[lxc-devel] [PATCH 8/9] utils: move useful helper functions from lxccontainer to utils.
Dongsheng Yang
yangds.fnst at cn.fujitsu.com
Tue Sep 16 10:47:40 UTC 2014
Function of enter_to_ns() is useful but currently is static for
lxccontainer.c.
This patch split it into two parts named as switch_to_newuser()
and switch_to_newnet() into utils.c.
Signed-off-by: Dongsheng Yang <yangds.fnst at cn.fujitsu.com>
---
src/lxc/lxccontainer.c | 53 ++++++------------------------------------------
src/lxc/utils.c | 55 ++++++++++++++++++++++++++++++++++++++++++++++++++
src/lxc/utils.h | 2 ++
3 files changed, 63 insertions(+), 47 deletions(-)
diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index 483082a..3c5da37 100644
--- a/src/lxc/lxccontainer.c
+++ b/src/lxc/lxccontainer.c
@@ -1479,56 +1479,15 @@ static bool lxcapi_clear_config_item(struct lxc_container *c, const char *key)
return ret == 0;
}
-static inline bool enter_to_ns(struct lxc_container *c) {
- int netns, userns, ret = 0, init_pid = 0;;
- char new_netns_path[MAXPATHLEN];
- char new_userns_path[MAXPATHLEN];
-
- if (!c->is_running(c))
- goto out;
-
- init_pid = c->init_pid(c);
+static inline bool enter_to_ns(struct lxc_container *c)
+{
+ pid_t pid = c->init_pid(c);
- /* Switch to new userns */
if ((geteuid() != 0 || (c->lxc_conf && !lxc_list_empty(&c->lxc_conf->id_map))) && access("/proc/self/ns/user", F_OK) == 0) {
- ret = snprintf(new_userns_path, MAXPATHLEN, "/proc/%d/ns/user", init_pid);
- if (ret < 0 || ret >= MAXPATHLEN)
- goto out;
-
- userns = open(new_userns_path, O_RDONLY);
- if (userns < 0) {
- SYSERROR("failed to open %s", new_userns_path);
- goto out;
- }
-
- if (setns(userns, CLONE_NEWUSER)) {
- SYSERROR("failed to setns for CLONE_NEWUSER");
- close(userns);
- goto out;
- }
- close(userns);
+ switch_to_newuser(pid);
}
-
- /* Switch to new netns */
- ret = snprintf(new_netns_path, MAXPATHLEN, "/proc/%d/ns/net", init_pid);
- if (ret < 0 || ret >= MAXPATHLEN)
- goto out;
-
- netns = open(new_netns_path, O_RDONLY);
- if (netns < 0) {
- SYSERROR("failed to open %s", new_netns_path);
- goto out;
- }
-
- if (setns(netns, CLONE_NEWNET)) {
- SYSERROR("failed to setns for CLONE_NEWNET");
- close(netns);
- goto out;
- }
- close(netns);
- return true;
-out:
- return false;
+
+ return switch_to_newnet(pid);
}
// used by qsort and bsearch functions for comparing names
diff --git a/src/lxc/utils.c b/src/lxc/utils.c
index ed34706..fc9c6b2 100644
--- a/src/lxc/utils.c
+++ b/src/lxc/utils.c
@@ -43,6 +43,7 @@
#include "utils.h"
#include "log.h"
#include "lxclock.h"
+#include "namespace.h"
lxc_log_define(lxc_utils, lxc);
@@ -1260,6 +1261,60 @@ int detect_shared_rootfs(void)
return 0;
}
+bool switch_to_newuser(pid_t pid)
+{
+ int userns, ret = 0;
+ char new_userns_path[MAXPATHLEN];
+
+ ret = snprintf(new_userns_path, MAXPATHLEN, "/proc/%d/ns/user", pid);
+ if (ret < 0 || ret >= MAXPATHLEN)
+ goto out;
+
+ userns = open(new_userns_path, O_RDONLY);
+ if (userns < 0) {
+ SYSERROR("failed to open %s", new_userns_path);
+ goto out;
+ }
+
+ if (setns(userns, CLONE_NEWUSER)) {
+ SYSERROR("failed to setns for CLONE_NEWUSER");
+ close(userns);
+ goto out;
+ }
+ close(userns);
+
+ return true;
+out:
+ return false;
+
+}
+
+bool switch_to_newnet(pid_t pid) {
+ int netns, ret = 0;
+ char new_netns_path[MAXPATHLEN];
+
+ /* Switch to new netns */
+ ret = snprintf(new_netns_path, MAXPATHLEN, "/proc/%d/ns/net", pid);
+ if (ret < 0 || ret >= MAXPATHLEN)
+ goto out;
+
+ netns = open(new_netns_path, O_RDONLY);
+ if (netns < 0) {
+ SYSERROR("failed to open %s", new_netns_path);
+ goto out;
+ }
+
+ if (setns(netns, CLONE_NEWNET)) {
+ SYSERROR("failed to setns for CLONE_NEWNET");
+ close(netns);
+ goto out;
+ }
+ close(netns);
+ return true;
+out:
+ return false;
+}
+
/*
* looking at fs/proc_namespace.c, it appears we can
* actually expect the rootfs entry to very specifically contain
diff --git a/src/lxc/utils.h b/src/lxc/utils.h
index cdfe56a..6a92dbf 100644
--- a/src/lxc/utils.h
+++ b/src/lxc/utils.h
@@ -283,3 +283,5 @@ char *on_path(char *cmd, const char *rootfs);
bool file_exists(const char *f);
char *choose_init(const char *rootfs);
int print_to_file(const char *file, const char *content);
+bool switch_to_newuser(pid_t pid);
+bool switch_to_newnet(pid_t pid);
--
1.8.4.2
More information about the lxc-devel
mailing list