df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallynlxc: linux Container library
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn(C) Copyright Canonical Ltd. 2013
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge HallynSerge Hallyn <serge.hallyn@ubuntu.com>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge HallynThis library is free software; you can redistribute it and/or
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallynmodify it under the terms of the GNU Lesser General Public
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge HallynLicense as published by the Free Software Foundation; either
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallynversion 2.1 of the License, or (at your option) any later version.
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge HallynThis library is distributed in the hope that it will be useful,
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallynbut WITHOUT ANY WARRANTY; without even the implied warranty of
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge HallynMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge HallynLesser General Public License for more details.
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge HallynYou should have received a copy of the GNU Lesser General Public
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge HallynLicense along with this library; if not, write to the Free Software
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge HallynFoundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn<!ENTITY commonoptions SYSTEM "@builddir@/common_options.sgml">
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn<!ENTITY seealso SYSTEM "@builddir@/see_also.sgml">
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn <docinfo><date>@LXC_GENERATE_DATE@</date></docinfo>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn <refnamediv>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn <refpurpose>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn Create and attach a nic to another network namespace.
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn </refpurpose>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn </refnamediv>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn <refsynopsisdiv>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn <cmdsynopsis>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn <arg choice="req"><replaceable>pid</replaceable></arg>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn <arg choice="req"><replaceable>type</replaceable></arg>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn <arg choice="req"><replaceable>bridge</replaceable></arg>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn <arg choice="opt"><replaceable>nicname</replaceable></arg>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn </cmdsynopsis>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn </refsynopsisdiv>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn <command>lxc-user-nic</command> is a setuid-root program with which
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn unprivileged users may create network interfaces for use by a lxc container.
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn It will consult the configuration file <filename>@LXC_USERNIC_CONF@</filename>
e43157b4b2410a99096576dbdac831cf438133b7Dwight Engen to determine the number of interfaces which the calling user is allowed to
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn create, and which bridge he may attach them to. It tracks the
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn number of interfaces each user has created using the file
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn <filename>@LXC_USERNIC_DB@</filename>. It ensures that the calling
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn user is privileged over the network namespace to which the interface
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn will be attached.
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn <variablelist>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn <varlistentry>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn <option><replaceable>pid</replaceable></option>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn The process id for the task to whose network namespace the interface
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn should be attached.
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn </varlistentry>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn <varlistentry>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn <option><replaceable>type</replaceable></option>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn The network interface type to attach. Currently only veth is
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn supported. With this type, two interfaces representing each
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn tunnel endpoint are created. One endpoint will be attached
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn to the specified bridge, while the other will be passed into
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn the container.
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn </varlistentry>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn <varlistentry>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn <option><replaceable>bridge</replaceable></option>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn The bridge to which to attach the network interface, for
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn </varlistentry>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn <varlistentry>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn <option><replaceable>nicname</replaceable></option>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn The desired interface name in the container. This will be
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn </varlistentry>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn </variablelist>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn <citerefentry>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn <refentrytitle><command>lxc</command></refentrytitle>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn </citerefentry>,
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn <citerefentry>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn <refentrytitle><command>lxc-start</command></refentrytitle>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn </citerefentry>,
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn <citerefentry>
e43157b4b2410a99096576dbdac831cf438133b7Dwight Engen <refentrytitle><command>lxc-usernet</command></refentrytitle>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn </citerefentry>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn <para>Daniel Lezcano <email>daniel.lezcano@free.fr</email></para>
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallyn<!-- Keep this comment at the end of the file
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge HallynLocal variables:
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallynsgml-omittag:t
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallynsgml-shorttag:t
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallynsgml-minimize-attributes:nil
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallynsgml-always-quote-attributes:t
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallynsgml-indent-step:2
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallynsgml-indent-data:t
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallynsgml-parent-document:nil
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallynsgml-default-dtd-file:nil
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallynsgml-exposed-tags:nil
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallynsgml-local-catalogs:nil
df3415e02282317348bbd5f9ce66d03e1c81eeecSerge Hallynsgml-local-ecat-files:nil