machined: support allocating a scope for machines if needed via varlink

On dbus we have two apis: one for registering a new machne when the
client already has a cgroup (RegisterMachine()) and one where it doesn't
and machined shall create it (CreateMachine()).

Let's add the same for the varlink api. To simplify things we just
implement it via a boolean flag to the existign RegisterMachine()
varlink call, since the differences are mostly minor otherwise.

diff --git a/src/machine/machine-varlink.c b/src/machine/machine-varlink.c
index ea300d71deeb97dfe6040a2add632c25ff6b9052..5b3538d416f3cb7b0f07a0ea40748a93004970c6 100644 (file)
--- a/src/machine/machine-varlink.c
+++ b/src/machine/machine-varlink.c
@@ -127,16 +127,17 @@ int vl_method_register(Varlink *link, sd_json_variant *parameters, VarlinkMethod
         int r;
 
         static const sd_json_dispatch_field dispatch_table[] = {
-                { "name",              SD_JSON_VARIANT_STRING,   machine_name,            offsetof(Machine, name),                 SD_JSON_MANDATORY },
-                { "id",                SD_JSON_VARIANT_STRING,   sd_json_dispatch_id128,  offsetof(Machine, id),                   0                 },
-                { "service",           SD_JSON_VARIANT_STRING,   sd_json_dispatch_string, offsetof(Machine, service),              0                 },
-                { "class",             SD_JSON_VARIANT_STRING,   dispatch_machine_class,  offsetof(Machine, class),                SD_JSON_MANDATORY },
-                { "leader",            SD_JSON_VARIANT_UNSIGNED, machine_leader,          offsetof(Machine, leader),               0                 },
-                { "rootDirectory",     SD_JSON_VARIANT_STRING,   json_dispatch_path,      offsetof(Machine, root_directory),       0                 },
-                { "ifIndices",         SD_JSON_VARIANT_ARRAY,    machine_ifindices,       0,                                       0                 },
-                { "vSockCid",          SD_JSON_VARIANT_UNSIGNED, machine_cid,             offsetof(Machine, vsock_cid),            0                 },
-                { "sshAddress",        SD_JSON_VARIANT_STRING,   sd_json_dispatch_string, offsetof(Machine, ssh_address),          SD_JSON_STRICT    },
-                { "sshPrivateKeyPath", SD_JSON_VARIANT_STRING,   json_dispatch_path,      offsetof(Machine, ssh_private_key_path), 0                 },
+                { "name",              SD_JSON_VARIANT_STRING,   machine_name,             offsetof(Machine, name),                 SD_JSON_MANDATORY },
+                { "id",                SD_JSON_VARIANT_STRING,   sd_json_dispatch_id128,   offsetof(Machine, id),                   0                 },
+                { "service",           SD_JSON_VARIANT_STRING,   sd_json_dispatch_string,  offsetof(Machine, service),              0                 },
+                { "class",             SD_JSON_VARIANT_STRING,   dispatch_machine_class,   offsetof(Machine, class),                SD_JSON_MANDATORY },
+                { "leader",            SD_JSON_VARIANT_UNSIGNED, machine_leader,           offsetof(Machine, leader),               0                 },
+                { "rootDirectory",     SD_JSON_VARIANT_STRING,   json_dispatch_path,       offsetof(Machine, root_directory),       0                 },
+                { "ifIndices",         SD_JSON_VARIANT_ARRAY,    machine_ifindices,        0,                                       0                 },
+                { "vSockCid",          SD_JSON_VARIANT_UNSIGNED, machine_cid,              offsetof(Machine, vsock_cid),            0                 },
+                { "sshAddress",        SD_JSON_VARIANT_STRING,   sd_json_dispatch_string,  offsetof(Machine, ssh_address),          SD_JSON_STRICT    },
+                { "sshPrivateKeyPath", SD_JSON_VARIANT_STRING,   json_dispatch_path,       offsetof(Machine, ssh_private_key_path), 0                 },
+                { "allocateUnit",      SD_JSON_VARIANT_BOOLEAN,  sd_json_dispatch_stdbool, offsetof(Machine, allocate_unit),        0                 },
                 VARLINK_DISPATCH_POLKIT_FIELD,
                 {}
         };
@@ -171,11 +172,13 @@ int vl_method_register(Varlink *link, sd_json_variant *parameters, VarlinkMethod
         if (r < 0)
                 return r;
 
-        r = cg_pidref_get_unit(&machine->leader, &machine->unit);
-        if (r < 0)
-                return r;
+        if (!machine->allocate_unit) {
+                r = cg_pidref_get_unit(&machine->leader, &machine->unit);
+                if (r < 0)
+                        return r;
+        }
 
-        r = machine_start(machine, NULL, NULL);
+        r = machine_start(machine, /* properties= */ NULL, /* error= */ NULL);
         if (r < 0)
                 return r;
 

diff --git a/src/machine/machine.h b/src/machine/machine.h
index 8f1feda14befb3a157ad85e3b4ca6b06785adb38..157ac0bb6d91531e4798e82b5b8fed37be7251cc 100644 (file)
--- a/src/machine/machine.h
+++ b/src/machine/machine.h
@@ -57,6 +57,7 @@ struct Machine {
         bool started:1;
         bool stopping:1;
         bool referenced:1;
+        bool allocate_unit;
 
         sd_bus_message *create_message;
 

diff --git a/src/shared/varlink-io.systemd.Machine.c b/src/shared/varlink-io.systemd.Machine.c
index 76eaf7d13c7968fa552a272cee31ec8388be8c38..9c9b8570b6ebbbe69981a580cb7746ba8ecbc6d0 100644 (file)
--- a/src/shared/varlink-io.systemd.Machine.c
+++ b/src/shared/varlink-io.systemd.Machine.c
@@ -15,6 +15,8 @@ static VARLINK_DEFINE_METHOD(
                 VARLINK_DEFINE_INPUT(vSockCid,          VARLINK_INT,    VARLINK_NULLABLE),
                 VARLINK_DEFINE_INPUT(sshAddress,        VARLINK_STRING, VARLINK_NULLABLE),
                 VARLINK_DEFINE_INPUT(sshPrivateKeyPath, VARLINK_STRING, VARLINK_NULLABLE),
+                VARLINK_FIELD_COMMENT("Controls whether to allocate a scope unit for the machine to register. If false, the client already took care of that and registered a service/scope specific to the machine."),
+                VARLINK_DEFINE_INPUT(allocateUnit,      VARLINK_BOOL,   VARLINK_NULLABLE),
                 VARLINK_FIELD_COMMENT("Whether to allow interactive authentication on this operation."),
                 VARLINK_DEFINE_INPUT(allowInteractiveAuthentication, VARLINK_BOOL, VARLINK_NULLABLE));