1 /* SPDX-License-Identifier: LGPL-2.1+ */
5 This file is part of systemd.
7 Copyright 2015 Lennart Poettering
15 #include "nspawn-expose-ports.h"
16 #include "nspawn-mount.h"
18 typedef enum StartMode
{
19 START_PID1
, /* Run parameters as command line as process 1 */
20 START_PID2
, /* Use stub init process as PID 1, run parameters as command line as process 2 */
21 START_BOOT
, /* Search for init system, pass arguments as parameters */
23 _START_MODE_INVALID
= -1
26 typedef enum UserNamespaceMode
{
30 _USER_NAMESPACE_MODE_MAX
,
31 _USER_NAMESPACE_MODE_INVALID
= -1,
34 typedef enum SettingsMask
{
35 SETTING_START_MODE
= 1 << 0,
36 SETTING_ENVIRONMENT
= 1 << 1,
37 SETTING_USER
= 1 << 2,
38 SETTING_CAPABILITY
= 1 << 3,
39 SETTING_KILL_SIGNAL
= 1 << 4,
40 SETTING_PERSONALITY
= 1 << 5,
41 SETTING_MACHINE_ID
= 1 << 6,
42 SETTING_NETWORK
= 1 << 7,
43 SETTING_EXPOSE_PORTS
= 1 << 8,
44 SETTING_READ_ONLY
= 1 << 9,
45 SETTING_VOLATILE_MODE
= 1 << 10,
46 SETTING_CUSTOM_MOUNTS
= 1 << 11,
47 SETTING_WORKING_DIRECTORY
= 1 << 12,
48 SETTING_USERNS
= 1 << 13,
49 SETTING_NOTIFY_READY
= 1 << 14,
50 SETTING_PIVOT_ROOT
= 1 << 15,
51 SETTING_SYSCALL_FILTER
= 1 << 16,
52 _SETTINGS_MASK_ALL
= (1 << 17) -1
55 typedef struct Settings
{
62 uint64_t drop_capability
;
64 unsigned long personality
;
65 sd_id128_t machine_id
;
66 char *working_directory
;
69 UserNamespaceMode userns_mode
;
70 uid_t uid_shift
, uid_range
;
72 char **syscall_whitelist
;
73 char **syscall_blacklist
;
77 VolatileMode volatile_mode
;
78 CustomMount
*custom_mounts
;
79 unsigned n_custom_mounts
;
87 char **network_interfaces
;
88 char **network_macvlan
;
89 char **network_ipvlan
;
90 char **network_veth_extra
;
91 ExposePort
*expose_ports
;
94 int settings_load(FILE *f
, const char *path
, Settings
**ret
);
95 Settings
* settings_free(Settings
*s
);
97 bool settings_network_veth(Settings
*s
);
98 bool settings_private_network(Settings
*s
);
100 DEFINE_TRIVIAL_CLEANUP_FUNC(Settings
*, settings_free
);
102 const struct ConfigPerfItem
* nspawn_gperf_lookup(const char *key
, GPERF_LEN_TYPE length
);
104 int config_parse_capability(const char *unit
, const char *filename
, unsigned line
, const char *section
, unsigned section_line
, const char *lvalue
, int ltype
, const char *rvalue
, void *data
, void *userdata
);
105 int config_parse_id128(const char *unit
, const char *filename
, unsigned line
, const char *section
, unsigned section_line
, const char *lvalue
, int ltype
, const char *rvalue
, void *data
, void *userdata
);
106 int config_parse_expose_port(const char *unit
, const char *filename
, unsigned line
, const char *section
, unsigned section_line
, const char *lvalue
, int ltype
, const char *rvalue
, void *data
, void *userdata
);
107 int config_parse_volatile_mode(const char *unit
, const char *filename
, unsigned line
, const char *section
, unsigned section_line
, const char *lvalue
, int ltype
, const char *rvalue
, void *data
, void *userdata
);
108 int config_parse_pivot_root(const char *unit
, const char *filename
, unsigned line
, const char *section
, unsigned section_line
, const char *lvalue
, int ltype
, const char *rvalue
, void *data
, void *userdata
);
109 int config_parse_bind(const char *unit
, const char *filename
, unsigned line
, const char *section
, unsigned section_line
, const char *lvalue
, int ltype
, const char *rvalue
, void *data
, void *userdata
);
110 int config_parse_tmpfs(const char *unit
, const char *filename
, unsigned line
, const char *section
, unsigned section_line
, const char *lvalue
, int ltype
, const char *rvalue
, void *data
, void *userdata
);
111 int config_parse_overlay(const char *unit
, const char *filename
, unsigned line
, const char *section
, unsigned section_line
, const char *lvalue
, int ltype
, const char *rvalue
, void *data
, void *userdata
);
112 int config_parse_veth_extra(const char *unit
, const char *filename
, unsigned line
, const char *section
, unsigned section_line
, const char *lvalue
, int ltype
, const char *rvalue
, void *data
, void *userdata
);
113 int config_parse_network_zone(const char *unit
, const char *filename
, unsigned line
, const char *section
, unsigned section_line
, const char *lvalue
, int ltype
, const char *rvalue
, void *data
, void *userdata
);
114 int config_parse_boot(const char *unit
, const char *filename
, unsigned line
, const char *section
, unsigned section_line
, const char *lvalue
, int ltype
, const char *rvalue
, void *data
, void *userdata
);
115 int config_parse_pid2(const char *unit
, const char *filename
, unsigned line
, const char *section
, unsigned section_line
, const char *lvalue
, int ltype
, const char *rvalue
, void *data
, void *userdata
);
116 int config_parse_private_users(const char *unit
, const char *filename
, unsigned line
, const char *section
, unsigned section_line
, const char *lvalue
, int ltype
, const char *rvalue
, void *data
, void *userdata
);
117 int config_parse_syscall_filter(const char *unit
, const char *filename
, unsigned line
, const char *section
, unsigned section_line
, const char *lvalue
, int ltype
, const char *rvalue
, void *data
, void *userdata
);