[thirdparty/systemd.git] / src / nspawn / nspawn-settings.h

/* SPDX-License-Identifier: LGPL-2.1+ */
#pragma once

#include <sched.h>
#include <stdio.h>

#if HAVE_SECCOMP
#include <seccomp.h>
#endif

#include "sd-bus.h"
#include "sd-id128.h"

#include "capability-util.h"
#include "conf-parser.h"
#include "macro.h"
#include "missing_resource.h"
#include "nspawn-expose-ports.h"
#include "nspawn-mount.h"
#include "time-util.h"

typedef enum StartMode {
        START_PID1, /* Run parameters as command line as process 1 */
        START_PID2, /* Use stub init process as PID 1, run parameters as command line as process 2 */
        START_BOOT, /* Search for init system, pass arguments as parameters */
        _START_MODE_MAX,
        _START_MODE_INVALID = -1
} StartMode;

typedef enum UserNamespaceMode {
        USER_NAMESPACE_NO,
        USER_NAMESPACE_FIXED,
        USER_NAMESPACE_PICK,
        _USER_NAMESPACE_MODE_MAX,
        _USER_NAMESPACE_MODE_INVALID = -1,
} UserNamespaceMode;

typedef enum ResolvConfMode {
        RESOLV_CONF_OFF,
        RESOLV_CONF_COPY_HOST,
        RESOLV_CONF_COPY_STATIC,
        RESOLV_CONF_BIND_HOST,
        RESOLV_CONF_BIND_STATIC,
        RESOLV_CONF_DELETE,
        RESOLV_CONF_AUTO,
        _RESOLV_CONF_MODE_MAX,
        _RESOLV_CONF_MODE_INVALID = -1
} ResolvConfMode;

typedef enum LinkJournal {
        LINK_NO,
        LINK_AUTO,
        LINK_HOST,
        LINK_GUEST,
        _LINK_JOURNAL_MAX,
        _LINK_JOURNAL_INVALID = -1
} LinkJournal;

typedef enum TimezoneMode {
        TIMEZONE_OFF,
        TIMEZONE_COPY,
        TIMEZONE_BIND,
        TIMEZONE_SYMLINK,
        TIMEZONE_DELETE,
        TIMEZONE_AUTO,
        _TIMEZONE_MODE_MAX,
        _TIMEZONE_MODE_INVALID = -1
} TimezoneMode;

typedef enum ConsoleMode {
        CONSOLE_INTERACTIVE,
        CONSOLE_READ_ONLY,
        CONSOLE_PASSIVE,
        CONSOLE_PIPE,
        _CONSOLE_MODE_MAX,
        _CONSOLE_MODE_INVALID = -1,
} ConsoleMode;

typedef enum SettingsMask {
        SETTING_START_MODE        = UINT64_C(1) << 0,
        SETTING_ENVIRONMENT       = UINT64_C(1) << 1,
        SETTING_USER              = UINT64_C(1) << 2,
        SETTING_CAPABILITY        = UINT64_C(1) << 3,
        SETTING_KILL_SIGNAL       = UINT64_C(1) << 4,
        SETTING_PERSONALITY       = UINT64_C(1) << 5,
        SETTING_MACHINE_ID        = UINT64_C(1) << 6,
        SETTING_NETWORK           = UINT64_C(1) << 7,
        SETTING_EXPOSE_PORTS      = UINT64_C(1) << 8,
        SETTING_READ_ONLY         = UINT64_C(1) << 9,
        SETTING_VOLATILE_MODE     = UINT64_C(1) << 10,
        SETTING_CUSTOM_MOUNTS     = UINT64_C(1) << 11,
        SETTING_WORKING_DIRECTORY = UINT64_C(1) << 12,
        SETTING_USERNS            = UINT64_C(1) << 13,
        SETTING_NOTIFY_READY      = UINT64_C(1) << 14,
        SETTING_PIVOT_ROOT        = UINT64_C(1) << 15,
        SETTING_SYSCALL_FILTER    = UINT64_C(1) << 16,
        SETTING_HOSTNAME          = UINT64_C(1) << 17,
        SETTING_NO_NEW_PRIVILEGES = UINT64_C(1) << 18,
        SETTING_OOM_SCORE_ADJUST  = UINT64_C(1) << 19,
        SETTING_CPU_AFFINITY      = UINT64_C(1) << 20,
        SETTING_RESOLV_CONF       = UINT64_C(1) << 21,
        SETTING_LINK_JOURNAL      = UINT64_C(1) << 22,
        SETTING_TIMEZONE          = UINT64_C(1) << 23,
        SETTING_EPHEMERAL         = UINT64_C(1) << 24,
        SETTING_SLICE             = UINT64_C(1) << 25,
        SETTING_DIRECTORY         = UINT64_C(1) << 26,
        SETTING_USE_CGNS          = UINT64_C(1) << 27,
        SETTING_CLONE_NS_FLAGS    = UINT64_C(1) << 28,
        SETTING_CONSOLE_MODE      = UINT64_C(1) << 29,
        SETTING_RLIMIT_FIRST      = UINT64_C(1) << 30, /* we define one bit per resource limit here */
        SETTING_RLIMIT_LAST       = UINT64_C(1) << (30 + _RLIMIT_MAX - 1),
        _SETTINGS_MASK_ALL        = (UINT64_C(1) << (30 + _RLIMIT_MAX)) -1,
        _SETTING_FORCE_ENUM_WIDTH = UINT64_MAX
} SettingsMask;

/* We want to use SETTING_RLIMIT_FIRST in shifts, so make sure it is really 64 bits
 * when used in expressions. */
#define SETTING_RLIMIT_FIRST ((uint64_t) SETTING_RLIMIT_FIRST)
#define SETTING_RLIMIT_LAST ((uint64_t) SETTING_RLIMIT_LAST)

assert_cc(sizeof(SettingsMask) == 8);
assert_cc(sizeof(SETTING_RLIMIT_FIRST) == 8);
assert_cc(sizeof(SETTING_RLIMIT_LAST) == 8);

typedef struct DeviceNode {
        char *path;
        unsigned major;
        unsigned minor;
        mode_t mode;
        uid_t uid;
        gid_t gid;
} DeviceNode;

typedef struct OciHook {
        char *path;
        char **args;
        char **env;
        usec_t timeout;
} OciHook;

typedef struct Settings {
        /* [Run] */
        StartMode start_mode;
        bool ephemeral;
        char **parameters;
        char **environment;
        char *user;
        uint64_t capability;
        uint64_t drop_capability;
        int kill_signal;
        unsigned long personality;
        sd_id128_t machine_id;
        char *working_directory;
        char *pivot_root_new;
        char *pivot_root_old;
        UserNamespaceMode userns_mode;
        uid_t uid_shift, uid_range;
        bool notify_ready;
        char **syscall_whitelist;
        char **syscall_blacklist;
        struct rlimit *rlimit[_RLIMIT_MAX];
        char *hostname;
        int no_new_privileges;
        int oom_score_adjust;
        bool oom_score_adjust_set;
        cpu_set_t *cpuset;
        unsigned cpuset_ncpus;
        ResolvConfMode resolv_conf;
        LinkJournal link_journal;
        bool link_journal_try;
        TimezoneMode timezone;

        /* [Image] */
        int read_only;
        VolatileMode volatile_mode;
        CustomMount *custom_mounts;
        size_t n_custom_mounts;
        int userns_chown;

        /* [Network] */
        int private_network;
        int network_veth;
        char *network_bridge;
        char *network_zone;
        char **network_interfaces;
        char **network_macvlan;
        char **network_ipvlan;
        char **network_veth_extra;
        ExposePort *expose_ports;

        /* Additional fields, that are specific to OCI runtime case */
        char *bundle;
        char *root;
        OciHook *oci_hooks_prestart, *oci_hooks_poststart, *oci_hooks_poststop;
        size_t n_oci_hooks_prestart, n_oci_hooks_poststart, n_oci_hooks_poststop;
        char *slice;
        sd_bus_message *properties;
        CapabilityQuintet full_capabilities;
        uid_t uid;
        gid_t gid;
        gid_t *supplementary_gids;
        size_t n_supplementary_gids;
        unsigned console_width, console_height;
        ConsoleMode console_mode;
        DeviceNode *extra_nodes;
        size_t n_extra_nodes;
        unsigned long clone_ns_flags;
        char *network_namespace_path;
        int use_cgns;
        char **sysctl;
#if HAVE_SECCOMP
        scmp_filter_ctx seccomp;
#endif
} Settings;

Settings *settings_new(void);
int settings_load(FILE *f, const char *path, Settings **ret);
Settings* settings_free(Settings *s);

bool settings_network_veth(Settings *s);
bool settings_private_network(Settings *s);
int settings_allocate_properties(Settings *s);

DEFINE_TRIVIAL_CLEANUP_FUNC(Settings*, settings_free);

const struct ConfigPerfItem* nspawn_gperf_lookup(const char *key, GPERF_LEN_TYPE length);

CONFIG_PARSER_PROTOTYPE(config_parse_capability);
CONFIG_PARSER_PROTOTYPE(config_parse_id128);
CONFIG_PARSER_PROTOTYPE(config_parse_expose_port);
CONFIG_PARSER_PROTOTYPE(config_parse_volatile_mode);
CONFIG_PARSER_PROTOTYPE(config_parse_pivot_root);
CONFIG_PARSER_PROTOTYPE(config_parse_bind);
CONFIG_PARSER_PROTOTYPE(config_parse_tmpfs);
CONFIG_PARSER_PROTOTYPE(config_parse_overlay);
CONFIG_PARSER_PROTOTYPE(config_parse_inaccessible);
CONFIG_PARSER_PROTOTYPE(config_parse_veth_extra);
CONFIG_PARSER_PROTOTYPE(config_parse_network_zone);
CONFIG_PARSER_PROTOTYPE(config_parse_boot);
CONFIG_PARSER_PROTOTYPE(config_parse_pid2);
CONFIG_PARSER_PROTOTYPE(config_parse_private_users);
CONFIG_PARSER_PROTOTYPE(config_parse_syscall_filter);
CONFIG_PARSER_PROTOTYPE(config_parse_hostname);
CONFIG_PARSER_PROTOTYPE(config_parse_oom_score_adjust);
CONFIG_PARSER_PROTOTYPE(config_parse_cpu_affinity);
CONFIG_PARSER_PROTOTYPE(config_parse_resolv_conf);
CONFIG_PARSER_PROTOTYPE(config_parse_link_journal);
CONFIG_PARSER_PROTOTYPE(config_parse_timezone);

const char *resolv_conf_mode_to_string(ResolvConfMode a) _const_;
ResolvConfMode resolv_conf_mode_from_string(const char *s) _pure_;

const char *timezone_mode_to_string(TimezoneMode a) _const_;
TimezoneMode timezone_mode_from_string(const char *s) _pure_;

int parse_link_journal(const char *s, LinkJournal *ret_mode, bool *ret_try);

void device_node_array_free(DeviceNode *node, size_t n);
Commit	Line	Data
53e1b683	1	/* SPDX-License-Identifier: LGPL-2.1+ */
f757855e LP	2	#pragma once
f757855e LP	3
d107bb7d	4	#include <sched.h>
f757855e LP	5	#include <stdio.h>
f757855e LP	6
de40a303 LP	7	#if HAVE_SECCOMP
	8	#include <seccomp.h>
	9	#endif
	10
	11	#include "sd-bus.h"
dccca82b LP	12	#include "sd-id128.h"
dccca82b LP	13
de40a303	14	#include "capability-util.h"
a2106925	15	#include "conf-parser.h"
f757855e	16	#include "macro.h"
e93672ee	17	#include "missing_resource.h"
7a8f6325	18	#include "nspawn-expose-ports.h"
71d35b6b	19	#include "nspawn-mount.h"
ca78ad1d	20	#include "time-util.h"
f757855e	21
7732f92b LP	22	typedef enum StartMode {
	23	START_PID1, /* Run parameters as command line as process 1 */
	24	START_PID2, /* Use stub init process as PID 1, run parameters as command line as process 2 */
	25	START_BOOT, /* Search for init system, pass arguments as parameters */
	26	_START_MODE_MAX,
	27	_START_MODE_INVALID = -1
	28	} StartMode;
	29
0de7acce LP	30	typedef enum UserNamespaceMode {
	31	USER_NAMESPACE_NO,
	32	USER_NAMESPACE_FIXED,
	33	USER_NAMESPACE_PICK,
	34	_USER_NAMESPACE_MODE_MAX,
	35	_USER_NAMESPACE_MODE_INVALID = -1,
	36	} UserNamespaceMode;
	37
09d423e9 LP	38	typedef enum ResolvConfMode {
	39	RESOLV_CONF_OFF,
	40	RESOLV_CONF_COPY_HOST,
	41	RESOLV_CONF_COPY_STATIC,
	42	RESOLV_CONF_BIND_HOST,
	43	RESOLV_CONF_BIND_STATIC,
	44	RESOLV_CONF_DELETE,
	45	RESOLV_CONF_AUTO,
	46	_RESOLV_CONF_MODE_MAX,
	47	_RESOLV_CONF_MODE_INVALID = -1
	48	} ResolvConfMode;
	49
4e1d6aa9 LP	50	typedef enum LinkJournal {
	51	LINK_NO,
	52	LINK_AUTO,
	53	LINK_HOST,
	54	LINK_GUEST,
	55	_LINK_JOURNAL_MAX,
	56	_LINK_JOURNAL_INVALID = -1
	57	} LinkJournal;
	58
1688841f LP	59	typedef enum TimezoneMode {
	60	TIMEZONE_OFF,
	61	TIMEZONE_COPY,
	62	TIMEZONE_BIND,
	63	TIMEZONE_SYMLINK,
	64	TIMEZONE_DELETE,
	65	TIMEZONE_AUTO,
	66	_TIMEZONE_MODE_MAX,
	67	_TIMEZONE_MODE_INVALID = -1
	68	} TimezoneMode;
	69
de40a303 LP	70	typedef enum ConsoleMode {
	71	CONSOLE_INTERACTIVE,
	72	CONSOLE_READ_ONLY,
	73	CONSOLE_PASSIVE,
	74	CONSOLE_PIPE,
	75	_CONSOLE_MODE_MAX,
	76	_CONSOLE_MODE_INVALID = -1,
	77	} ConsoleMode;
	78
f757855e	79	typedef enum SettingsMask {
bf428efb LP	80	SETTING_START_MODE = UINT64_C(1) << 0,
	81	SETTING_ENVIRONMENT = UINT64_C(1) << 1,
	82	SETTING_USER = UINT64_C(1) << 2,
	83	SETTING_CAPABILITY = UINT64_C(1) << 3,
	84	SETTING_KILL_SIGNAL = UINT64_C(1) << 4,
	85	SETTING_PERSONALITY = UINT64_C(1) << 5,
	86	SETTING_MACHINE_ID = UINT64_C(1) << 6,
	87	SETTING_NETWORK = UINT64_C(1) << 7,
	88	SETTING_EXPOSE_PORTS = UINT64_C(1) << 8,
	89	SETTING_READ_ONLY = UINT64_C(1) << 9,
	90	SETTING_VOLATILE_MODE = UINT64_C(1) << 10,
	91	SETTING_CUSTOM_MOUNTS = UINT64_C(1) << 11,
	92	SETTING_WORKING_DIRECTORY = UINT64_C(1) << 12,
	93	SETTING_USERNS = UINT64_C(1) << 13,
	94	SETTING_NOTIFY_READY = UINT64_C(1) << 14,
	95	SETTING_PIVOT_ROOT = UINT64_C(1) << 15,
	96	SETTING_SYSCALL_FILTER = UINT64_C(1) << 16,
3a9530e5	97	SETTING_HOSTNAME = UINT64_C(1) << 17,
66edd963	98	SETTING_NO_NEW_PRIVILEGES = UINT64_C(1) << 18,
81f345df	99	SETTING_OOM_SCORE_ADJUST = UINT64_C(1) << 19,
d107bb7d	100	SETTING_CPU_AFFINITY = UINT64_C(1) << 20,
09d423e9	101	SETTING_RESOLV_CONF = UINT64_C(1) << 21,
4e1d6aa9	102	SETTING_LINK_JOURNAL = UINT64_C(1) << 22,
1688841f	103	SETTING_TIMEZONE = UINT64_C(1) << 23,
a2f577fc	104	SETTING_EPHEMERAL = UINT64_C(1) << 24,
de40a303 LP	105	SETTING_SLICE = UINT64_C(1) << 25,
	106	SETTING_DIRECTORY = UINT64_C(1) << 26,
	107	SETTING_USE_CGNS = UINT64_C(1) << 27,
	108	SETTING_CLONE_NS_FLAGS = UINT64_C(1) << 28,
	109	SETTING_CONSOLE_MODE = UINT64_C(1) << 29,
	110	SETTING_RLIMIT_FIRST = UINT64_C(1) << 30, /* we define one bit per resource limit here */
	111	SETTING_RLIMIT_LAST = UINT64_C(1) << (30 + _RLIMIT_MAX - 1),
	112	_SETTINGS_MASK_ALL = (UINT64_C(1) << (30 + _RLIMIT_MAX)) -1,
f728ab17	113	_SETTING_FORCE_ENUM_WIDTH = UINT64_MAX
f757855e LP	114	} SettingsMask;
f757855e LP	115
b49c6ca0 ZJS	116	/* We want to use SETTING_RLIMIT_FIRST in shifts, so make sure it is really 64 bits
	117	* when used in expressions. */
	118	#define SETTING_RLIMIT_FIRST ((uint64_t) SETTING_RLIMIT_FIRST)
	119	#define SETTING_RLIMIT_LAST ((uint64_t) SETTING_RLIMIT_LAST)
	120
	121	assert_cc(sizeof(SettingsMask) == 8);
	122	assert_cc(sizeof(SETTING_RLIMIT_FIRST) == 8);
	123	assert_cc(sizeof(SETTING_RLIMIT_LAST) == 8);
	124
de40a303 LP	125	typedef struct DeviceNode {
	126	char *path;
	127	unsigned major;
	128	unsigned minor;
	129	mode_t mode;
	130	uid_t uid;
	131	gid_t gid;
	132	} DeviceNode;
	133
	134	typedef struct OciHook {
	135	char *path;
	136	char **args;
	137	char **env;
	138	usec_t timeout;
	139	} OciHook;
	140
f757855e LP	141	typedef struct Settings {
f757855e LP	142	/* [Run] */
7732f92b	143	StartMode start_mode;
a2f577fc	144	bool ephemeral;
f757855e LP	145	char **parameters;
	146	char **environment;
	147	char *user;
	148	uint64_t capability;
	149	uint64_t drop_capability;
	150	int kill_signal;
	151	unsigned long personality;
	152	sd_id128_t machine_id;
5f932eb9	153	char *working_directory;
b53ede69 PW	154	char *pivot_root_new;
b53ede69 PW	155	char *pivot_root_old;
0de7acce LP	156	UserNamespaceMode userns_mode;
0de7acce LP	157	uid_t uid_shift, uid_range;
9c1e04d0	158	bool notify_ready;
960e4569 LP	159	char **syscall_whitelist;
960e4569 LP	160	char **syscall_blacklist;
bf428efb	161	struct rlimit *rlimit[_RLIMIT_MAX];
3a9530e5	162	char *hostname;
66edd963	163	int no_new_privileges;
81f345df LP	164	int oom_score_adjust;
81f345df LP	165	bool oom_score_adjust_set;
d107bb7d LP	166	cpu_set_t *cpuset;
d107bb7d LP	167	unsigned cpuset_ncpus;
09d423e9	168	ResolvConfMode resolv_conf;
4e1d6aa9 LP	169	LinkJournal link_journal;
4e1d6aa9 LP	170	bool link_journal_try;
1688841f	171	TimezoneMode timezone;
f757855e LP	172
	173	/* [Image] */
	174	int read_only;
	175	VolatileMode volatile_mode;
	176	CustomMount *custom_mounts;
88614c8a	177	size_t n_custom_mounts;
0de7acce	178	int userns_chown;
f757855e LP	179
	180	/* [Network] */
	181	int private_network;
	182	int network_veth;
	183	char *network_bridge;
22b28dfd	184	char *network_zone;
f757855e LP	185	char **network_interfaces;
	186	char **network_macvlan;
	187	char **network_ipvlan;
f6d6bad1	188	char **network_veth_extra;
f757855e	189	ExposePort *expose_ports;
de40a303 LP	190
	191	/* Additional fields, that are specific to OCI runtime case */
	192	char *bundle;
	193	char *root;
	194	OciHook oci_hooks_prestart, oci_hooks_poststart, *oci_hooks_poststop;
	195	size_t n_oci_hooks_prestart, n_oci_hooks_poststart, n_oci_hooks_poststop;
	196	char *slice;
	197	sd_bus_message *properties;
	198	CapabilityQuintet full_capabilities;
	199	uid_t uid;
	200	gid_t gid;
	201	gid_t *supplementary_gids;
	202	size_t n_supplementary_gids;
	203	unsigned console_width, console_height;
	204	ConsoleMode console_mode;
	205	DeviceNode *extra_nodes;
	206	size_t n_extra_nodes;
	207	unsigned long clone_ns_flags;
	208	char *network_namespace_path;
	209	int use_cgns;
	210	char **sysctl;
	211	#if HAVE_SECCOMP
	212	scmp_filter_ctx seccomp;
	213	#endif
f757855e LP	214	} Settings;
f757855e LP	215
de40a303	216	Settings *settings_new(void);
f757855e LP	217	int settings_load(FILE f, const char path, Settings **ret);
	218	Settings* settings_free(Settings *s);
	219
0e265674 LP	220	bool settings_network_veth(Settings *s);
0e265674 LP	221	bool settings_private_network(Settings *s);
de40a303	222	int settings_allocate_properties(Settings *s);
0e265674	223
f757855e LP	224	DEFINE_TRIVIAL_CLEANUP_FUNC(Settings*, settings_free);
f757855e LP	225
c9f7b4d3	226	const struct ConfigPerfItem* nspawn_gperf_lookup(const char *key, GPERF_LEN_TYPE length);
f757855e	227
a2106925 LP	228	CONFIG_PARSER_PROTOTYPE(config_parse_capability);
	229	CONFIG_PARSER_PROTOTYPE(config_parse_id128);
	230	CONFIG_PARSER_PROTOTYPE(config_parse_expose_port);
	231	CONFIG_PARSER_PROTOTYPE(config_parse_volatile_mode);
	232	CONFIG_PARSER_PROTOTYPE(config_parse_pivot_root);
	233	CONFIG_PARSER_PROTOTYPE(config_parse_bind);
	234	CONFIG_PARSER_PROTOTYPE(config_parse_tmpfs);
	235	CONFIG_PARSER_PROTOTYPE(config_parse_overlay);
de40a303	236	CONFIG_PARSER_PROTOTYPE(config_parse_inaccessible);
a2106925 LP	237	CONFIG_PARSER_PROTOTYPE(config_parse_veth_extra);
	238	CONFIG_PARSER_PROTOTYPE(config_parse_network_zone);
	239	CONFIG_PARSER_PROTOTYPE(config_parse_boot);
	240	CONFIG_PARSER_PROTOTYPE(config_parse_pid2);
	241	CONFIG_PARSER_PROTOTYPE(config_parse_private_users);
	242	CONFIG_PARSER_PROTOTYPE(config_parse_syscall_filter);
	243	CONFIG_PARSER_PROTOTYPE(config_parse_hostname);
	244	CONFIG_PARSER_PROTOTYPE(config_parse_oom_score_adjust);
	245	CONFIG_PARSER_PROTOTYPE(config_parse_cpu_affinity);
09d423e9	246	CONFIG_PARSER_PROTOTYPE(config_parse_resolv_conf);
4e1d6aa9	247	CONFIG_PARSER_PROTOTYPE(config_parse_link_journal);
1688841f	248	CONFIG_PARSER_PROTOTYPE(config_parse_timezone);
09d423e9 LP	249
	250	const char *resolv_conf_mode_to_string(ResolvConfMode a) _const_;
	251	ResolvConfMode resolv_conf_mode_from_string(const char *s) _pure_;
4e1d6aa9	252
1688841f LP	253	const char *timezone_mode_to_string(TimezoneMode a) _const_;
	254	TimezoneMode timezone_mode_from_string(const char *s) _pure_;
	255
4e1d6aa9	256	int parse_link_journal(const char s, LinkJournal ret_mode, bool *ret_try);
de40a303	257
b2645747	258	void device_node_array_free(DeviceNode *node, size_t n);