lxccontainer.c revision ae5c8b8ed5feb9a47c5007c986ce01ea39b5075f
132N/A/* liblxcapi
132N/A *
132N/A * Copyright © 2012 Serge Hallyn <serge.hallyn@ubuntu.com>.
132N/A * Copyright © 2012 Canonical Ltd.
132N/A *
132N/A * This program is free software; you can redistribute it and/or modify
132N/A * it under the terms of the GNU General Public License version 2, as
132N/A * published by the Free Software Foundation.
132N/A *
132N/A * This program is distributed in the hope that it will be useful,
132N/A * but WITHOUT ANY WARRANTY; without even the implied warranty of
132N/A * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
132N/A * GNU General Public License for more details.
132N/A *
132N/A * You should have received a copy of the GNU General Public License along
132N/A * with this program; if not, write to the Free Software Foundation, Inc.,
132N/A * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
132N/A */
132N/A
132N/A#include "lxc.h"
1149N/A#include "state.h"
132N/A#include "lxccontainer.h"
132N/A#include "conf.h"
215N/A#include "config.h"
132N/A#include "confile.h"
1215N/A#include "cgroup.h"
1215N/A#include "commands.h"
1318N/A#include "log.h"
1176N/A#include <unistd.h>
132N/A#include <sys/types.h>
132N/A#include <sys/wait.h>
132N/A#include <errno.h>
132N/A#include <lxc/utils.h>
132N/A
132N/Alxc_log_define(lxc_container, lxc);
132N/A
132N/A/* LOCKING
132N/A * c->privlock protects the struct lxc_container from multiple threads.
132N/A * c->slock protects the on-disk container data
132N/A * NOTHING mutexes two independent programs with their own struct
132N/A * lxc_container for the same c->name, between API calls. For instance,
132N/A * c->config_read(); c->start(); Between those calls, data on disk
132N/A * could change (which shouldn't bother the caller unless for instance
132N/A * the rootfs get moved). c->config_read(); update; c->config_write();
132N/A * Two such updaters could race. The callers should therefore check their
132N/A * results. Trying to prevent that would necessarily expose us to deadlocks
132N/A * due to hung callers. So I prefer to keep the locks only within our own
132N/A * functions, not across functions.
132N/A *
132N/A * If you're going to fork while holding a lxccontainer, increment
132N/A * c->numthreads (under privlock) before forking. When deleting,
132N/A * decrement numthreads under privlock, then if it hits 0 you can delete.
132N/A * Do not ever use a lxccontainer whose numthreads you did not bump.
132N/A */
132N/A
132N/Astatic void lxc_container_free(struct lxc_container *c)
132N/A{
132N/A if (!c)
132N/A return;
132N/A
132N/A if (c->configfile) {
132N/A free(c->configfile);
132N/A c->configfile = NULL;
132N/A }
132N/A if (c->error_string) {
132N/A free(c->error_string);
132N/A c->error_string = NULL;
132N/A }
132N/A if (c->slock) {
132N/A sem_close(c->slock);
132N/A c->slock = NULL;
132N/A }
132N/A if (c->privlock) {
132N/A sem_destroy(c->privlock);
132N/A free(c->privlock);
132N/A c->privlock = NULL;
132N/A }
132N/A if (c->name) {
132N/A free(c->name);
132N/A c->name = NULL;
132N/A }
132N/A if (c->lxc_conf) {
132N/A lxc_conf_free(c->lxc_conf);
132N/A c->lxc_conf = NULL;
132N/A }
132N/A if (c->config_path) {
132N/A free(c->config_path);
132N/A c->config_path = NULL;
132N/A }
132N/A free(c);
132N/A}
132N/A
219N/Aint lxc_container_get(struct lxc_container *c)
1318N/A{
220N/A if (!c)
1176N/A return 0;
1176N/A
341N/A if (lxclock(c->privlock, 0))
341N/A return 0;
379N/A if (c->numthreads < 1) {
411N/A // bail without trying to unlock, bc the privlock is now probably
487N/A // in freed memory
706N/A return 0;
706N/A }
706N/A c->numthreads++;
741N/A lxcunlock(c->privlock);
741N/A return 1;
706N/A}
706N/A
736N/Aint lxc_container_put(struct lxc_container *c)
487N/A{
704N/A if (!c)
487N/A return -1;
704N/A if (lxclock(c->privlock, 0))
1215N/A return -1;
1215N/A if (--c->numthreads < 1) {
487N/A lxcunlock(c->privlock);
487N/A lxc_container_free(c);
320N/A return 1;
336N/A }
336N/A lxcunlock(c->privlock);
336N/A return 0;
1215N/A}
1215N/A
1369N/Astatic bool file_exists(char *f)
336N/A{
336N/A struct stat statbuf;
336N/A
341N/A return stat(f, &statbuf) == 0;
487N/A}
336N/A
336N/Astatic bool lxcapi_is_defined(struct lxc_container *c)
336N/A{
379N/A struct stat statbuf;
379N/A bool ret = false;
487N/A int statret;
379N/A
379N/A if (!c)
411N/A return false;
411N/A
487N/A if (lxclock(c->privlock, 0))
411N/A return false;
411N/A if (!c->configfile)
411N/A goto out;
320N/A statret = stat(c->configfile, &statbuf);
336N/A if (statret != 0)
320N/A goto out;
336N/A ret = true;
1031N/A
1031N/Aout:
132N/A lxcunlock(c->privlock);
949N/A return ret;
1215N/A}
949N/A
949N/Astatic const char *lxcapi_state(struct lxc_container *c)
949N/A{
949N/A const char *ret;
949N/A lxc_state_t s;
949N/A
949N/A if (!c)
949N/A return NULL;
1272N/A if (lxclock(c->slock, 0))
1272N/A return NULL;
1028N/A s = lxc_getstate(c->name, c->config_path);
1028N/A ret = lxc_state2str(s);
1072N/A lxcunlock(c->slock);
1072N/A
1215N/A return ret;
1215N/A}
949N/A
949N/Astatic bool is_stopped_nolock(struct lxc_container *c)
949N/A{
949N/A lxc_state_t s;
949N/A s = lxc_getstate(c->name, c->config_path);
949N/A return (s == STOPPED);
949N/A}
1375N/A
949N/Astatic bool lxcapi_is_running(struct lxc_container *c)
1375N/A{
949N/A const char *s;
949N/A
949N/A if (!c)
949N/A return false;
1256N/A s = lxcapi_state(c);
1256N/A if (!s || strcmp(s, "STOPPED") == 0)
1275N/A return false;
1275N/A return true;
949N/A}
949N/A
132N/Astatic bool lxcapi_freeze(struct lxc_container *c)
132N/A{
230N/A int ret;
989N/A if (!c)
989N/A return false;
989N/A
989N/A if (lxclock(c->slock, 0))
989N/A return false;
989N/A ret = lxc_freeze(c->name, c->config_path);
230N/A lxcunlock(c->slock);
230N/A if (ret)
230N/A return false;
935N/A return true;
935N/A}
230N/A
230N/Astatic bool lxcapi_unfreeze(struct lxc_container *c)
230N/A{
989N/A int ret;
989N/A if (!c)
989N/A return false;
989N/A
1215N/A if (lxclock(c->slock, 0))
989N/A return false;
989N/A ret = lxc_unfreeze(c->name, c->config_path);
989N/A lxcunlock(c->slock);
989N/A if (ret)
989N/A return false;
989N/A return true;
989N/A}
989N/A
989N/Astatic pid_t lxcapi_init_pid(struct lxc_container *c)
1215N/A{
1215N/A pid_t ret;
1215N/A if (!c)
989N/A return -1;
989N/A
1215N/A if (lxclock(c->slock, 0))
989N/A return -1;
989N/A ret = get_init_pid(c->name, c->config_path);
989N/A lxcunlock(c->slock);
989N/A return ret;
230N/A}
230N/A
230N/Astatic bool load_config_locked(struct lxc_container *c, const char *fname)
230N/A{
230N/A if (!c->lxc_conf)
230N/A c->lxc_conf = lxc_conf_init();
230N/A if (c->lxc_conf && !lxc_config_read(fname, c->lxc_conf))
230N/A return true;
301N/A return false;
1318N/A}
1323N/A
1323N/Astatic bool lxcapi_load_config(struct lxc_container *c, const char *alt_file)
132N/A{
949N/A bool ret = false;
213N/A const char *fname;
301N/A if (!c)
741N/A return false;
132N/A
1318N/A fname = c->configfile;
1318N/A if (alt_file)
1318N/A fname = alt_file;
1318N/A if (!fname)
1318N/A return false;
132N/A if (lxclock(c->slock, 0))
211N/A return false;
213N/A ret = load_config_locked(c, fname);
213N/A lxcunlock(c->slock);
213N/A return ret;
213N/A}
213N/A
1215N/Astatic void lxcapi_want_daemonize(struct lxc_container *c)
213N/A{
213N/A if (!c)
487N/A return;
213N/A c->daemonize = 1;
213N/A}
213N/A
213N/Astatic bool lxcapi_wait(struct lxc_container *c, const char *state, int timeout)
213N/A{
213N/A int ret;
1215N/A
1215N/A if (!c)
1215N/A return false;
1215N/A
1215N/A ret = lxc_wait(c->name, state, timeout, c->config_path);
1215N/A return ret == 0;
1215N/A}
1323N/A
1323N/A
213N/Astatic bool wait_on_daemonized_start(struct lxc_container *c)
213N/A{
213N/A /* we'll probably want to make this timeout configurable? */
213N/A int timeout = 5, ret, status;
1215N/A
1215N/A /*
845N/A * our child is going to fork again, then exit. reap the
1215N/A * child
213N/A */
213N/A ret = wait(&status);
230N/A if (ret == -1 || !WIFEXITED(status) || WEXITSTATUS(status) != 0)
213N/A DEBUG("failed waiting for first dual-fork child");
213N/A return lxcapi_wait(c, "RUNNING", timeout);
211N/A}
211N/A
211N/A/*
211N/A * I can't decide if it'd be more convenient for callers if we accept '...',
211N/A * or a null-terminated array (i.e. execl vs execv)
1215N/A */
1215N/Astatic bool lxcapi_start(struct lxc_container *c, int useinit, char * const argv[])
1215N/A{
1215N/A int ret;
1215N/A struct lxc_conf *conf;
1215N/A int daemonize = 0;
211N/A char *default_args[] = {
1318N/A "/sbin/init",
1318N/A '\0',
1318N/A };
1318N/A
1318N/A /* container exists */
1318N/A if (!c)
1318N/A return false;
1318N/A /* container has been setup */
1318N/A if (!c->lxc_conf)
1318N/A return false;
1318N/A
1318N/A /* is this app meant to be run through lxcinit, as in lxc-execute? */
1318N/A if (useinit && !argv)
1318N/A return false;
1318N/A
1318N/A if (lxclock(c->privlock, 0))
1318N/A return false;
1369N/A conf = c->lxc_conf;
1318N/A daemonize = c->daemonize;
1318N/A lxcunlock(c->privlock);
1318N/A
1318N/A if (useinit) {
1318N/A ret = lxc_execute(c->name, argv, 1, conf, c->config_path);
1318N/A return ret == 0 ? true : false;
1318N/A }
1319N/A
1318N/A if (!argv)
1319N/A argv = default_args;
1318N/A
132N/A /*
211N/A * say, I'm not sure - what locks do we want here? Any?
1215N/A * Is liblxc's locking enough here to protect the on disk
950N/A * container? We don't want to exclude things like lxc_info
144N/A * while container is running...
453N/A */
144N/A if (daemonize) {
260N/A if (!lxc_container_get(c))
260N/A return false;
260N/A pid_t pid = fork();
260N/A if (pid < 0) {
260N/A lxc_container_put(c);
260N/A return false;
260N/A }
260N/A if (pid != 0)
144N/A return wait_on_daemonized_start(c);
219N/A /* second fork to be reparented by init */
219N/A pid = fork();
1215N/A if (pid < 0) {
1215N/A SYSERROR("Error doing dual-fork");
1215N/A return false;
1215N/A }
1215N/A if (pid != 0)
1215N/A exit(0);
219N/A /* like daemon(), chdir to / and redirect 0,1,2 to /dev/null */
220N/A if (chdir("/")) {
220N/A SYSERROR("Error chdir()ing to /.");
1215N/A return false;
220N/A }
1215N/A close(0);
1215N/A close(1);
1215N/A close(2);
1215N/A open("/dev/null", O_RDONLY);
1215N/A open("/dev/null", O_RDWR);
1215N/A open("/dev/null", O_RDWR);
1215N/A setsid();
1215N/A }
1215N/A
1215N/Areboot:
1215N/A conf->reboot = 0;
1215N/A ret = lxc_start(c->name, argv, conf, c->config_path);
1215N/A
1215N/A if (conf->reboot) {
1215N/A INFO("container requested reboot");
1215N/A conf->reboot = 0;
1215N/A goto reboot;
1215N/A }
1215N/A
1215N/A if (daemonize) {
1215N/A lxc_container_put(c);
1215N/A exit (ret == 0 ? true : false);
1215N/A } else {
1215N/A return (ret == 0 ? true : false);
220N/A }
220N/A}
221N/A
1215N/A/*
1215N/A * note there MUST be an ending NULL
1215N/A */
1215N/Astatic bool lxcapi_startl(struct lxc_container *c, int useinit, ...)
1215N/A{
981N/A va_list ap;
981N/A char **inargs = NULL, **temp;
1215N/A int n_inargs = 0;
1215N/A bool bret = false;
221N/A
295N/A /* container exists */
336N/A if (!c)
336N/A return false;
336N/A
336N/A /* build array of arguments if any */
341N/A va_start(ap, useinit);
336N/A while (1) {
336N/A char *arg;
336N/A arg = va_arg(ap, char *);
336N/A if (!arg)
341N/A break;
336N/A n_inargs++;
336N/A temp = realloc(inargs, n_inargs * sizeof(*inargs));
879N/A if (!temp)
336N/A goto out;
341N/A inargs = temp;
341N/A inargs[n_inargs - 1] = strdup(arg); // not sure if it's safe not to copy
336N/A }
336N/A va_end(ap);
295N/A
341N/A /* add trailing NULL */
295N/A if (n_inargs) {
295N/A n_inargs++;
295N/A temp = realloc(inargs, n_inargs * sizeof(*inargs));
295N/A if (!temp)
295N/A goto out;
295N/A inargs = temp;
295N/A inargs[n_inargs - 1] = NULL;
295N/A }
295N/A
301N/A bret = lxcapi_start(c, useinit, inargs);
879N/A
339N/Aout:
341N/A if (inargs) {
341N/A int i;
339N/A for (i = 0; i < n_inargs; i++) {
339N/A if (inargs[i])
339N/A free(inargs[i]);
341N/A }
339N/A free(inargs);
339N/A }
339N/A
339N/A return bret;
339N/A}
339N/A
339N/Astatic bool lxcapi_stop(struct lxc_container *c)
339N/A{
339N/A int ret;
379N/A
379N/A if (!c)
379N/A return false;
379N/A
379N/A ret = lxc_stop(c->name, c->config_path);
379N/A
411N/A return ret == 0;
379N/A}
379N/A
379N/Astatic bool valid_template(char *t)
386N/A{
379N/A struct stat statbuf;
1024N/A int statret;
379N/A
379N/A statret = stat(t, &statbuf);
379N/A if (statret == 0)
379N/A return true;
411N/A return false;
411N/A}
411N/A
411N/A/*
411N/A * create the standard expected container dir
411N/A */
411N/Astatic bool create_container_dir(struct lxc_container *c)
411N/A{
411N/A char *s;
411N/A int len, ret;
411N/A
411N/A len = strlen(c->config_path) + strlen(c->name) + 2;
411N/A s = malloc(len);
1374N/A if (!s)
411N/A return false;
411N/A ret = snprintf(s, len, "%s/%s", c->config_path, c->name);
411N/A if (ret < 0 || ret >= len) {
1374N/A free(s);
1374N/A return false;
411N/A }
411N/A ret = mkdir(s, 0755);
411N/A if (ret) {
1072N/A if (errno == EEXIST)
1072N/A ret = 0;
1072N/A else
411N/A SYSERROR("failed to create container path for %s\n", c->name);
463N/A }
411N/A free(s);
339N/A return ret == 0;
996N/A}
1215N/A
996N/A/*
996N/A * backing stores not (yet) supported
1215N/A * for ->create, argv contains the arguments to pass to the template,
1215N/A * terminated by NULL. If no arguments, you can just pass NULL.
1215N/A */
1215N/Astatic bool lxcapi_create(struct lxc_container *c, char *t, char *const argv[])
1215N/A{
1215N/A bool bret = false;
1215N/A pid_t pid;
1215N/A int ret, status;
1215N/A char *tpath = NULL;
1215N/A int len, nargs = 0;
996N/A char **newargv;
996N/A
996N/A if (!c)
1215N/A return false;
996N/A
996N/A len = strlen(LXCTEMPLATEDIR) + strlen(t) + strlen("/lxc-") + 1;
1215N/A tpath = malloc(len);
1215N/A if (!tpath)
1215N/A return false;
1215N/A ret = snprintf(tpath, len, "%s/lxc-%s", LXCTEMPLATEDIR, t);
1215N/A if (ret < 0 || ret >= len)
1215N/A goto out;
1215N/A if (!valid_template(tpath)) {
1215N/A ERROR("bad template: %s\n", t);
1215N/A goto out;
1215N/A }
996N/A
996N/A if (!create_container_dir(c))
336N/A goto out;
381N/A
336N/A if (!c->save_config(c, NULL)) {
336N/A ERROR("failed to save starting configuration for %s\n", c->name);
336N/A goto out;
336N/A }
336N/A
336N/A /* we're going to fork. but since we'll wait for our child, we
336N/A don't need to lxc_container_get */
336N/A
336N/A if (lxclock(c->slock, 0)) {
336N/A ERROR("failed to grab global container lock for %s\n", c->name);
336N/A goto out;
301N/A }
301N/A
301N/A pid = fork();
301N/A if (pid < 0) {
301N/A SYSERROR("failed to fork task for container creation template\n");
301N/A goto out_unlock;
301N/A }
301N/A
301N/A if (pid == 0) { // child
301N/A char *patharg, *namearg;
691N/A int i;
301N/A
301N/A close(0);
301N/A close(1);
301N/A close(2);
301N/A open("/dev/null", O_RDONLY);
301N/A open("/dev/null", O_RDWR);
448N/A open("/dev/null", O_RDWR);
446N/A
448N/A /*
500N/A * create our new array, pre-pend the template name and
736N/A * base args
706N/A */
706N/A if (argv)
807N/A for (; argv[nargs]; nargs++) ;
1215N/A nargs += 3; // template, path and name args
455N/A newargv = malloc(nargs * sizeof(*newargv));
706N/A if (!newargv)
706N/A exit(1);
455N/A newargv[0] = t;
706N/A
455N/A len = strlen(c->config_path) + strlen(c->name) + strlen("--path=") + 2;
480N/A patharg = malloc(len);
706N/A if (!patharg)
480N/A exit(1);
480N/A ret = snprintf(patharg, len, "--path=%s/%s", c->config_path, c->name);
455N/A if (ret < 0 || ret >= len)
706N/A exit(1);
455N/A newargv[1] = patharg;
480N/A len = strlen("--name=") + strlen(c->name) + 1;
480N/A namearg = malloc(len);
741N/A if (!namearg)
741N/A exit(1);
500N/A ret = snprintf(namearg, len, "--name=%s", c->name);
500N/A if (ret < 0 || ret >= len)
500N/A exit(1);
1215N/A newargv[2] = namearg;
1215N/A
1215N/A /* add passed-in args */
1215N/A if (argv)
1215N/A for (i = 3; i < nargs; i++)
1215N/A newargv[i] = argv[i-3];
1215N/A
725N/A /* add trailing NULL */
725N/A nargs++;
1215N/A newargv = realloc(newargv, nargs * sizeof(*newargv));
1215N/A if (!newargv)
1215N/A exit(1);
1215N/A newargv[nargs - 1] = NULL;
725N/A
1215N/A /* execute */
1215N/A ret = execv(tpath, newargv);
1215N/A SYSERROR("failed to execute template %s", tpath);
1215N/A exit(1);
1215N/A }
1215N/A
1215N/Aagain:
1215N/A ret = waitpid(pid, &status, 0);
1215N/A if (ret == -1) {
1215N/A if (errno == -EINTR)
1215N/A goto again;
1215N/A SYSERROR("waitpid failed");
301N/A goto out_unlock;
301N/A }
736N/A if (ret != pid)
1215N/A goto again;
1215N/A if (!WIFEXITED(status)) { // did not exit normally
1215N/A // we could set an error code and string inside the
1215N/A // container_struct here if we like
1215N/A ERROR("container creation template exited abnormally\n");
1215N/A goto out_unlock;
1215N/A }
736N/A
736N/A if (WEXITSTATUS(status) != 0) {
736N/A ERROR("container creation template for %s exited with %d\n",
736N/A c->name, WEXITSTATUS(status));
736N/A goto out_unlock;
736N/A }
736N/A
736N/A // now clear out the lxc_conf we have, reload from the created
736N/A // container
736N/A if (c->lxc_conf)
736N/A lxc_conf_free(c->lxc_conf);
736N/A c->lxc_conf = NULL;
741N/A bret = load_config_locked(c, c->configfile);
741N/A
1215N/Aout_unlock:
1215N/A lxcunlock(c->slock);
1215N/Aout:
1215N/A if (tpath)
1215N/A free(tpath);
736N/A return bret;
736N/A}
336N/A
301N/Astatic bool lxcapi_shutdown(struct lxc_container *c, int timeout)
301N/A{
501N/A bool retv;
301N/A pid_t pid;
301N/A
301N/A if (!c)
301N/A return false;
301N/A
301N/A if (!timeout)
301N/A timeout = -1;
301N/A if (!c->is_running(c))
301N/A return true;
449N/A pid = c->init_pid(c);
624N/A if (pid <= 0)
624N/A return true;
624N/A kill(pid, SIGPWR);
624N/A retv = c->wait(c, "STOPPED", timeout);
624N/A if (!retv && timeout > 0) {
624N/A c->stop(c);
624N/A retv = c->wait(c, "STOPPED", 0); // 0 means don't wait
624N/A }
624N/A return retv;
624N/A}
624N/A
624N/Astatic bool lxcapi_createl(struct lxc_container *c, char *t, ...)
624N/A{
624N/A bool bret = false;
624N/A char **args = NULL, **temp;
624N/A va_list ap;
624N/A int nargs = 0;
624N/A
624N/A if (!c)
624N/A return false;
624N/A
624N/A /*
624N/A * since we're going to wait for create to finish, I don't think we
801N/A * need to get a copy of the arguments.
801N/A */
801N/A va_start(ap, t);
801N/A while (1) {
801N/A char *arg;
801N/A arg = va_arg(ap, char *);
801N/A if (!arg)
801N/A break;
801N/A nargs++;
801N/A temp = realloc(args, (nargs+1) * sizeof(*args));
1095N/A if (!temp)
1095N/A goto out;
1215N/A args = temp;
1215N/A args[nargs - 1] = arg;
1099N/A }
1215N/A va_end(ap);
1215N/A if (args)
1215N/A args[nargs] = NULL;
1095N/A
1095N/A bret = c->create(c, t, args);
1176N/A
1176N/Aout:
1215N/A if (args)
1215N/A free(args);
1215N/A return bret;
1215N/A}
1215N/A
1215N/Astatic bool lxcapi_clear_config_item(struct lxc_container *c, const char *key)
1215N/A{
1176N/A int ret;
1215N/A
1215N/A if (!c || !c->lxc_conf)
1215N/A return false;
1176N/A if (lxclock(c->privlock, 0)) {
1215N/A return false;
1215N/A }
1215N/A ret = lxc_clear_config_item(c->lxc_conf, key);
1215N/A lxcunlock(c->privlock);
1215N/A return ret == 0;
1215N/A}
1215N/A
1215N/Astatic int lxcapi_get_config_item(struct lxc_container *c, const char *key, char *retv, int inlen)
1217N/A{
1215N/A int ret;
1215N/A
1215N/A if (!c || !c->lxc_conf)
1176N/A return -1;
1215N/A if (lxclock(c->privlock, 0)) {
1215N/A return -1;
1215N/A }
1215N/A ret = lxc_get_config_item(c->lxc_conf, key, retv, inlen);
1215N/A lxcunlock(c->privlock);
1215N/A return ret;
1215N/A}
1215N/A
1215N/Astatic int lxcapi_get_keys(struct lxc_container *c, const char *key, char *retv, int inlen)
1215N/A{
1215N/A if (!key)
1215N/A return lxc_listconfigs(retv, inlen);
1215N/A /*
1215N/A * Support 'lxc.network.<idx>', i.e. 'lxc.network.0'
1215N/A * This is an intelligent result to show which keys are valid given
1215N/A * the type of nic it is
1215N/A */
1176N/A if (!c || !c->lxc_conf)
1215N/A return -1;
1215N/A if (lxclock(c->privlock, 0))
1215N/A return -1;
1215N/A int ret = -1;
1176N/A if (strncmp(key, "lxc.network.", 12) == 0)
1215N/A ret = lxc_list_nicconfigs(c->lxc_conf, key, retv, inlen);
1215N/A lxcunlock(c->privlock);
1215N/A return ret;
1215N/A}
1176N/A
1215N/A
1215N/A/* default config file - should probably come through autoconf */
1215N/A#define LXC_DEFAULT_CONFIG "/etc/lxc/default.conf"
1215N/Astatic bool lxcapi_save_config(struct lxc_container *c, const char *alt_file)
1215N/A{
1176N/A if (!alt_file)
1215N/A alt_file = c->configfile;
1215N/A if (!alt_file)
1176N/A return false; // should we write to stdout if no file is specified?
1215N/A if (!c->lxc_conf)
1215N/A if (!c->load_config(c, LXC_DEFAULT_CONFIG)) {
1176N/A ERROR("Error loading default configuration file %s while saving %s\n", LXC_DEFAULT_CONFIG, c->name);
1215N/A return false;
1215N/A }
1215N/A
1215N/A FILE *fout = fopen(alt_file, "w");
1215N/A if (!fout)
1215N/A return false;
1215N/A if (lxclock(c->privlock, 0)) {
1215N/A fclose(fout);
1215N/A return false;
1176N/A }
1176N/A write_config(fout, c->lxc_conf);
1176N/A fclose(fout);
1176N/A lxcunlock(c->privlock);
1176N/A return true;
1176N/A}
1176N/A
1176N/Astatic bool lxcapi_destroy(struct lxc_container *c)
1176N/A{
1215N/A pid_t pid;
1215N/A int ret, status;
1176N/A
1215N/A if (!c)
1215N/A return false;
1176N/A
1215N/A pid = fork();
1215N/A if (pid < 0)
1215N/A return false;
1176N/A if (pid == 0) { // child
1215N/A ret = execlp("lxc-destroy", "lxc-destroy", "-n", c->name, "-P", c->config_path, NULL);
1176N/A perror("execl");
1176N/A exit(1);
1215N/A }
1176N/A
1176N/Aagain:
1176N/A ret = waitpid(pid, &status, 0);
1176N/A if (ret == -1) {
1176N/A if (errno == -EINTR)
1215N/A goto again;
1215N/A perror("waitpid");
1215N/A return false;
1176N/A }
1216N/A if (ret != pid)
132N/A goto again;
if (!WIFEXITED(status)) { // did not exit normally
// we could set an error code and string inside the
// container_struct here if we like
return false;
}
return WEXITSTATUS(status) == 0;
}
static bool lxcapi_set_config_item(struct lxc_container *c, const char *key, const char *v)
{
int ret;
bool b = false;
struct lxc_config_t *config;
if (!c)
return false;
if (lxclock(c->privlock, 0))
return false;
if (!c->lxc_conf)
c->lxc_conf = lxc_conf_init();
if (!c->lxc_conf)
goto err;
config = lxc_getconfig(key);
if (!config)
goto err;
ret = config->cb(key, v, c->lxc_conf);
if (!ret)
b = true;
err:
lxcunlock(c->privlock);
return b;
}
static char *lxcapi_config_file_name(struct lxc_container *c)
{
if (!c || !c->configfile)
return NULL;
return strdup(c->configfile);
}
static const char *lxcapi_get_config_path(struct lxc_container *c)
{
if (!c || !c->config_path)
return NULL;
return (const char *)(c->config_path);
}
/*
* not for export
* Just recalculate the c->configfile based on the
* c->config_path, which must be set.
* The lxc_container must be locked or not yet public.
*/
static bool set_config_filename(struct lxc_container *c)
{
char *newpath;
int len, ret;
if (!c->config_path)
return false;
/* $lxc_path + "/" + c->name + "/" + "config" + '\0' */
len = strlen(c->config_path) + strlen(c->name) + strlen("config") + 3;
newpath = malloc(len);
if (!newpath)
return false;
ret = snprintf(newpath, len, "%s/%s/config", c->config_path, c->name);
if (ret < 0 || ret >= len) {
fprintf(stderr, "Error printing out config file name\n");
free(newpath);
return false;
}
if (c->configfile)
free(c->configfile);
c->configfile = newpath;
return true;
}
static bool lxcapi_set_config_path(struct lxc_container *c, const char *path)
{
char *p;
bool b = false;
char *oldpath = NULL;
if (!c)
return b;
if (lxclock(c->privlock, 0))
return b;
p = strdup(path);
if (!p) {
ERROR("Out of memory setting new lxc path");
goto err;
}
b = true;
if (c->config_path)
oldpath = c->config_path;
c->config_path = p;
/* Since we've changed the config path, we have to change the
* config file name too */
if (!set_config_filename(c)) {
ERROR("Out of memory setting new config filename");
b = false;
free(c->config_path);
c->config_path = oldpath;
oldpath = NULL;
}
err:
if (oldpath)
free(oldpath);
lxcunlock(c->privlock);
return b;
}
static bool lxcapi_set_cgroup_item(struct lxc_container *c, const char *subsys, const char *value)
{
int ret;
bool b = false;
if (!c)
return false;
if (lxclock(c->privlock, 0))
return false;
if (is_stopped_nolock(c))
goto err;
ret = lxc_cgroup_set(c->name, subsys, value, c->config_path);
if (!ret)
b = true;
err:
lxcunlock(c->privlock);
return b;
}
static int lxcapi_get_cgroup_item(struct lxc_container *c, const char *subsys, char *retv, int inlen)
{
int ret = -1;
if (!c || !c->lxc_conf)
return -1;
if (lxclock(c->privlock, 0))
return -1;
if (is_stopped_nolock(c))
goto out;
ret = lxc_cgroup_get(c->name, subsys, retv, inlen, c->config_path);
out:
lxcunlock(c->privlock);
return ret;
}
const char *lxc_get_default_config_path(void)
{
return default_lxc_path();
}
struct lxc_container *lxc_container_new(const char *name, const char *configpath)
{
struct lxc_container *c;
c = malloc(sizeof(*c));
if (!c) {
fprintf(stderr, "failed to malloc lxc_container\n");
return NULL;
}
memset(c, 0, sizeof(*c));
if (configpath)
c->config_path = strdup(configpath);
else
c->config_path = strdup(default_lxc_path());
if (!c->config_path) {
fprintf(stderr, "Out of memory");
goto err;
}
c->name = malloc(strlen(name)+1);
if (!c->name) {
fprintf(stderr, "Error allocating lxc_container name\n");
goto err;
}
strcpy(c->name, name);
c->numthreads = 1;
c->slock = lxc_newlock(name);
if (!c->slock) {
fprintf(stderr, "failed to create lock\n");
goto err;
}
c->privlock = lxc_newlock(NULL);
if (!c->privlock) {
fprintf(stderr, "failed to alloc privlock\n");
goto err;
}
if (!set_config_filename(c)) {
fprintf(stderr, "Error allocating config file pathname\n");
goto err;
}
if (file_exists(c->configfile))
lxcapi_load_config(c, NULL);
// assign the member functions
c->is_defined = lxcapi_is_defined;
c->state = lxcapi_state;
c->is_running = lxcapi_is_running;
c->freeze = lxcapi_freeze;
c->unfreeze = lxcapi_unfreeze;
c->init_pid = lxcapi_init_pid;
c->load_config = lxcapi_load_config;
c->want_daemonize = lxcapi_want_daemonize;
c->start = lxcapi_start;
c->startl = lxcapi_startl;
c->stop = lxcapi_stop;
c->config_file_name = lxcapi_config_file_name;
c->wait = lxcapi_wait;
c->set_config_item = lxcapi_set_config_item;
c->destroy = lxcapi_destroy;
c->save_config = lxcapi_save_config;
c->get_keys = lxcapi_get_keys;
c->create = lxcapi_create;
c->createl = lxcapi_createl;
c->shutdown = lxcapi_shutdown;
c->clear_config_item = lxcapi_clear_config_item;
c->get_config_item = lxcapi_get_config_item;
c->get_cgroup_item = lxcapi_get_cgroup_item;
c->set_cgroup_item = lxcapi_set_cgroup_item;
c->get_config_path = lxcapi_get_config_path;
c->set_config_path = lxcapi_set_config_path;
/* we'll allow the caller to update these later */
if (lxc_log_init(NULL, "none", NULL, "lxc_container", 0)) {
fprintf(stderr, "failed to open log\n");
goto err;
}
return c;
err:
lxc_container_free(c);
return NULL;
}
int lxc_get_wait_states(const char **states)
{
int i;
if (states)
for (i=0; i<MAX_STATE; i++)
states[i] = lxc_state2str(i);
return MAX_STATE;
}