Move lxc_attach from namespace.c to attach.c and rename it to lxc_attach_to_ns

Since lxc-attach helper functions now have an own source file, lxc_attach is
moved from namespace.c to attach.c and is renamed to lxc_attach_to_ns,
because that better reflects what the function does (attaching to a
container can also contain the setting of the process's personality, adding
it to the corresponding cgroups and dropping specific capabilities).

Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>

diff --git a/src/lxc/attach.c b/src/lxc/attach.c
index 254b18544fbd5d1665b47f7a80ffdc30856132db..33da4114c27f79df58df03ff77d915c633005347 100644 (file)
--- a/src/lxc/attach.c
+++ b/src/lxc/attach.c
@@ -226,6 +226,41 @@ int lxc_attach_proc_to_cgroups(pid_t pid, struct lxc_proc_context_info *ctx)
        return 0;
 }
 
+int lxc_attach_to_ns(pid_t pid)
+{
+       char path[MAXPATHLEN];
+       char *ns[] = { "pid", "mnt", "net", "ipc", "uts" };
+       const int size = sizeof(ns) / sizeof(char *);
+       int fd[size];
+       int i;
+
+       snprintf(path, MAXPATHLEN, "/proc/%d/ns", pid);
+       if (access(path, X_OK)) {
+               ERROR("Does this kernel version support 'attach' ?");
+               return -1;
+       }
+
+       for (i = 0; i < size; i++) {
+               snprintf(path, MAXPATHLEN, "/proc/%d/ns/%s", pid, ns[i]);
+               fd[i] = open(path, O_RDONLY);
+               if (fd[i] < 0) {
+                       SYSERROR("failed to open '%s'", path);
+                       return -1;
+               }
+       }
+
+       for (i = 0; i < size; i++) {
+               if (setns(fd[i], 0)) {
+                       SYSERROR("failed to set namespace '%s'", ns[i]);
+                       return -1;
+               }
+
+               close(fd[i]);
+       }
+
+       return 0;
+}
+
 int lxc_attach_drop_privs(struct lxc_proc_context_info *ctx)
 {
        int last_cap = lxc_caps_last_cap();

diff --git a/src/lxc/attach.h b/src/lxc/attach.h
index 7e67455267f25d2a62b8c349e24ee86de3ab9386..d2b7533f6200f8845e029c75519f5e5cb2438015 100644 (file)
--- a/src/lxc/attach.h
+++ b/src/lxc/attach.h
@@ -42,6 +42,7 @@ extern struct lxc_proc_context_info *lxc_proc_get_context_info(pid_t pid);
 extern void lxc_proc_free_context_info(struct lxc_proc_context_info *info);
 
 extern int lxc_attach_proc_to_cgroups(pid_t pid, struct lxc_proc_context_info *ctx);
+extern int lxc_attach_to_ns(pid_t other_pid);
 extern int lxc_attach_drop_privs(struct lxc_proc_context_info *ctx);
 
 #endif

diff --git a/src/lxc/lxc_attach.c b/src/lxc/lxc_attach.c
index ed3d5a420671f2d0061cd41a2208c837cd823d06..c8643d1640a93cac3fa43a0a8921b803c55932af 100644 (file)
--- a/src/lxc/lxc_attach.c
+++ b/src/lxc/lxc_attach.c
@@ -30,9 +30,9 @@
 #include <sys/types.h>
 #include <sys/wait.h>
 
+#include "attach.h"
 #include "commands.h"
 #include "arguments.h"
-#include "namespace.h"
 #include "caps.h"
 #include "log.h"
 
@@ -85,7 +85,7 @@ int main(int argc, char *argv[], char *envp[])
 
        curdir = get_current_dir_name();
 
-       ret = lxc_attach(pid);
+       ret = lxc_attach_to_ns(pid);
        if (ret < 0) {
                ERROR("failed to enter the namespace");
                return -1;

diff --git a/src/lxc/namespace.c b/src/lxc/namespace.c
index 6512685d0ec455519100343588774e1d938b9fca..3e6fc3aad54f842ab16d35bc3d8521c65e973d7b 100644 (file)
--- a/src/lxc/namespace.c
+++ b/src/lxc/namespace.c
@@ -34,8 +34,6 @@
 #include "namespace.h"
 #include "log.h"
 
-#include "setns.h"
-
 lxc_log_define(lxc_namespace, lxc);
 
 struct clone_arg {
@@ -43,16 +41,6 @@ struct clone_arg {
        void *arg;
 };
 
-int setns(int fd, int nstype)
-{
-#ifndef __NR_setns
-       errno = ENOSYS;
-       return -1;
-#else
-       return syscall(__NR_setns, fd, nstype);
-#endif
-}
-
 static int do_clone(void *arg)
 {
        struct clone_arg *clone_arg = arg;
@@ -81,38 +69,3 @@ pid_t lxc_clone(int (*fn)(void *), void *arg, int flags)
 
        return ret;
 }
-
-int lxc_attach(pid_t pid)
-{
-       char path[MAXPATHLEN];
-       char *ns[] = { "pid", "mnt", "net", "ipc", "uts" };
-       const int size = sizeof(ns) / sizeof(char *);
-       int fd[size];
-       int i;
-
-       sprintf(path, "/proc/%d/ns", pid);
-       if (access(path, X_OK)) {
-               ERROR("Does this kernel version support 'attach' ?");
-               return -1;
-       }
-
-       for (i = 0; i < size; i++) {
-               sprintf(path, "/proc/%d/ns/%s", pid, ns[i]);
-               fd[i] = open(path, O_RDONLY);
-               if (fd[i] < 0) {
-                       SYSERROR("failed to open '%s'", path);
-                       return -1;
-               }
-       }
-
-       for (i = 0; i < size; i++) {
-               if (setns(fd[i], 0)) {
-                       SYSERROR("failed to set namespace '%s'", ns[i]);
-                       return -1;
-               }
-
-               close(fd[i]);
-       }
-
-       return 0;
-}

diff --git a/src/lxc/namespace.h b/src/lxc/namespace.h
index 9c6b7ec2bb4c627c58cc9995f7117703a12d74f4..5442dd3b7eecea22509f0f4949c957232b29354c 100644 (file)
--- a/src/lxc/namespace.h
+++ b/src/lxc/namespace.h
@@ -49,6 +49,5 @@
 #endif
 
 extern pid_t lxc_clone(int (*fn)(void *), void *arg, int flags);
-extern int lxc_attach(pid_t pid);
 
 #endif