[lxc-devel] [PATCH] Move lxc-user-nic and lxc-monitord to libexec

Stéphane Graber stgraber at ubuntu.com
Tue Jan 21 04:12:26 UTC 2014 

Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
 lxc.spec.in                |  2 +-
 src/lxc/Makefile.am        | 35 +++++++++++++++++++----------------
 src/lxc/conf.c             | 13 +++++++++++--
 src/lxc/monitor.c          | 11 +++++++++--
 src/tests/lxc-test-usernic | 16 +++++++++-------
 5 files changed, 49 insertions(+), 28 deletions(-)

diff --git a/lxc.spec.in b/lxc.spec.in
index c8ff08e..5e68df2 100644
--- a/lxc.spec.in
+++ b/lxc.spec.in
@@ -124,7 +124,6 @@ rm -rf %{buildroot}
 %files
 %defattr(-,root,root)
 %{_bindir}/*
-%attr(4111,root,root) %{_bindir}/lxc-user-nic
 %{_mandir}/man1/lxc*
 %{_mandir}/man5/lxc*
 %{_mandir}/man7/lxc*
@@ -150,6 +149,7 @@ rm -rf %{buildroot}
 %endif
 %{_localstatedir}/*
 %attr(4555,root,root) %{_libexecdir}/%{name}/lxc-init
+%attr(4111,root,root) %{_libexecdir}/%{name}/lxc-user-nic
 %if %{with_systemd}
 %attr(555,root,root) %{_libexecdir}/%{name}/lxc-devsetup
 %endif
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 602447e..25cdf6d 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -113,6 +113,7 @@ AM_CFLAGS=-I$(top_srcdir)/src \
 	-DLXCPATH=\"$(LXCPATH)\" \
 	-DLXC_GLOBAL_CONF=\"$(LXC_GLOBAL_CONF)\" \
 	-DLXCINITDIR=\"$(LXCINITDIR)\" \
+	-DLIBEXECDIR=\"$(LIBEXECDIR)\" \
 	-DLXCTEMPLATEDIR=\"$(LXCTEMPLATEDIR)\" \
 	-DLOGPATH=\"$(LOGPATH)\" \
 	-DLXC_DEFAULT_CONFIG=\"$(LXC_DEFAULT_CONFIG)\" \
@@ -181,28 +182,28 @@ endif
 bin_PROGRAMS = \
 	lxc-attach \
 	lxc-autostart \
-	lxc-unshare \
-	lxc-stop \
-	lxc-start \
+	lxc-cgroup \
 	lxc-clone \
-	lxc-execute \
-	lxc-monitor \
-	lxc-monitord \
-	lxc-wait \
+	lxc-config \
 	lxc-console \
+	lxc-create \
+	lxc-destroy \
+	lxc-execute \
 	lxc-freeze \
 	lxc-info \
-	lxc-cgroup \
-	lxc-unfreeze \
-	lxc-config \
-	lxc-destroy \
-	lxc-create \
-	lxc-user-nic \
+	lxc-monitor \
 	lxc-snapshot \
-	lxc-usernsexec
+	lxc-start \
+	lxc-stop \
+	lxc-unfreeze \
+	lxc-unshare \
+	lxc-usernsexec \
+	lxc-wait
 
 pkglibexec_PROGRAMS = \
-	lxc-init
+	lxc-init \
+	lxc-monitord \
+	lxc-user-nic
 
 AM_LDFLAGS = -Wl,-E
 if ENABLE_RPATH
@@ -245,7 +246,9 @@ install-exec-local: install-soPROGRAMS
 	cd $(DESTDIR)$(libdir); \
 	ln -sf liblxc.so.$(VERSION) liblxc.so.$(firstword $(subst ., ,$(VERSION))); \
 	ln -sf liblxc.so.$(firstword $(subst ., ,$(VERSION))) liblxc.so
-	chmod u+s $(DESTDIR)$(bindir)/lxc-user-nic
+
+install-exec-hook:
+	chmod u+s $(DESTDIR)$(libexecdir)/lxc/lxc-user-nic
 
 uninstall-local:
 	$(RM) $(DESTDIR)$(libdir)/liblxc.so*
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 8ce783b..0eb9fc4 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -2982,6 +2982,7 @@ void lxc_delete_network(struct lxc_handler *handler)
 static int unpriv_assign_nic(struct lxc_netdev *netdev, pid_t pid)
 {
 	pid_t child;
+	int ret;
 
 	if (netdev->type != LXC_NET_VETH) {
 		ERROR("nic type %d not support for unprivileged use",
@@ -2998,11 +2999,19 @@ static int unpriv_assign_nic(struct lxc_netdev *netdev, pid_t pid)
 		return wait_for_pid(child);
 
 	// Call lxc-user-nic pid type bridge
+	char lxc_usernic_path[PATH_MAX];
+
+	ret = snprintf(lxc_usernic_path, PATH_MAX, LIBEXECDIR "/lxc/lxc-user-nic");
+	if (ret < 0 || ret >= PATH_MAX) {
+		ERROR("pathname too long");
+		return -1;
+	}
+
 	char pidstr[20];
-	char *args[] = { "lxc-user-nic", pidstr, "veth", netdev->link, netdev->name, NULL };
+	char *args[] = {lxc_usernic_path, pidstr, "veth", netdev->link, netdev->name, NULL };
 	snprintf(pidstr, 19, "%lu", (unsigned long) pid);
 	pidstr[19] = '\0';
-	execvp("lxc-user-nic", args);
+	execvp(args[0], args);
 	SYSERROR("execvp lxc-user-nic");
 	exit(1);
 }
diff --git a/src/lxc/monitor.c b/src/lxc/monitor.c
index 1fe1170..3473758 100644
--- a/src/lxc/monitor.c
+++ b/src/lxc/monitor.c
@@ -276,11 +276,18 @@ int lxc_monitor_read(int fd, struct lxc_msg *msg)
 int lxc_monitord_spawn(const char *lxcpath)
 {
 	pid_t pid1,pid2;
-	int pipefd[2];
+	int pipefd[2], ret;
 	char pipefd_str[11];
+	char monitord_path[PATH_MAX];
+
+	ret = snprintf(monitord_path, PATH_MAX, LIBEXECDIR "/lxc/lxc-monitord");
+	if (ret < 0 || ret >= PATH_MAX) {
+		ERROR("pathname too long");
+		return -1;
+	}
 
 	char * const args[] = {
-		"lxc-monitord",
+		monitord_path,
 		(char *)lxcpath,
 		pipefd_str,
 		NULL,
diff --git a/src/tests/lxc-test-usernic b/src/tests/lxc-test-usernic
index 801419a..e641cb9 100755
--- a/src/tests/lxc-test-usernic
+++ b/src/tests/lxc-test-usernic
@@ -68,13 +68,15 @@ brctl addbr usernic-br1
 ifconfig usernic-br0 0.0.0.0 up
 ifconfig usernic-br1 0.0.0.0 up
 
+LXC_USERNIC_PATH=$(ls -1 /usr/lib/*/lxc/lxc-user-nic | head -1)
+
 # Create three containers
 su -l usernic-user -c "lxc-create -P /tmp/usernic-test/lxcbase -t busybox -n b1 -f /tmp/lxc-usernic.conf"
 su -l usernic-user -c "lxc-start -P /tmp/usernic-test/lxcbase -n b1 -d"
 p1=`lxc-info -P /tmp/usernic-test/lxcbase -n b1 -p | awk -F: '{ print $2 }'`
 
 # Assign one veth, should fail as no allowed entries yet
-su -l usernic-user -c "lxc-user-nic $p1 veth usernic-br0 xx1"
+su -l usernic-user -c "$LXC_USERNIC_PATH $p1 veth usernic-br0 xx1"
 if [ $? -eq 0 ]; then
 	echo "FAIL: able to create nic with no entries"
 	cleanup 1
@@ -86,26 +88,26 @@ sed -i '/^lxc-usernet/d' /etc/lxc/lxc-usernet
 echo "lxc-usernet veth usernic-br0 2" >> /etc/lxc/lxc-usernet
 
 # Assign one veth to second bridge, should fail
-su -l usernic-user -c "lxc-user-nic $p1 veth usernic-br1 xx1"
+su -l usernic-user -c "$LXC_USERNIC_PATH $p1 veth usernic-br1 xx1"
 if [ $? -eq 0 ]; then
 	echo "FAIL: able to create nic with no entries"
 	cleanup 1
 fi
 
 # Assign two veths, should succeed
-su -l usernic-user -c "lxc-user-nic $p1 veth usernic-br0 xx2"
+su -l usernic-user -c "$LXC_USERNIC_PATH $p1 veth usernic-br0 xx2"
 if [ $? -ne 0 ]; then
 	echo "FAIL: unable to create first nic"
 	cleanup 1
 fi
-su -l usernic-user -c "lxc-user-nic $p1 veth usernic-br0 xx3"
+su -l usernic-user -c "$LXC_USERNIC_PATH $p1 veth usernic-br0 xx3"
 if [ $? -ne 0 ]; then
 	echo "FAIL: unable to create second nic"
 	cleanup 1
 fi
 
 # Assign one more veth, should fail.
-su -l usernic-user -c "lxc-user-nic $p1 veth usernic-br0 xx4"
+su -l usernic-user -c "$LXC_USERNIC_PATH $p1 veth usernic-br0 xx4"
 if [ $? -eq 0 ]; then
 	echo "FAIL: able to create third nic"
 	cleanup 1
@@ -115,7 +117,7 @@ fi
 su -l usernic-user -c "lxc-stop -P /tmp/usernic-test/lxcbase -n b1"
 su -l usernic-user -c "lxc-start -P /tmp/usernic-test/lxcbase -n b1 -d"
 p1=`lxc-info -P /tmp/usernic-test/lxcbase -n b1 -p | awk -F: '{ print $2 }'`
-su -l usernic-user -c "lxc-user-nic $p1 veth usernic-br0 xx5"
+su -l usernic-user -c "$LXC_USERNIC_PATH $p1 veth usernic-br0 xx5"
 if [ $? -ne 0 ]; then
 	echo "FAIL: unable to create nic after destroying the old"
 	cleanup 1
@@ -129,7 +131,7 @@ lxc-start -n usernic-c1 -d
 p2=`lxc-info -n usernic-c1 -p | awk -F: '{ print $2}'`
 
 # assign veth to it - should fail
-su -l usernic-user -c "lxc-user-nic $p2 veth usernic-br0 xx6"
+su -l usernic-user -c "$LXC_USERNIC_PATH $p2 veth usernic-br0 xx6"
 ret=$?
 lxc-stop -n usernic-c1
 lxc-destroy -n usernic-c1
-- 
1.8.5.3

More information about the lxc-devel mailing list