[thirdparty/systemd.git] / src / nspawn / nspawn-mount.h

/* SPDX-License-Identifier: LGPL-2.1+ */
#pragma once

/***
  This file is part of systemd.

  Copyright 2015 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <stdbool.h>

#include "cgroup-util.h"
#include "volatile-util.h"

typedef enum MountSettingsMask {
        MOUNT_FATAL              = 1 << 0, /* if set, a mount error is considered fatal */
        MOUNT_USE_USERNS         = 1 << 1, /* if set, mounts are patched considering uid/gid shifts in a user namespace */
        MOUNT_IN_USERNS          = 1 << 2, /* if set, the mount is executed in the inner child, otherwise in the outer child */
        MOUNT_APPLY_APIVFS_RO    = 1 << 3, /* if set, /proc/sys, and /sysfs will be mounted read-only, otherwise read-write. */
        MOUNT_APPLY_APIVFS_NETNS = 1 << 4, /* if set, /proc/sys/net will be mounted read-write.
                                              Works only if MOUNT_APPLY_APIVFS_RO is also set. */
} MountSettingsMask;

typedef enum CustomMountType {
        CUSTOM_MOUNT_BIND,
        CUSTOM_MOUNT_TMPFS,
        CUSTOM_MOUNT_OVERLAY,
        _CUSTOM_MOUNT_TYPE_MAX,
        _CUSTOM_MOUNT_TYPE_INVALID = -1
} CustomMountType;

typedef struct CustomMount {
        CustomMountType type;
        bool read_only;
        char *source; /* for overlayfs this is the upper directory */
        char *destination;
        char *options;
        char *work_dir;
        char **lower;
        char *rm_rf_tmpdir;
} CustomMount;

CustomMount* custom_mount_add(CustomMount **l, unsigned *n, CustomMountType t);
void custom_mount_free_all(CustomMount *l, unsigned n);
int custom_mount_prepare_all(const char *dest, CustomMount *l, unsigned n);

int bind_mount_parse(CustomMount **l, unsigned *n, const char *s, bool read_only);
int tmpfs_mount_parse(CustomMount **l, unsigned *n, const char *s);
int overlay_mount_parse(CustomMount **l, unsigned *n, const char *s, bool read_only);

int mount_all(const char *dest, MountSettingsMask mount_settings, uid_t uid_shift, uid_t uid_range, const char *selinux_apifs_context);
int mount_sysfs(const char *dest, MountSettingsMask mount_settings);

int mount_cgroups(const char *dest, CGroupUnified unified_requested, bool userns, uid_t uid_shift, uid_t uid_range, const char *selinux_apifs_context, bool use_cgns);
int mount_systemd_cgroup_writable(const char *dest, CGroupUnified unified_requested);

int mount_custom(const char *dest, CustomMount *mounts, unsigned n, bool userns, uid_t uid_shift, uid_t uid_range, const char *selinux_apifs_context);

int setup_volatile(const char *directory, VolatileMode mode, bool userns, uid_t uid_shift, uid_t uid_range, const char *selinux_apifs_context);
int setup_volatile_state(const char *directory, VolatileMode mode, bool userns, uid_t uid_shift, uid_t uid_range, const char *selinux_apifs_context);

int pivot_root_parse(char **pivot_root_new, char **pivot_root_old, const char *s);
int setup_pivot_root(const char *directory, const char *pivot_root_new, const char *pivot_root_old);
Commit	Line	Data
53e1b683	1	/* SPDX-License-Identifier: LGPL-2.1+ */
e83bebef LP	2	#pragma once
	3
	4	/***
	5	This file is part of systemd.
	6
	7	Copyright 2015 Lennart Poettering
	8
	9	systemd is free software; you can redistribute it and/or modify it
	10	under the terms of the GNU Lesser General Public License as published by
	11	the Free Software Foundation; either version 2.1 of the License, or
	12	(at your option) any later version.
	13
	14	systemd is distributed in the hope that it will be useful, but
	15	WITHOUT ANY WARRANTY; without even the implied warranty of
	16	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	17	Lesser General Public License for more details.
	18
	19	You should have received a copy of the GNU Lesser General Public License
	20	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	21	***/
	22
	23	#include <stdbool.h>
	24
5da38d07	25	#include "cgroup-util.h"
a4c35b6b	26	#include "volatile-util.h"
5da38d07	27
4f086aab SU	28	typedef enum MountSettingsMask {
	29	MOUNT_FATAL = 1 << 0, /* if set, a mount error is considered fatal */
	30	MOUNT_USE_USERNS = 1 << 1, /* if set, mounts are patched considering uid/gid shifts in a user namespace */
	31	MOUNT_IN_USERNS = 1 << 2, /* if set, the mount is executed in the inner child, otherwise in the outer child */
	32	MOUNT_APPLY_APIVFS_RO = 1 << 3, /* if set, /proc/sys, and /sysfs will be mounted read-only, otherwise read-write. */
	33	MOUNT_APPLY_APIVFS_NETNS = 1 << 4, /* if set, /proc/sys/net will be mounted read-write.
	34	Works only if MOUNT_APPLY_APIVFS_RO is also set. */
	35	} MountSettingsMask;
	36
e83bebef LP	37	typedef enum CustomMountType {
	38	CUSTOM_MOUNT_BIND,
	39	CUSTOM_MOUNT_TMPFS,
	40	CUSTOM_MOUNT_OVERLAY,
	41	_CUSTOM_MOUNT_TYPE_MAX,
	42	_CUSTOM_MOUNT_TYPE_INVALID = -1
	43	} CustomMountType;
	44
	45	typedef struct CustomMount {
	46	CustomMountType type;
	47	bool read_only;
	48	char source; / for overlayfs this is the upper directory */
	49	char *destination;
	50	char *options;
	51	char *work_dir;
	52	char **lower;
c7a4890c	53	char *rm_rf_tmpdir;
e83bebef LP	54	} CustomMount;
	55
	56	CustomMount* custom_mount_add(CustomMount *l, unsigned n, CustomMountType t);
e83bebef	57	void custom_mount_free_all(CustomMount *l, unsigned n);
86c0dd4a	58	int custom_mount_prepare_all(const char dest, CustomMount l, unsigned n);
ad85779a	59
e83bebef LP	60	int bind_mount_parse(CustomMount *l, unsigned n, const char *s, bool read_only);
e83bebef LP	61	int tmpfs_mount_parse(CustomMount *l, unsigned n, const char *s);
ad85779a	62	int overlay_mount_parse(CustomMount *l, unsigned n, const char *s, bool read_only);
e83bebef	63
4f086aab SU	64	int mount_all(const char dest, MountSettingsMask mount_settings, uid_t uid_shift, uid_t uid_range, const char selinux_apifs_context);
4f086aab SU	65	int mount_sysfs(const char *dest, MountSettingsMask mount_settings);
e83bebef	66
5da38d07 TH	67	int mount_cgroups(const char dest, CGroupUnified unified_requested, bool userns, uid_t uid_shift, uid_t uid_range, const char selinux_apifs_context, bool use_cgns);
5da38d07 TH	68	int mount_systemd_cgroup_writable(const char *dest, CGroupUnified unified_requested);
e83bebef LP	69
	70	int mount_custom(const char dest, CustomMount mounts, unsigned n, bool userns, uid_t uid_shift, uid_t uid_range, const char *selinux_apifs_context);
	71
	72	int setup_volatile(const char directory, VolatileMode mode, bool userns, uid_t uid_shift, uid_t uid_range, const char selinux_apifs_context);
	73	int setup_volatile_state(const char directory, VolatileMode mode, bool userns, uid_t uid_shift, uid_t uid_range, const char selinux_apifs_context);
b53ede69 PW	74
	75	int pivot_root_parse(char pivot_root_new, char pivot_root_old, const char *s);
	76	int setup_pivot_root(const char directory, const char pivot_root_new, const char *pivot_root_old);