From 99d509541d82f247b3225d243fff5359574817ff Mon Sep 17 00:00:00 2001 From: Christian Seiler Date: Thu, 23 Feb 2012 09:57:14 +0100 Subject: Move lxc_attach from namespace.c to attach.c and rename it to lxc_attach_to_ns Since lxc-attach helper functions now have an own source file, lxc_attach is moved from namespace.c to attach.c and is renamed to lxc_attach_to_ns, because that better reflects what the function does (attaching to a container can also contain the setting of the process's personality, adding it to the corresponding cgroups and dropping specific capabilities). Signed-off-by: Daniel Lezcano --- src/lxc/attach.c | 35 +++++++++++++++++++++++++++++++++++ src/lxc/attach.h | 1 + src/lxc/lxc_attach.c | 4 ++-- src/lxc/namespace.c | 47 ----------------------------------------------- src/lxc/namespace.h | 1 - 5 files changed, 38 insertions(+), 50 deletions(-) diff --git a/src/lxc/attach.c b/src/lxc/attach.c index 254b185..33da411 100644 --- a/src/lxc/attach.c +++ b/src/lxc/attach.c @@ -226,6 +226,41 @@ int lxc_attach_proc_to_cgroups(pid_t pid, struct lxc_proc_context_info *ctx) return 0; } +int lxc_attach_to_ns(pid_t pid) +{ + char path[MAXPATHLEN]; + char *ns[] = { "pid", "mnt", "net", "ipc", "uts" }; + const int size = sizeof(ns) / sizeof(char *); + int fd[size]; + int i; + + snprintf(path, MAXPATHLEN, "/proc/%d/ns", pid); + if (access(path, X_OK)) { + ERROR("Does this kernel version support 'attach' ?"); + return -1; + } + + for (i = 0; i < size; i++) { + snprintf(path, MAXPATHLEN, "/proc/%d/ns/%s", pid, ns[i]); + fd[i] = open(path, O_RDONLY); + if (fd[i] < 0) { + SYSERROR("failed to open '%s'", path); + return -1; + } + } + + for (i = 0; i < size; i++) { + if (setns(fd[i], 0)) { + SYSERROR("failed to set namespace '%s'", ns[i]); + return -1; + } + + close(fd[i]); + } + + return 0; +} + int lxc_attach_drop_privs(struct lxc_proc_context_info *ctx) { int last_cap = lxc_caps_last_cap(); diff --git a/src/lxc/attach.h b/src/lxc/attach.h index 7e67455..d2b7533 100644 --- a/src/lxc/attach.h +++ b/src/lxc/attach.h @@ -42,6 +42,7 @@ extern struct lxc_proc_context_info *lxc_proc_get_context_info(pid_t pid); extern void lxc_proc_free_context_info(struct lxc_proc_context_info *info); extern int lxc_attach_proc_to_cgroups(pid_t pid, struct lxc_proc_context_info *ctx); +extern int lxc_attach_to_ns(pid_t other_pid); extern int lxc_attach_drop_privs(struct lxc_proc_context_info *ctx); #endif diff --git a/src/lxc/lxc_attach.c b/src/lxc/lxc_attach.c index ed3d5a4..c8643d1 100644 --- a/src/lxc/lxc_attach.c +++ b/src/lxc/lxc_attach.c @@ -30,9 +30,9 @@ #include #include +#include "attach.h" #include "commands.h" #include "arguments.h" -#include "namespace.h" #include "caps.h" #include "log.h" @@ -85,7 +85,7 @@ int main(int argc, char *argv[], char *envp[]) curdir = get_current_dir_name(); - ret = lxc_attach(pid); + ret = lxc_attach_to_ns(pid); if (ret < 0) { ERROR("failed to enter the namespace"); return -1; diff --git a/src/lxc/namespace.c b/src/lxc/namespace.c index 6512685..3e6fc3a 100644 --- a/src/lxc/namespace.c +++ b/src/lxc/namespace.c @@ -34,8 +34,6 @@ #include "namespace.h" #include "log.h" -#include "setns.h" - lxc_log_define(lxc_namespace, lxc); struct clone_arg { @@ -43,16 +41,6 @@ struct clone_arg { void *arg; }; -int setns(int fd, int nstype) -{ -#ifndef __NR_setns - errno = ENOSYS; - return -1; -#else - return syscall(__NR_setns, fd, nstype); -#endif -} - static int do_clone(void *arg) { struct clone_arg *clone_arg = arg; @@ -81,38 +69,3 @@ pid_t lxc_clone(int (*fn)(void *), void *arg, int flags) return ret; } - -int lxc_attach(pid_t pid) -{ - char path[MAXPATHLEN]; - char *ns[] = { "pid", "mnt", "net", "ipc", "uts" }; - const int size = sizeof(ns) / sizeof(char *); - int fd[size]; - int i; - - sprintf(path, "/proc/%d/ns", pid); - if (access(path, X_OK)) { - ERROR("Does this kernel version support 'attach' ?"); - return -1; - } - - for (i = 0; i < size; i++) { - sprintf(path, "/proc/%d/ns/%s", pid, ns[i]); - fd[i] = open(path, O_RDONLY); - if (fd[i] < 0) { - SYSERROR("failed to open '%s'", path); - return -1; - } - } - - for (i = 0; i < size; i++) { - if (setns(fd[i], 0)) { - SYSERROR("failed to set namespace '%s'", ns[i]); - return -1; - } - - close(fd[i]); - } - - return 0; -} diff --git a/src/lxc/namespace.h b/src/lxc/namespace.h index 9c6b7ec..5442dd3 100644 --- a/src/lxc/namespace.h +++ b/src/lxc/namespace.h @@ -49,6 +49,5 @@ #endif extern pid_t lxc_clone(int (*fn)(void *), void *arg, int flags); -extern int lxc_attach(pid_t pid); #endif -- cgit v1.2.3-65-gdbad