[lxc-devel] [lxc/master] add namespace api
2xsec on Github
lxc-bot at linuxcontainers.org
Fri Jul 6 16:25:41 UTC 2018
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 451 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20180706/36ef3977/attachment.bin>
-------------- next part --------------
From 42067d1852eb1e644d6110f46995fa180911f0d3 Mon Sep 17 00:00:00 2001
From: 2xsec <dh48.jeong at samsung.com>
Date: Sat, 7 Jul 2018 01:10:10 +0900
Subject: [PATCH 1/3] namespace: add api to convert namespaces to standard
identifiers
Signed-off-by: 2xsec <dh48.jeong at samsung.com>
---
src/lxc/namespace.c | 34 ++++++++++++++++++++++++++++++++++
src/lxc/namespace.h | 1 +
2 files changed, 35 insertions(+)
diff --git a/src/lxc/namespace.c b/src/lxc/namespace.c
index 2459c9d2e..b6e3938b1 100644
--- a/src/lxc/namespace.c
+++ b/src/lxc/namespace.c
@@ -193,6 +193,40 @@ int lxc_namespace_2_ns_idx(const char *namespace)
return -EINVAL;
}
+extern int lxc_namespace_2_std_identifiers(char *namespaces)
+{
+ char **it;
+ char *del;
+
+ /* The identifiers for namespaces used with lxc-attach and lxc-unshare
+ * as given on the manpage do not align with the standard identifiers.
+ * This affects network, mount, and uts namespaces. The standard identifiers
+ * are: "mnt", "uts", and "net" whereas lxc-attach and lxc-unshare uses
+ * "MOUNT", "UTSNAME", and "NETWORK". So let's use some cheap memmove()s
+ * to replace them by their standard identifiers.
+ * Let's illustrate this with an example:
+ * Assume the string:
+ *
+ * "IPC|MOUNT|PID"
+ *
+ * then we memmove()
+ *
+ * dest: del + 1 == OUNT|PID
+ * src: del + 3 == NT|PID
+ */
+ if (!namespaces)
+ return -1;
+
+ while ((del = strstr(namespaces, "MOUNT")))
+ memmove(del + 1, del + 3, strlen(del) - 2);
+
+ for (it = (char *[]){"NETWORK", "UTSNAME", NULL}; it && *it; it++)
+ while ((del = strstr(namespaces, *it)))
+ memmove(del + 3, del + 7, strlen(del) - 6);
+
+ return 0;
+}
+
int lxc_fill_namespace_flags(char *flaglist, int *flags)
{
char *token, *saveptr = NULL;
diff --git a/src/lxc/namespace.h b/src/lxc/namespace.h
index 4bfe9c4f5..1341af0e6 100644
--- a/src/lxc/namespace.h
+++ b/src/lxc/namespace.h
@@ -181,6 +181,7 @@ extern pid_t lxc_raw_clone_cb(int (*fn)(void *), void *args,
extern int lxc_namespace_2_cloneflag(const char *namespace);
extern int lxc_namespace_2_ns_idx(const char *namespace);
+extern int lxc_namespace_2_std_identifiers(char *namespaces);
extern int lxc_fill_namespace_flags(char *flaglist, int *flags);
/**
From 2d33090fba4892ace20390811e0f5f6c91d90470 Mon Sep 17 00:00:00 2001
From: 2xsec <dh48.jeong at samsung.com>
Date: Sat, 7 Jul 2018 01:16:41 +0900
Subject: [PATCH 2/3] tools: lxc-attach: replace converting standard
identifiers of namespaces to api
Signed-off-by: 2xsec <dh48.jeong at samsung.com>
---
src/lxc/tools/lxc_attach.c | 27 +++------------------------
1 file changed, 3 insertions(+), 24 deletions(-)
diff --git a/src/lxc/tools/lxc_attach.c b/src/lxc/tools/lxc_attach.c
index 6729a1e1e..d33d9c440 100644
--- a/src/lxc/tools/lxc_attach.c
+++ b/src/lxc/tools/lxc_attach.c
@@ -100,8 +100,6 @@ static int add_to_simple_array(char ***array, ssize_t *capacity, char *value)
static int my_parser(struct lxc_arguments *args, int c, char *arg)
{
- char **it;
- char *del;
int ret;
switch (c) {
@@ -121,32 +119,13 @@ static int my_parser(struct lxc_arguments *args, int c, char *arg)
case 's':
namespace_flags = 0;
- /* The identifiers for namespaces used with lxc-attach as given
- * on the manpage do not align with the standard identifiers.
- * This affects network, mount, and uts namespaces. The standard
- * identifiers are: "mnt", "uts", and "net" whereas lxc-attach
- * uses "MOUNT", "UTSNAME", and "NETWORK". So let's use some
- * cheap memmove()s to replace them by their standard
- * identifiers. Let's illustrate this with an example:
- * Assume the string:
- *
- * "IPC|MOUNT|PID"
- *
- * then we memmove()
- *
- * dest: del + 1 == OUNT|PID
- * src: del + 3 == NT|PID
- */
- while ((del = strstr(arg, "MOUNT")))
- memmove(del + 1, del + 3, strlen(del) - 2);
-
- for (it = (char *[]){"NETWORK", "UTSNAME", NULL}; it && *it; it++)
- while ((del = strstr(arg, *it)))
- memmove(del + 3, del + 7, strlen(del) - 6);
+ if (lxc_namespace_2_std_identifiers(arg) < 0)
+ return -1;
ret = lxc_fill_namespace_flags(arg, &namespace_flags);
if (ret)
return -1;
+
/* -s implies -e */
lxc_fill_elevated_privileges(NULL, &elevated_privileges);
break;
From d1673d632f83a7fa41b42c15e08bd863ecd8628b Mon Sep 17 00:00:00 2001
From: 2xsec <dh48.jeong at samsung.com>
Date: Sat, 7 Jul 2018 01:20:53 +0900
Subject: [PATCH 3/3] tools: lxc-unshare: replace converting standard
identifiers of namespaces to api
Signed-off-by: 2xsec <dh48.jeong at samsung.com>
---
src/lxc/tools/lxc_unshare.c | 27 ++-------------------------
1 file changed, 2 insertions(+), 25 deletions(-)
diff --git a/src/lxc/tools/lxc_unshare.c b/src/lxc/tools/lxc_unshare.c
index b9745ef0e..669186ec1 100644
--- a/src/lxc/tools/lxc_unshare.c
+++ b/src/lxc/tools/lxc_unshare.c
@@ -244,8 +244,7 @@ static int write_id_mapping(pid_t pid, const char *buf, size_t buf_size)
int main(int argc, char *argv[])
{
- char *del;
- char **it, **args;
+ char **args;
int opt;
int ret;
char *namespaces = NULL;
@@ -308,31 +307,9 @@ int main(int argc, char *argv[])
if (ret)
exit(EXIT_FAILURE);
- /* The identifiers for namespaces used with lxc-unshare as given on the
- * manpage do not align with the standard identifiers. This affects
- * network, mount, and uts namespaces. The standard identifiers are:
- * "mnt", "uts", and "net" whereas lxc-unshare uses "MOUNT", "UTSNAME",
- * and "NETWORK". So let's use some cheap memmove()s to replace them by
- * their standard identifiers. Let's illustrate this with an example:
- * Assume the string:
- *
- * "IPC|MOUNT|PID"
- *
- * then we memmove()
- *
- * dest: del + 1 == OUNT|PID
- * src: del + 3 == NT|PID
- */
- if (!namespaces)
+ if (lxc_namespace_2_std_identifiers(namespaces) < 0)
usage(argv[0]);
- while ((del = strstr(namespaces, "MOUNT")))
- memmove(del + 1, del + 3, strlen(del) - 2);
-
- for (it = (char *[]){"NETWORK", "UTSNAME", NULL}; it && *it; it++)
- while ((del = strstr(namespaces, *it)))
- memmove(del + 3, del + 7, strlen(del) - 6);
-
ret = lxc_fill_namespace_flags(namespaces, &flags);
if (ret)
usage(argv[0]);
More information about the lxc-devel
mailing list