From: Christian Seiler Date: Thu, 23 Feb 2012 08:57:14 +0000 (+0100) Subject: Move lxc_attach from namespace.c to attach.c and rename it to lxc_attach_to_ns X-Git-Tag: lxc-0.8.0-rc2~43 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=99d509541d82f247b3225d243fff5359574817ff;p=thirdparty%2Flxc.git Move lxc_attach from namespace.c to attach.c and rename it to lxc_attach_to_ns Since lxc-attach helper functions now have an own source file, lxc_attach is moved from namespace.c to attach.c and is renamed to lxc_attach_to_ns, because that better reflects what the function does (attaching to a container can also contain the setting of the process's personality, adding it to the corresponding cgroups and dropping specific capabilities). Signed-off-by: Daniel Lezcano --- diff --git a/src/lxc/attach.c b/src/lxc/attach.c index 254b18544..33da4114c 100644 --- a/src/lxc/attach.c +++ b/src/lxc/attach.c @@ -226,6 +226,41 @@ int lxc_attach_proc_to_cgroups(pid_t pid, struct lxc_proc_context_info *ctx) return 0; } +int lxc_attach_to_ns(pid_t pid) +{ + char path[MAXPATHLEN]; + char *ns[] = { "pid", "mnt", "net", "ipc", "uts" }; + const int size = sizeof(ns) / sizeof(char *); + int fd[size]; + int i; + + snprintf(path, MAXPATHLEN, "/proc/%d/ns", pid); + if (access(path, X_OK)) { + ERROR("Does this kernel version support 'attach' ?"); + return -1; + } + + for (i = 0; i < size; i++) { + snprintf(path, MAXPATHLEN, "/proc/%d/ns/%s", pid, ns[i]); + fd[i] = open(path, O_RDONLY); + if (fd[i] < 0) { + SYSERROR("failed to open '%s'", path); + return -1; + } + } + + for (i = 0; i < size; i++) { + if (setns(fd[i], 0)) { + SYSERROR("failed to set namespace '%s'", ns[i]); + return -1; + } + + close(fd[i]); + } + + return 0; +} + int lxc_attach_drop_privs(struct lxc_proc_context_info *ctx) { int last_cap = lxc_caps_last_cap(); diff --git a/src/lxc/attach.h b/src/lxc/attach.h index 7e6745526..d2b7533f6 100644 --- a/src/lxc/attach.h +++ b/src/lxc/attach.h @@ -42,6 +42,7 @@ extern struct lxc_proc_context_info *lxc_proc_get_context_info(pid_t pid); extern void lxc_proc_free_context_info(struct lxc_proc_context_info *info); extern int lxc_attach_proc_to_cgroups(pid_t pid, struct lxc_proc_context_info *ctx); +extern int lxc_attach_to_ns(pid_t other_pid); extern int lxc_attach_drop_privs(struct lxc_proc_context_info *ctx); #endif diff --git a/src/lxc/lxc_attach.c b/src/lxc/lxc_attach.c index ed3d5a420..c8643d164 100644 --- a/src/lxc/lxc_attach.c +++ b/src/lxc/lxc_attach.c @@ -30,9 +30,9 @@ #include #include +#include "attach.h" #include "commands.h" #include "arguments.h" -#include "namespace.h" #include "caps.h" #include "log.h" @@ -85,7 +85,7 @@ int main(int argc, char *argv[], char *envp[]) curdir = get_current_dir_name(); - ret = lxc_attach(pid); + ret = lxc_attach_to_ns(pid); if (ret < 0) { ERROR("failed to enter the namespace"); return -1; diff --git a/src/lxc/namespace.c b/src/lxc/namespace.c index 6512685d0..3e6fc3aad 100644 --- a/src/lxc/namespace.c +++ b/src/lxc/namespace.c @@ -34,8 +34,6 @@ #include "namespace.h" #include "log.h" -#include "setns.h" - lxc_log_define(lxc_namespace, lxc); struct clone_arg { @@ -43,16 +41,6 @@ struct clone_arg { void *arg; }; -int setns(int fd, int nstype) -{ -#ifndef __NR_setns - errno = ENOSYS; - return -1; -#else - return syscall(__NR_setns, fd, nstype); -#endif -} - static int do_clone(void *arg) { struct clone_arg *clone_arg = arg; @@ -81,38 +69,3 @@ pid_t lxc_clone(int (*fn)(void *), void *arg, int flags) return ret; } - -int lxc_attach(pid_t pid) -{ - char path[MAXPATHLEN]; - char *ns[] = { "pid", "mnt", "net", "ipc", "uts" }; - const int size = sizeof(ns) / sizeof(char *); - int fd[size]; - int i; - - sprintf(path, "/proc/%d/ns", pid); - if (access(path, X_OK)) { - ERROR("Does this kernel version support 'attach' ?"); - return -1; - } - - for (i = 0; i < size; i++) { - sprintf(path, "/proc/%d/ns/%s", pid, ns[i]); - fd[i] = open(path, O_RDONLY); - if (fd[i] < 0) { - SYSERROR("failed to open '%s'", path); - return -1; - } - } - - for (i = 0; i < size; i++) { - if (setns(fd[i], 0)) { - SYSERROR("failed to set namespace '%s'", ns[i]); - return -1; - } - - close(fd[i]); - } - - return 0; -} diff --git a/src/lxc/namespace.h b/src/lxc/namespace.h index 9c6b7ec2b..5442dd3b7 100644 --- a/src/lxc/namespace.h +++ b/src/lxc/namespace.h @@ -49,6 +49,5 @@ #endif extern pid_t lxc_clone(int (*fn)(void *), void *arg, int flags); -extern int lxc_attach(pid_t pid); #endif