]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/libsystemd/sd-bus/bus-container.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #1192 from poettering/sd-bus-container
[thirdparty/systemd.git] / src / libsystemd / sd-bus / bus-container.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4 This file is part of systemd.
5
6 Copyright 2013 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #include <unistd.h>
23 #include <fcntl.h>
24
25 #include "util.h"
26 #include "process-util.h"
27 #include "bus-internal.h"
28 #include "bus-socket.h"
29 #include "bus-container.h"
30
31 int bus_container_connect_socket(sd_bus *b) {
32 _cleanup_close_pair_ int pair[2] = { -1, -1 };
33 _cleanup_close_ int pidnsfd = -1, mntnsfd = -1, usernsfd = -1, rootfd = -1;
34 pid_t child;
35 siginfo_t si;
36 int r, error_buf = 0;
37 ssize_t n;
38
39 assert(b);
40 assert(b->input_fd < 0);
41 assert(b->output_fd < 0);
42 assert(b->nspid > 0 || b->machine);
43
44 if (b->nspid <= 0) {
45 r = container_get_leader(b->machine, &b->nspid);
46 if (r < 0)
47 return r;
48 }
49
50 r = namespace_open(b->nspid, &pidnsfd, &mntnsfd, NULL, &usernsfd, &rootfd);
51 if (r < 0)
52 return r;
53
54 b->input_fd = socket(b->sockaddr.sa.sa_family, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
55 if (b->input_fd < 0)
56 return -errno;
57
58 b->output_fd = b->input_fd;
59
60 bus_socket_setup(b);
61
62 if (socketpair(AF_UNIX, SOCK_SEQPACKET, 0, pair) < 0)
63 return -errno;
64
65 child = fork();
66 if (child < 0)
67 return -errno;
68
69 if (child == 0) {
70 pid_t grandchild;
71
72 pair[0] = safe_close(pair[0]);
73
74 r = namespace_enter(pidnsfd, mntnsfd, -1, usernsfd, rootfd);
75 if (r < 0)
76 _exit(EXIT_FAILURE);
77
78 /* We just changed PID namespace, however it will only
79 * take effect on the children we now fork. Hence,
80 * let's fork another time, and connect from this
81 * grandchild, so that SO_PEERCRED of our connection
82 * comes from a process from within the container, and
83 * not outside of it */
84
85 grandchild = fork();
86 if (grandchild < 0)
87 _exit(EXIT_FAILURE);
88
89 if (grandchild == 0) {
90
91 r = connect(b->input_fd, &b->sockaddr.sa, b->sockaddr_size);
92 if (r < 0) {
93 /* Try to send error up */
94 error_buf = errno;
95 (void) write(pair[1], &error_buf, sizeof(error_buf));
96 _exit(EXIT_FAILURE);
97 }
98
99 _exit(EXIT_SUCCESS);
100 }
101
102 r = wait_for_terminate(grandchild, &si);
103 if (r < 0)
104 _exit(EXIT_FAILURE);
105
106 if (si.si_code != CLD_EXITED)
107 _exit(EXIT_FAILURE);
108
109 _exit(si.si_status);
110 }
111
112 pair[1] = safe_close(pair[1]);
113
114 r = wait_for_terminate(child, &si);
115 if (r < 0)
116 return r;
117
118 n = read(pair[0], &error_buf, sizeof(error_buf));
119 if (n < 0)
120 return -errno;
121
122 if (n > 0) {
123 if (n != sizeof(error_buf))
124 return -EIO;
125
126 if (error_buf < 0)
127 return -EIO;
128
129 if (error_buf == EINPROGRESS)
130 return 1;
131
132 if (error_buf > 0)
133 return -error_buf;
134 }
135
136 if (si.si_code != CLD_EXITED)
137 return -EIO;
138
139 if (si.si_status != EXIT_SUCCESS)
140 return -EIO;
141
142 return bus_socket_start_auth(b);
143 }
144
145 int bus_container_connect_kernel(sd_bus *b) {
146 _cleanup_close_pair_ int pair[2] = { -1, -1 };
147 _cleanup_close_ int pidnsfd = -1, mntnsfd = -1, usernsfd = -1, rootfd = -1;
148 union {
149 struct cmsghdr cmsghdr;
150 uint8_t buf[CMSG_SPACE(sizeof(int))];
151 } control = {};
152 int error_buf = 0;
153 struct iovec iov = {
154 .iov_base = &error_buf,
155 .iov_len = sizeof(error_buf),
156 };
157 struct msghdr mh = {
158 .msg_control = &control,
159 .msg_controllen = sizeof(control),
160 .msg_iov = &iov,
161 .msg_iovlen = 1,
162 };
163 struct cmsghdr *cmsg;
164 pid_t child;
165 siginfo_t si;
166 int r, fd = -1;
167 ssize_t n;
168
169 assert(b);
170 assert(b->input_fd < 0);
171 assert(b->output_fd < 0);
172 assert(b->nspid > 0 || b->machine);
173
174 if (b->nspid <= 0) {
175 r = container_get_leader(b->machine, &b->nspid);
176 if (r < 0)
177 return r;
178 }
179
180 r = namespace_open(b->nspid, &pidnsfd, &mntnsfd, NULL, &usernsfd, &rootfd);
181 if (r < 0)
182 return r;
183
184 if (socketpair(AF_UNIX, SOCK_SEQPACKET, 0, pair) < 0)
185 return -errno;
186
187 child = fork();
188 if (child < 0)
189 return -errno;
190
191 if (child == 0) {
192 pid_t grandchild;
193
194 pair[0] = safe_close(pair[0]);
195
196 r = namespace_enter(pidnsfd, mntnsfd, -1, usernsfd, rootfd);
197 if (r < 0)
198 _exit(EXIT_FAILURE);
199
200 /* We just changed PID namespace, however it will only
201 * take effect on the children we now fork. Hence,
202 * let's fork another time, and connect from this
203 * grandchild, so that kdbus only sees the credentials
204 * of this process which comes from within the
205 * container, and not outside of it */
206
207 grandchild = fork();
208 if (grandchild < 0)
209 _exit(EXIT_FAILURE);
210
211 if (grandchild == 0) {
212 fd = open(b->kernel, O_RDWR|O_NOCTTY|O_CLOEXEC);
213 if (fd < 0) {
214 /* Try to send error up */
215 error_buf = errno;
216 (void) write(pair[1], &error_buf, sizeof(error_buf));
217 _exit(EXIT_FAILURE);
218 }
219
220 cmsg = CMSG_FIRSTHDR(&mh);
221 cmsg->cmsg_level = SOL_SOCKET;
222 cmsg->cmsg_type = SCM_RIGHTS;
223 cmsg->cmsg_len = CMSG_LEN(sizeof(int));
224 memcpy(CMSG_DATA(cmsg), &fd, sizeof(int));
225
226 mh.msg_controllen = cmsg->cmsg_len;
227
228 if (sendmsg(pair[1], &mh, MSG_NOSIGNAL) < 0)
229 _exit(EXIT_FAILURE);
230
231 _exit(EXIT_SUCCESS);
232 }
233
234 r = wait_for_terminate(grandchild, &si);
235 if (r < 0)
236 _exit(EXIT_FAILURE);
237
238 if (si.si_code != CLD_EXITED)
239 _exit(EXIT_FAILURE);
240
241 _exit(si.si_status);
242 }
243
244 pair[1] = safe_close(pair[1]);
245
246 r = wait_for_terminate(child, &si);
247 if (r < 0)
248 return r;
249
250 n = recvmsg(pair[0], &mh, MSG_NOSIGNAL|MSG_CMSG_CLOEXEC);
251 if (n < 0)
252 return -errno;
253
254 CMSG_FOREACH(cmsg, &mh) {
255 if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) {
256 int *fds;
257 unsigned n_fds;
258
259 assert(fd < 0);
260
261 fds = (int*) CMSG_DATA(cmsg);
262 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
263
264 if (n_fds != 1) {
265 close_many(fds, n_fds);
266 return -EIO;
267 }
268
269 fd = fds[0];
270 }
271 }
272
273 /* If there's an fd passed, we are good. */
274 if (fd >= 0) {
275 b->input_fd = b->output_fd = fd;
276 return bus_kernel_take_fd(b);
277 }
278
279 /* If there's an error passed, use it */
280 if (n == sizeof(error_buf) && error_buf > 0)
281 return -error_buf;
282
283 /* Otherwise, we have no clue */
284 return -EIO;
285 }
Unnamed repository; edit this file 'description' to name the repository.