + close(sockfd);
> + process_unlock();
> + return -errno;
> + }
> +
> + ifr.ifr_hwaddr.sa_data[0] = 0xfe;
> + err = ioctl(sockfd, SIOCSIFHWADDR, &ifr);
> + process_lock();
> + close(sockfd);
> + process_unlock();
> + if (err < 0)
> + return -errno;
> +
> + return 0;
> +}
> diff --git a/src/lxc/network.h b/src/lxc/network.h
> index 0ca7a9a..58db9a1 100644
> --- a/src/lxc/network.h
> +++ b/src/lxc/network.h
> @@ -32,6 +32,7 @@ extern int lxc_convert_mac(char *macaddr, struct sockaddr *sockaddr);
> * Move a device between namespaces
> */
> extern int lxc_netdev_move_by_index(int ifindex, pid_t pid);
> +extern int lxc_netdev_move_by_name(char *ifname, pid_t pid);
>
> /*
> * Delete a network device
> @@ -45,6 +46,8 @@ extern int lxc_netdev_delete_by_index(int ifindex);
> extern int lxc_netdev_rename_by_name(const char *oldname, const char *newname);
> extern int lxc_netdev_rename_by_index(int ifindex, const char *newname);
>
> +extern int netdev_set_flag(const char *name, int flag);
> +
> /*
> * Set the device network up or down
> */
> @@ -123,4 +126,5 @@ extern int lxc_neigh_proxy_on(const char *name, int family);
> extern int lxc_neigh_proxy_off(const char *name, int family);
>
> extern const char *lxc_net_type_to_str(int type);
> +extern int setup_private_host_hw_addr(char *veth1);
> #endif
> diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
> index cae82bf..ab956be 100644
> --- a/src/tests/Makefile.am
> +++ b/src/tests/Makefile.am
> @@ -15,8 +15,6 @@ lxc_test_lxcpath_SOURCES = lxcpath.c
> lxc_test_cgpath_SOURCES = cgpath.c
> lxc_test_clonetest_SOURCES = clonetest.c
> lxc_test_console_SOURCES = console.c
> -lxc_usernic_test_SOURCES = ../lxc/lxc_user_nic.c ../lxc/nl.c
> -lxc_usernic_test_CFLAGS = -DISTEST
> lxc_test_snapshot_SOURCES = snapshot.c
> lxc_test_concurrent_SOURCES = concurrent.c
> lxc_test_may_control_SOURCES = may_control.c
> @@ -42,7 +40,7 @@ endif
> bin_PROGRAMS = lxc-test-containertests lxc-test-locktests lxc-test-startone \
> lxc-test-destroytest lxc-test-saveconfig lxc-test-createtest \
> lxc-test-shutdowntest lxc-test-get_item lxc-test-getkeys lxc-test-lxcpath \
> - lxc-test-cgpath lxc-test-clonetest lxc-test-console lxc-usernic-test \
> + lxc-test-cgpath lxc-test-clonetest lxc-test-console \
> lxc-test-snapshot lxc-test-concurrent lxc-test-may-control \
> lxc-test-reboot lxc-test-list lxc-test-attach
>
> diff --git a/src/tests/lxc-test-usernic b/src/tests/lxc-test-usernic
> index 9e6d834..168bac0 100755
> --- a/src/tests/lxc-test-usernic
> +++ b/src/tests/lxc-test-usernic
> @@ -21,47 +21,119 @@
> # License along with this library; if not, write to the Free Software
> # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
>
> -conffile="/tmp/lxc-usernet"
> -dbfile="/tmp/nics"
> -sysfsdir=/tmp/lxcnettest
> +cleanup() {
> + sed -i '/usernic-user/d' /var/run/lxc/nics /etc/lxc/lxc-usernet
> + ifconfig usernic-br0 down
> + ifconfig usernic-br1 down
> + sudo brctl delbr usernic-br0
> + sudo brctl delbr usernic-br1
> + sudo deluser usernic-user
> + su -l usernic-user -c "lxc-stop -P /tmp/usernic-test/lxcbase -n b1"
> + rm -rf /tmp/usernic-test
> + exit $1
> +}
>
> -rm -f $conffile $dbfile
> +# create a test user
> +deluser usernic-user || true
> +useradd usernic-user
> +sudo mkdir -p /home/usernic-user
> +sudo chown usernic-user /home/usernic-user
> +usermod -v 910000-919999 -w 910000-919999 usernic-user
> +mkdir -p /tmp/usernic-test/lxcbase
> +chown usernic-user /tmp/usernic-test/lxcbase
> +uid=$(id -u usernic-user)
> +cat > /home/usernic-user/.bashrc << EOF
> +export XDG_RUNTIME_DIR=/run/user/$uid
> +EOF
> +XDG_RUNTIME_DIR=/run/user/$uid
> +export XDG_RUNTIME_DIR=/run/user/$uid
> +mkdir -p /run/user/$uid
> +chown usernic-user /run/user/$uid
> +env
> +echo XXX[
> +su -l usernic-user -c "env"
> +sleep 20
> +
> +#
> +cat > /tmp/lxc-usernic.conf << EOF
> +lxc.network.type = empty
> +lxc.id_map = u 0 911000 10000
> +lxc.id_map = g 0 911000 10000
> +EOF
>
> -rm -rf $sysfsdir
> -mkdir -p $sysfsdir
> +# Create two test bridges
>
> -# there is no conffile, so we have no permissions
> -lxc-usernic-test 1111 veth lxcbr0 > /dev/null 2>&1
> +brctl addbr usernic-br0
> +brctl addbr usernic-br1
> +ifconfig usernic-br0 0.0.0.0 up
> +ifconfig usernic-br1 0.0.0.0 up
> +
> +# Create three containers
> +su -l usernic-user -c "lxc-create -P /tmp/usernic-test/lxcbase -t busybox -n b1 -f /tmp/lxc-usernic.conf"
> +su -l usernic-user -c "lxc-start -P /tmp/usernic-test/lxcbase -n b1 -d"
> +p1=`lxc-info -P /tmp/usernic-test/lxcbase -n b1 -p | awk -F: '{ print $2 }'`
> +
> +# Assign one veth, should fail as no allowed entries yet
> +su -l usernic-user -c "lxc-user-nic $p1 veth usernic-br0 xx1"
> if [ $? -eq 0 ]; then
> - echo "Fail: empty conffile should not allow me a nic"
> - exit 1
> + echo "FAIL: able to create nic with no entries"
> + cleanup 1
> fi
>
> -cat > $conffile << EOF
> -$(id -un) veth lxcbr0 1
> -EOF
> +# Give him a quota of two
> +echo "lxc-usernet veth usernic-br0 2" >> /etc/lxc/lxc-usernet
> +
> +# Assign one veth to second bridge, should fail
> +su -l usernic-user -c "lxc-user-nic $p1 veth usernic-br1 xx1"
> +if [ $? -eq 0 ]; then
> + echo "FAIL: able to create nic with no entries"
> + cleanup 1
> +fi
>
> -# Should be allowed one but not two
> -lxc-usernic-test 1111 veth lxcbr0 > /dev/null 2>&1
> +# Assign two veths, should succeed
> +su -l usernic-user -c "lxc-user-nic $p1 veth usernic-br0 xx2"
> +if [ $? -ne 0 ]; then
> + echo "FAIL: unable to create first nic"
> + cleanup 1
> +fi
> +su -l usernic-user -c "lxc-user-nic $p1 veth usernic-br0 xx3"
> if [ $? -ne 0 ]; then
> - echo "Failed to get one allowed nic"
> - exit 1
> + echo "FAIL: unable to create second nic"
> + cleanup 1
> fi
>
> -lxc-usernic-test 1111 veth lxcbr0 > /dev/null 2>&1
> +# Assign one more veth, should fail.
> +su -l usernic-user -c "lxc-user-nic $p1 veth usernic-br0 xx4"
> if [ $? -eq 0 ]; then
> - echo "Fail: was able to get a second nic"
> - exit 1
> + echo "FAIL: able to create third nic"
> + cleanup 1
> fi
>
> -# now remove the 'existing nic' and make sure we're allowed to create
> -# a new one
> -lxc-usernic-test 1111 veth lxcbr0 > /dev/null 2>&1
> -rm -rf $sysfsdir
> -mkdir -p $sysfsdir
> +# Shut down and restart the container, should be able to assign more nics
> +su -l usernic-user -c "lxc-stop -P /tmp/usernic-test/lxcbase -n b1"
> +su -l usernic-user -c "lxc-start -P /tmp/usernic-test/lxcbase -n b1 -d"
> +p1=`lxc-info -P /tmp/usernic-test/lxcbase -n b1 -p | awk -F: '{ print $2 }'`
> +su -l usernic-user -c "lxc-user-nic $p1 veth usernic-br0 xx5"
> if [ $? -ne 0 ]; then
> - echo "Fail: was unable to get a replacement nic"
> - exit 1
> + echo "FAIL: unable to create nic after destroying the old"
> + cleanup 1
> +fi
> +
> +su -l usernic-user -c "lxc-stop -P /tmp/usernic-test/lxcbase -n b1"
> +
> +# Create a root-owned ns
> +lxc-create -t busybox -n usernic-c1
> +lxc-start -n usernic-c1 -d
> +p2=`lxc-info -n usernic-c1 -p | awk -F: '{ print $2}'`
> +
> +# assign veth to it - should fail
> +su -l usernic-user -c "lxc-user-nic $p2 veth usernic-br0 xx6"
> +ret=$?
> +lxc-stop -n usernic-c1
> +lxc-destroy -n usernic-c1
> +if [ $ret -eq 0 ]; then
> + echo "FAIL: able to attach nic to root-owned container"
> + cleanup 1
> fi
>
> echo "All tests passed"
> --
> 1.8.3.2
>
>
> ------------------------------------------------------------------------------
> Shape the Mobile Experience: Free Subscription
> Software experts and developers: Be at the forefront of tech innovation.
> Intel(R) Software Adrenaline delivers strategic insight and game-changing
> conversations that shape the rapidly evolving mobile landscape. Sign up now.
> http://pubads.g.doubleclick.net/gampad/clk?id=63431311&iu=/4140/ostg.clktrk
> _______________________________________________
> Lxc-devel mailing list
> Lxc-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/lxc-devel
--
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20131125/8f9af077/attachment.pgp>
More information about the lxc-devel
mailing list