[lxc-devel] [PATCH] Move lxc-user-nic and lxc-monitord to libexec

Serge Hallyn serge.hallyn at ubuntu.com
Tue Jan 21 04:25:15 UTC 2014 

Quoting Stéphane Graber (stgraber at ubuntu.com):
> Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>

(the snprintf wasn't really needed but we can yank that out later)

Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>

> ---
>  lxc.spec.in                |  2 +-
>  src/lxc/Makefile.am        | 35 +++++++++++++++++++----------------
>  src/lxc/conf.c             | 13 +++++++++++--
>  src/lxc/monitor.c          | 11 +++++++++--
>  src/tests/lxc-test-usernic | 16 +++++++++-------
>  5 files changed, 49 insertions(+), 28 deletions(-)
> 
> diff --git a/lxc.spec.in b/lxc.spec.in
> index c8ff08e..5e68df2 100644
> --- a/lxc.spec.in
> +++ b/lxc.spec.in
> @@ -124,7 +124,6 @@ rm -rf %{buildroot}
>  %files
>  %defattr(-,root,root)
>  %{_bindir}/*
> -%attr(4111,root,root) %{_bindir}/lxc-user-nic
>  %{_mandir}/man1/lxc*
>  %{_mandir}/man5/lxc*
>  %{_mandir}/man7/lxc*
> @@ -150,6 +149,7 @@ rm -rf %{buildroot}
>  %endif
>  %{_localstatedir}/*
>  %attr(4555,root,root) %{_libexecdir}/%{name}/lxc-init
> +%attr(4111,root,root) %{_libexecdir}/%{name}/lxc-user-nic
>  %if %{with_systemd}
>  %attr(555,root,root) %{_libexecdir}/%{name}/lxc-devsetup
>  %endif
> diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
> index 602447e..25cdf6d 100644
> --- a/src/lxc/Makefile.am
> +++ b/src/lxc/Makefile.am
> @@ -113,6 +113,7 @@ AM_CFLAGS=-I$(top_srcdir)/src \
>  	-DLXCPATH=\"$(LXCPATH)\" \
>  	-DLXC_GLOBAL_CONF=\"$(LXC_GLOBAL_CONF)\" \
>  	-DLXCINITDIR=\"$(LXCINITDIR)\" \
> +	-DLIBEXECDIR=\"$(LIBEXECDIR)\" \
>  	-DLXCTEMPLATEDIR=\"$(LXCTEMPLATEDIR)\" \
>  	-DLOGPATH=\"$(LOGPATH)\" \
>  	-DLXC_DEFAULT_CONFIG=\"$(LXC_DEFAULT_CONFIG)\" \
> @@ -181,28 +182,28 @@ endif
>  bin_PROGRAMS = \
>  	lxc-attach \
>  	lxc-autostart \
> -	lxc-unshare \
> -	lxc-stop \
> -	lxc-start \
> +	lxc-cgroup \
>  	lxc-clone \
> -	lxc-execute \
> -	lxc-monitor \
> -	lxc-monitord \
> -	lxc-wait \
> +	lxc-config \
>  	lxc-console \
> +	lxc-create \
> +	lxc-destroy \
> +	lxc-execute \
>  	lxc-freeze \
>  	lxc-info \
> -	lxc-cgroup \
> -	lxc-unfreeze \
> -	lxc-config \
> -	lxc-destroy \
> -	lxc-create \
> -	lxc-user-nic \
> +	lxc-monitor \
>  	lxc-snapshot \
> -	lxc-usernsexec
> +	lxc-start \
> +	lxc-stop \
> +	lxc-unfreeze \
> +	lxc-unshare \
> +	lxc-usernsexec \
> +	lxc-wait
>  
>  pkglibexec_PROGRAMS = \
> -	lxc-init
> +	lxc-init \
> +	lxc-monitord \
> +	lxc-user-nic
>  
>  AM_LDFLAGS = -Wl,-E
>  if ENABLE_RPATH
> @@ -245,7 +246,9 @@ install-exec-local: install-soPROGRAMS
>  	cd $(DESTDIR)$(libdir); \
>  	ln -sf liblxc.so.$(VERSION) liblxc.so.$(firstword $(subst ., ,$(VERSION))); \
>  	ln -sf liblxc.so.$(firstword $(subst ., ,$(VERSION))) liblxc.so
> -	chmod u+s $(DESTDIR)$(bindir)/lxc-user-nic
> +
> +install-exec-hook:
> +	chmod u+s $(DESTDIR)$(libexecdir)/lxc/lxc-user-nic
>  
>  uninstall-local:
>  	$(RM) $(DESTDIR)$(libdir)/liblxc.so*
> diff --git a/src/lxc/conf.c b/src/lxc/conf.c
> index 8ce783b..0eb9fc4 100644
> --- a/src/lxc/conf.c
> +++ b/src/lxc/conf.c
> @@ -2982,6 +2982,7 @@ void lxc_delete_network(struct lxc_handler *handler)
>  static int unpriv_assign_nic(struct lxc_netdev *netdev, pid_t pid)
>  {
>  	pid_t child;
> +	int ret;
>  
>  	if (netdev->type != LXC_NET_VETH) {
>  		ERROR("nic type %d not support for unprivileged use",
> @@ -2998,11 +2999,19 @@ static int unpriv_assign_nic(struct lxc_netdev *netdev, pid_t pid)
>  		return wait_for_pid(child);
>  
>  	// Call lxc-user-nic pid type bridge
> +	char lxc_usernic_path[PATH_MAX];
> +
> +	ret = snprintf(lxc_usernic_path, PATH_MAX, LIBEXECDIR "/lxc/lxc-user-nic");
> +	if (ret < 0 || ret >= PATH_MAX) {
> +		ERROR("pathname too long");
> +		return -1;
> +	}
> +
>  	char pidstr[20];
> -	char *args[] = { "lxc-user-nic", pidstr, "veth", netdev->link, netdev->name, NULL };
> +	char *args[] = {lxc_usernic_path, pidstr, "veth", netdev->link, netdev->name, NULL };
>  	snprintf(pidstr, 19, "%lu", (unsigned long) pid);
>  	pidstr[19] = '\0';
> -	execvp("lxc-user-nic", args);
> +	execvp(args[0], args);
>  	SYSERROR("execvp lxc-user-nic");
>  	exit(1);
>  }
> diff --git a/src/lxc/monitor.c b/src/lxc/monitor.c
> index 1fe1170..3473758 100644
> --- a/src/lxc/monitor.c
> +++ b/src/lxc/monitor.c
> @@ -276,11 +276,18 @@ int lxc_monitor_read(int fd, struct lxc_msg *msg)
>  int lxc_monitord_spawn(const char *lxcpath)
>  {
>  	pid_t pid1,pid2;
> -	int pipefd[2];
> +	int pipefd[2], ret;
>  	char pipefd_str[11];
> +	char monitord_path[PATH_MAX];
> +
> +	ret = snprintf(monitord_path, PATH_MAX, LIBEXECDIR "/lxc/lxc-monitord");
> +	if (ret < 0 || ret >= PATH_MAX) {
> +		ERROR("pathname too long");
> +		return -1;
> +	}
>  
>  	char * const args[] = {
> -		"lxc-monitord",
> +		monitord_path,
>  		(char *)lxcpath,
>  		pipefd_str,
>  		NULL,
> diff --git a/src/tests/lxc-test-usernic b/src/tests/lxc-test-usernic
> index 801419a..e641cb9 100755
> --- a/src/tests/lxc-test-usernic
> +++ b/src/tests/lxc-test-usernic
> @@ -68,13 +68,15 @@ brctl addbr usernic-br1
>  ifconfig usernic-br0 0.0.0.0 up
>  ifconfig usernic-br1 0.0.0.0 up
>  
> +LXC_USERNIC_PATH=$(ls -1 /usr/lib/*/lxc/lxc-user-nic | head -1)
> +
>  # Create three containers
>  su -l usernic-user -c "lxc-create -P /tmp/usernic-test/lxcbase -t busybox -n b1 -f /tmp/lxc-usernic.conf"
>  su -l usernic-user -c "lxc-start -P /tmp/usernic-test/lxcbase -n b1 -d"
>  p1=`lxc-info -P /tmp/usernic-test/lxcbase -n b1 -p | awk -F: '{ print $2 }'`
>  
>  # Assign one veth, should fail as no allowed entries yet
> -su -l usernic-user -c "lxc-user-nic $p1 veth usernic-br0 xx1"
> +su -l usernic-user -c "$LXC_USERNIC_PATH $p1 veth usernic-br0 xx1"
>  if [ $? -eq 0 ]; then
>  	echo "FAIL: able to create nic with no entries"
>  	cleanup 1
> @@ -86,26 +88,26 @@ sed -i '/^lxc-usernet/d' /etc/lxc/lxc-usernet
>  echo "lxc-usernet veth usernic-br0 2" >> /etc/lxc/lxc-usernet
>  
>  # Assign one veth to second bridge, should fail
> -su -l usernic-user -c "lxc-user-nic $p1 veth usernic-br1 xx1"
> +su -l usernic-user -c "$LXC_USERNIC_PATH $p1 veth usernic-br1 xx1"
>  if [ $? -eq 0 ]; then
>  	echo "FAIL: able to create nic with no entries"
>  	cleanup 1
>  fi
>  
>  # Assign two veths, should succeed
> -su -l usernic-user -c "lxc-user-nic $p1 veth usernic-br0 xx2"
> +su -l usernic-user -c "$LXC_USERNIC_PATH $p1 veth usernic-br0 xx2"
>  if [ $? -ne 0 ]; then
>  	echo "FAIL: unable to create first nic"
>  	cleanup 1
>  fi
> -su -l usernic-user -c "lxc-user-nic $p1 veth usernic-br0 xx3"
> +su -l usernic-user -c "$LXC_USERNIC_PATH $p1 veth usernic-br0 xx3"
>  if [ $? -ne 0 ]; then
>  	echo "FAIL: unable to create second nic"
>  	cleanup 1
>  fi
>  
>  # Assign one more veth, should fail.
> -su -l usernic-user -c "lxc-user-nic $p1 veth usernic-br0 xx4"
> +su -l usernic-user -c "$LXC_USERNIC_PATH $p1 veth usernic-br0 xx4"
>  if [ $? -eq 0 ]; then
>  	echo "FAIL: able to create third nic"
>  	cleanup 1
> @@ -115,7 +117,7 @@ fi
>  su -l usernic-user -c "lxc-stop -P /tmp/usernic-test/lxcbase -n b1"
>  su -l usernic-user -c "lxc-start -P /tmp/usernic-test/lxcbase -n b1 -d"
>  p1=`lxc-info -P /tmp/usernic-test/lxcbase -n b1 -p | awk -F: '{ print $2 }'`
> -su -l usernic-user -c "lxc-user-nic $p1 veth usernic-br0 xx5"
> +su -l usernic-user -c "$LXC_USERNIC_PATH $p1 veth usernic-br0 xx5"
>  if [ $? -ne 0 ]; then
>  	echo "FAIL: unable to create nic after destroying the old"
>  	cleanup 1
> @@ -129,7 +131,7 @@ lxc-start -n usernic-c1 -d
>  p2=`lxc-info -n usernic-c1 -p | awk -F: '{ print $2}'`
>  
>  # assign veth to it - should fail
> -su -l usernic-user -c "lxc-user-nic $p2 veth usernic-br0 xx6"
> +su -l usernic-user -c "$LXC_USERNIC_PATH $p2 veth usernic-br0 xx6"
>  ret=$?
>  lxc-stop -n usernic-c1
>  lxc-destroy -n usernic-c1
> -- 
> 1.8.5.3
> 
> _______________________________________________
> lxc-devel mailing list
> lxc-devel at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-devel

More information about the lxc-devel mailing list