src/nspawn/nspawn-settings.c

   1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
   2
   3 /***
   4   This file is part of systemd.
   5
   6   Copyright 2015 Lennart Poettering
   7
   8   systemd is free software; you can redistribute it and/or modify it
   9   under the terms of the GNU Lesser General Public License as published by
  10   the Free Software Foundation; either version 2.1 of the License, or
  11   (at your option) any later version.
  12
  13   systemd is distributed in the hope that it will be useful, but
  14   WITHOUT ANY WARRANTY; without even the implied warranty of
  15   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  16   Lesser General Public License for more details.
  17
  18   You should have received a copy of the GNU Lesser General Public License
  19   along with systemd; If not, see <http://www.gnu.org/licenses/>.
  20 ***/
  21
  22 #include "alloc-util.h"
  23 #include "cap-list.h"
  24 #include "conf-parser.h"
  25 #include "nspawn-settings.h"
  26 #include "process-util.h"
  27 #include "strv.h"
  28 #include "util.h"
  29
  30 int settings_load(FILE *f, const char *path, Settings **ret) {
  31         _cleanup_(settings_freep) Settings *s = NULL;
  32         int r;
  33
  34         assert(path);
  35         assert(ret);
  36
  37         s = new0(Settings, 1);
  38         if (!s)
  39                 return -ENOMEM;
  40
  41         s->boot = -1;
  42         s->personality = PERSONALITY_INVALID;
  43
  44         s->read_only = -1;
  45         s->volatile_mode = _VOLATILE_MODE_INVALID;
  46
  47         s->private_network = -1;
  48         s->network_veth = -1;
  49
  50         r = config_parse(NULL, path, f,
  51                          "Exec\0"
  52                          "Network\0"
  53                          "Files\0",
  54                          config_item_perf_lookup, nspawn_gperf_lookup,
  55                          false,
  56                          false,
  57                          true,
  58                          s);
  59         if (r < 0)
  60                 return r;
  61
  62         *ret = s;
  63         s = NULL;
  64
  65         return 0;
  66 }
  67
  68 Settings* settings_free(Settings *s) {
  69
  70         if (!s)
  71                 return NULL;
  72
  73         strv_free(s->parameters);
  74         strv_free(s->environment);
  75         free(s->user);
  76
  77         strv_free(s->network_interfaces);
  78         strv_free(s->network_macvlan);
  79         strv_free(s->network_ipvlan);
  80         free(s->network_bridge);
  81         expose_port_free_all(s->expose_ports);
  82
  83         custom_mount_free_all(s->custom_mounts, s->n_custom_mounts);
  84         free(s);
  85
  86         return NULL;
  87 }
  88
  89 bool settings_private_network(Settings *s) {
  90         assert(s);
  91
  92         return
  93                 s->private_network > 0 ||
  94                 s->network_veth > 0 ||
  95                 s->network_bridge ||
  96                 s->network_interfaces ||
  97                 s->network_macvlan ||
  98                 s->network_ipvlan;
  99 }
 100
 101 bool settings_network_veth(Settings *s) {
 102         assert(s);
 103
 104         return
 105                 s->network_veth > 0 ||
 106                 s->network_bridge;
 107 }
 108
 109 DEFINE_CONFIG_PARSE_ENUM(config_parse_volatile_mode, volatile_mode, VolatileMode, "Failed to parse volatile mode");
 110
 111 int config_parse_expose_port(
 112                 const char *unit,
 113                 const char *filename,
 114                 unsigned line,
 115                 const char *section,
 116                 unsigned section_line,
 117                 const char *lvalue,
 118                 int ltype,
 119                 const char *rvalue,
 120                 void *data,
 121                 void *userdata) {
 122
 123         Settings *s = data;
 124         int r;
 125
 126         assert(filename);
 127         assert(lvalue);
 128         assert(rvalue);
 129
 130         r = expose_port_parse(&s->expose_ports, rvalue);
 131         if (r == -EEXIST) {
 132                 log_syntax(unit, LOG_ERR, filename, line, r, "Duplicate port specification, ignoring: %s", rvalue);
 133                 return 0;
 134         }
 135         if (r < 0) {
 136                 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse host port %s: %m", rvalue);
 137                 return 0;
 138         }
 139
 140         return 0;
 141 }
 142
 143 int config_parse_capability(
 144                 const char *unit,
 145                 const char *filename,
 146                 unsigned line,
 147                 const char *section,
 148                 unsigned section_line,
 149                 const char *lvalue,
 150                 int ltype,
 151                 const char *rvalue,
 152                 void *data,
 153                 void *userdata) {
 154
 155         uint64_t u = 0, *result = data;
 156         int r;
 157
 158         assert(filename);
 159         assert(lvalue);
 160         assert(rvalue);
 161
 162         for (;;) {
 163                 _cleanup_free_ char *word = NULL;
 164                 int cap;
 165
 166                 r = extract_first_word(&rvalue, &word, NULL, 0);
 167                 if (r < 0) {
 168                         log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract capability string, ignoring: %s", rvalue);
 169                         return 0;
 170                 }
 171                 if (r == 0)
 172                         break;
 173
 174                 cap = capability_from_name(word);
 175                 if (cap < 0) {
 176                         log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse capability, ignoring: %s", word);
 177                         continue;
 178                 }
 179
 180                 u |= 1 << ((uint64_t) cap);
 181         }
 182
 183         if (u == 0)
 184                 return 0;
 185
 186         *result |= u;
 187         return 0;
 188 }
 189
 190 int config_parse_id128(
 191                 const char *unit,
 192                 const char *filename,
 193                 unsigned line,
 194                 const char *section,
 195                 unsigned section_line,
 196                 const char *lvalue,
 197                 int ltype,
 198                 const char *rvalue,
 199                 void *data,
 200                 void *userdata) {
 201
 202         sd_id128_t t, *result = data;
 203         int r;
 204
 205         assert(filename);
 206         assert(lvalue);
 207         assert(rvalue);
 208
 209         r = sd_id128_from_string(rvalue, &t);
 210         if (r < 0) {
 211                 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse 128bit ID/UUID, ignoring: %s", rvalue);
 212                 return 0;
 213         }
 214
 215         *result = t;
 216         return 0;
 217 }
 218
 219 int config_parse_bind(
 220                 const char *unit,
 221                 const char *filename,
 222                 unsigned line,
 223                 const char *section,
 224                 unsigned section_line,
 225                 const char *lvalue,
 226                 int ltype,
 227                 const char *rvalue,
 228                 void *data,
 229                 void *userdata) {
 230
 231         Settings *settings = data;
 232         int r;
 233
 234         assert(filename);
 235         assert(lvalue);
 236         assert(rvalue);
 237
 238         r = bind_mount_parse(&settings->custom_mounts, &settings->n_custom_mounts, rvalue, ltype);
 239         if (r < 0) {
 240                 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid bind mount specification %s: %m", rvalue);
 241                 return 0;
 242         }
 243
 244         return 0;
 245 }
 246
 247 int config_parse_tmpfs(
 248                 const char *unit,
 249                 const char *filename,
 250                 unsigned line,
 251                 const char *section,
 252                 unsigned section_line,
 253                 const char *lvalue,
 254                 int ltype,
 255                 const char *rvalue,
 256                 void *data,
 257                 void *userdata) {
 258
 259         Settings *settings = data;
 260         int r;
 261
 262         assert(filename);
 263         assert(lvalue);
 264         assert(rvalue);
 265
 266         r = tmpfs_mount_parse(&settings->custom_mounts, &settings->n_custom_mounts, rvalue);
 267         if (r < 0) {
 268                 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid temporary file system specification %s: %m", rvalue);
 269                 return 0;
 270         }
 271
 272         if (settings->network_bridge)
 273                 settings->network_veth = true;
 274
 275         if (settings->network_interfaces ||
 276             settings->network_macvlan ||
 277             settings->network_ipvlan ||
 278             settings->network_bridge ||
 279             settings->network_veth)
 280                 settings->private_network = true;
 281
 282         return 0;
 283 }