[thirdparty/systemd.git] / src / nspawn / nspawn-settings.h

#pragma once

/***
  This file is part of systemd.

  Copyright 2015 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <stdio.h>

#include "macro.h"
#include "nspawn-expose-ports.h"
#include "nspawn-mount.h"

typedef enum StartMode {
        START_PID1, /* Run parameters as command line as process 1 */
        START_PID2, /* Use stub init process as PID 1, run parameters as command line as process 2 */
        START_BOOT, /* Search for init system, pass arguments as parameters */
        _START_MODE_MAX,
        _START_MODE_INVALID = -1
} StartMode;

typedef enum UserNamespaceMode {
        USER_NAMESPACE_NO,
        USER_NAMESPACE_FIXED,
        USER_NAMESPACE_PICK,
        _USER_NAMESPACE_MODE_MAX,
        _USER_NAMESPACE_MODE_INVALID = -1,
} UserNamespaceMode;

typedef enum SettingsMask {
        SETTING_START_MODE        = 1 << 0,
        SETTING_ENVIRONMENT       = 1 << 1,
        SETTING_USER              = 1 << 2,
        SETTING_CAPABILITY        = 1 << 3,
        SETTING_KILL_SIGNAL       = 1 << 4,
        SETTING_PERSONALITY       = 1 << 5,
        SETTING_MACHINE_ID        = 1 << 6,
        SETTING_NETWORK           = 1 << 7,
        SETTING_EXPOSE_PORTS      = 1 << 8,
        SETTING_READ_ONLY         = 1 << 9,
        SETTING_VOLATILE_MODE     = 1 << 10,
        SETTING_CUSTOM_MOUNTS     = 1 << 11,
        SETTING_WORKING_DIRECTORY = 1 << 12,
        SETTING_USERNS            = 1 << 13,
        SETTING_NOTIFY_READY      = 1 << 14,
        SETTING_PIVOT_ROOT        = 1 << 15,
        SETTING_SYSCALL_FILTER    = 1 << 16,
        _SETTINGS_MASK_ALL        = (1 << 17) -1
} SettingsMask;

typedef struct Settings {
        /* [Run] */
        StartMode start_mode;
        char **parameters;
        char **environment;
        char *user;
        uint64_t capability;
        uint64_t drop_capability;
        int kill_signal;
        unsigned long personality;
        sd_id128_t machine_id;
        char *working_directory;
        char *pivot_root_new;
        char *pivot_root_old;
        UserNamespaceMode userns_mode;
        uid_t uid_shift, uid_range;
        bool notify_ready;
        char **syscall_whitelist;
        char **syscall_blacklist;

        /* [Image] */
        int read_only;
        VolatileMode volatile_mode;
        CustomMount *custom_mounts;
        unsigned n_custom_mounts;
        int userns_chown;

        /* [Network] */
        int private_network;
        int network_veth;
        char *network_bridge;
        char *network_zone;
        char **network_interfaces;
        char **network_macvlan;
        char **network_ipvlan;
        char **network_veth_extra;
        ExposePort *expose_ports;
} Settings;

int settings_load(FILE *f, const char *path, Settings **ret);
Settings* settings_free(Settings *s);

bool settings_network_veth(Settings *s);
bool settings_private_network(Settings *s);

DEFINE_TRIVIAL_CLEANUP_FUNC(Settings*, settings_free);

const struct ConfigPerfItem* nspawn_gperf_lookup(const char *key, GPERF_LEN_TYPE length);

int config_parse_capability(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_id128(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_expose_port(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_volatile_mode(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_pivot_root(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_bind(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_tmpfs(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_overlay(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_veth_extra(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_network_zone(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_boot(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_pid2(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_private_users(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_syscall_filter(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
Commit	Line	Data
f757855e LP	1	#pragma once
	2
	3	/***
	4	This file is part of systemd.
	5
	6	Copyright 2015 Lennart Poettering
	7
	8	systemd is free software; you can redistribute it and/or modify it
	9	under the terms of the GNU Lesser General Public License as published by
	10	the Free Software Foundation; either version 2.1 of the License, or
	11	(at your option) any later version.
	12
	13	systemd is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	16	Lesser General Public License for more details.
	17
	18	You should have received a copy of the GNU Lesser General Public License
	19	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	20	***/
	21
	22	#include <stdio.h>
	23
	24	#include "macro.h"
7a8f6325	25	#include "nspawn-expose-ports.h"
71d35b6b	26	#include "nspawn-mount.h"
f757855e	27
7732f92b LP	28	typedef enum StartMode {
	29	START_PID1, /* Run parameters as command line as process 1 */
	30	START_PID2, /* Use stub init process as PID 1, run parameters as command line as process 2 */
	31	START_BOOT, /* Search for init system, pass arguments as parameters */
	32	_START_MODE_MAX,
	33	_START_MODE_INVALID = -1
	34	} StartMode;
	35
0de7acce LP	36	typedef enum UserNamespaceMode {
	37	USER_NAMESPACE_NO,
	38	USER_NAMESPACE_FIXED,
	39	USER_NAMESPACE_PICK,
	40	_USER_NAMESPACE_MODE_MAX,
	41	_USER_NAMESPACE_MODE_INVALID = -1,
	42	} UserNamespaceMode;
	43
f757855e	44	typedef enum SettingsMask {
7732f92b LP	45	SETTING_START_MODE = 1 << 0,
	46	SETTING_ENVIRONMENT = 1 << 1,
	47	SETTING_USER = 1 << 2,
	48	SETTING_CAPABILITY = 1 << 3,
	49	SETTING_KILL_SIGNAL = 1 << 4,
	50	SETTING_PERSONALITY = 1 << 5,
	51	SETTING_MACHINE_ID = 1 << 6,
	52	SETTING_NETWORK = 1 << 7,
	53	SETTING_EXPOSE_PORTS = 1 << 8,
	54	SETTING_READ_ONLY = 1 << 9,
	55	SETTING_VOLATILE_MODE = 1 << 10,
	56	SETTING_CUSTOM_MOUNTS = 1 << 11,
5f932eb9	57	SETTING_WORKING_DIRECTORY = 1 << 12,
0de7acce	58	SETTING_USERNS = 1 << 13,
9c1e04d0	59	SETTING_NOTIFY_READY = 1 << 14,
b53ede69	60	SETTING_PIVOT_ROOT = 1 << 15,
960e4569 LP	61	SETTING_SYSCALL_FILTER = 1 << 16,
960e4569 LP	62	_SETTINGS_MASK_ALL = (1 << 17) -1
f757855e LP	63	} SettingsMask;
	64
	65	typedef struct Settings {
	66	/* [Run] */
7732f92b	67	StartMode start_mode;
f757855e LP	68	char **parameters;
	69	char **environment;
	70	char *user;
	71	uint64_t capability;
	72	uint64_t drop_capability;
	73	int kill_signal;
	74	unsigned long personality;
	75	sd_id128_t machine_id;
5f932eb9	76	char *working_directory;
b53ede69 PW	77	char *pivot_root_new;
b53ede69 PW	78	char *pivot_root_old;
0de7acce LP	79	UserNamespaceMode userns_mode;
0de7acce LP	80	uid_t uid_shift, uid_range;
9c1e04d0	81	bool notify_ready;
960e4569 LP	82	char **syscall_whitelist;
960e4569 LP	83	char **syscall_blacklist;
f757855e LP	84
	85	/* [Image] */
	86	int read_only;
	87	VolatileMode volatile_mode;
	88	CustomMount *custom_mounts;
	89	unsigned n_custom_mounts;
0de7acce	90	int userns_chown;
f757855e LP	91
	92	/* [Network] */
	93	int private_network;
	94	int network_veth;
	95	char *network_bridge;
22b28dfd	96	char *network_zone;
f757855e LP	97	char **network_interfaces;
	98	char **network_macvlan;
	99	char **network_ipvlan;
f6d6bad1	100	char **network_veth_extra;
f757855e LP	101	ExposePort *expose_ports;
	102	} Settings;
	103
	104	int settings_load(FILE f, const char path, Settings **ret);
	105	Settings* settings_free(Settings *s);
	106
0e265674 LP	107	bool settings_network_veth(Settings *s);
	108	bool settings_private_network(Settings *s);
	109
f757855e LP	110	DEFINE_TRIVIAL_CLEANUP_FUNC(Settings*, settings_free);
f757855e LP	111
c9f7b4d3	112	const struct ConfigPerfItem* nspawn_gperf_lookup(const char *key, GPERF_LEN_TYPE length);
f757855e LP	113
	114	int config_parse_capability(const char unit, const char filename, unsigned line, const char section, unsigned section_line, const char lvalue, int ltype, const char rvalue, void data, void *userdata);
	115	int config_parse_id128(const char unit, const char filename, unsigned line, const char section, unsigned section_line, const char lvalue, int ltype, const char rvalue, void data, void *userdata);
	116	int config_parse_expose_port(const char unit, const char filename, unsigned line, const char section, unsigned section_line, const char lvalue, int ltype, const char rvalue, void data, void *userdata);
	117	int config_parse_volatile_mode(const char unit, const char filename, unsigned line, const char section, unsigned section_line, const char lvalue, int ltype, const char rvalue, void data, void *userdata);
b53ede69	118	int config_parse_pivot_root(const char unit, const char filename, unsigned line, const char section, unsigned section_line, const char lvalue, int ltype, const char rvalue, void data, void *userdata);
f757855e LP	119	int config_parse_bind(const char unit, const char filename, unsigned line, const char section, unsigned section_line, const char lvalue, int ltype, const char rvalue, void data, void *userdata);
f757855e LP	120	int config_parse_tmpfs(const char unit, const char filename, unsigned line, const char section, unsigned section_line, const char lvalue, int ltype, const char rvalue, void data, void *userdata);
7b4318b6	121	int config_parse_overlay(const char unit, const char filename, unsigned line, const char section, unsigned section_line, const char lvalue, int ltype, const char rvalue, void data, void *userdata);
f6d6bad1	122	int config_parse_veth_extra(const char unit, const char filename, unsigned line, const char section, unsigned section_line, const char lvalue, int ltype, const char rvalue, void data, void *userdata);
22b28dfd	123	int config_parse_network_zone(const char unit, const char filename, unsigned line, const char section, unsigned section_line, const char lvalue, int ltype, const char rvalue, void data, void *userdata);
7732f92b LP	124	int config_parse_boot(const char unit, const char filename, unsigned line, const char section, unsigned section_line, const char lvalue, int ltype, const char rvalue, void data, void *userdata);
7732f92b LP	125	int config_parse_pid2(const char unit, const char filename, unsigned line, const char section, unsigned section_line, const char lvalue, int ltype, const char rvalue, void data, void *userdata);
0de7acce	126	int config_parse_private_users(const char unit, const char filename, unsigned line, const char section, unsigned section_line, const char lvalue, int ltype, const char rvalue, void data, void *userdata);
960e4569	127	int config_parse_syscall_filter(const char unit, const char filename, unsigned line, const char section, unsigned section_line, const char lvalue, int ltype, const char rvalue, void data, void *userdata);