return ret;
}
+int lxc_try_cmd(const char *name, const char *lxcpath)
+{
+ int stopped, ret;
+ struct lxc_cmd_rr cmd = {
+ .req = { .cmd = LXC_CMD_GET_INIT_PID },
+ };
+
+ ret = lxc_cmd(name, &cmd, &stopped, lxcpath);
+
+ if (stopped)
+ return 0;
+ if (ret > 0 && cmd.rsp.ret < 0) {
+ errno = cmd.rsp.ret;
+ return -1;
+ }
+ if (ret > 0)
+ return 0;
+
+ /*
+ * At this point we weren't denied access, and the
+ * container *was* started. There was some inexplicable
+ * error in the protocol.
+ * I'm not clear on whether we should return -1 here, but
+ * we didn't receive a -EACCES, so technically it's not that
+ * we're not allowed to control the container - it's just not
+ * behaving.
+ */
+ return 0;
+}
+
/* Implentations of the commands and their callbacks */
/*
const char *lxcpath);
extern int lxc_cmd_mainloop_add(const char *name, struct lxc_epoll_descr *descr,
struct lxc_handler *handler);
+extern int lxc_try_cmd(const char *name, const char *lxcpath);
#endif /* __commands_h */
return b;
}
+static bool lxcapi_may_control(struct lxc_container *c)
+{
+ return lxc_try_cmd(c->name, c->config_path) == 0;
+}
+
static int lxcapi_attach_run_waitl(struct lxc_container *c, lxc_attach_options_t *options, const char *program, const char *arg, ...)
{
va_list ap;
c->snapshot = lxcapi_snapshot;
c->snapshot_list = lxcapi_snapshot_list;
c->snapshot_restore = lxcapi_snapshot_restore;
+ c->may_control = lxcapi_may_control;
/* we'll allow the caller to update these later */
if (lxc_log_init(NULL, "none", NULL, "lxc_container", 0, c->config_path)) {
* Returns true on success, false on failure.
*/
bool (*snapshot_restore)(struct lxc_container *c, char *snapname, char *newname);
+
+ /*
+ * Return false if there is a control socket for the container monitor,
+ * and the caller may not access it. Return true otherwise.
+ */
+ bool (*may_control)(struct lxc_container *c);
};
struct lxc_snapshot {
lxc_usernic_test_CFLAGS = -DISTEST
lxc_test_snapshot_SOURCES = snapshot.c
lxc_test_concurrent_SOURCES = concurrent.c
+lxc_test_may_control_SOURCES = may_control.c
AM_CFLAGS=-I$(top_srcdir)/src \
-DLXCROOTFSMOUNT=\"$(LXCROOTFSMOUNT)\" \
lxc-test-destroytest lxc-test-saveconfig lxc-test-createtest \
lxc-test-shutdowntest lxc-test-get_item lxc-test-getkeys lxc-test-lxcpath \
lxc-test-cgpath lxc-test-clonetest lxc-test-console lxc-usernic-test \
- lxc-test-snapshot lxc-test-concurrent
+ lxc-test-snapshot lxc-test-concurrent lxc-test-may-control
bin_SCRIPTS = lxc-test-usernic
console.c \
lxc-test-usernic \
snapshot.c \
- concurrent.c
+ concurrent.c \
+ may_control.c
--- /dev/null
+/* control.c
+ *
+ * Copyright © 2013 Canonical, Inc
+ * Author: Serge Hallyn <serge.hallyn@ubuntu.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2, as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <lxc/lxccontainer.h>
+
+void usage(char *me)
+{
+ printf("Usage: %s name [lxcpath]\n", me);
+ exit(0);
+}
+
+int main(int argc, char *argv[])
+{
+ char *lxcpath = NULL, *name;
+ bool may = false;
+ struct lxc_container *c;
+
+ if (argc < 2)
+ usage(argv[0]);
+ name = argv[1];
+ if (argc == 3)
+ lxcpath = argv[2];
+ c = lxc_container_new(name, lxcpath);
+ if (c)
+ may = c->may_control(c);
+ printf("You may%s control %s\n", may ? "" : " not", name);
+ exit(may ? 0 : 1);
+}
projects / thirdparty / lxc.git / commitdiff
