nspawn: add --console=autopipe mode

By default we'll run a container in --console=interactive and
--console=read-only mode depending if we are invoked on a tty or not so
that the container always gets a /dev/console allocated, i.e is always
suitable to run a full init system /as those typically expect a
/dev/console to exist).

With the new --console=autopipe mode we do something similar, but
slightly different: when not invoked on a tty we'll use --console=pipe.
This means, if you invoke some tool in a container with this you'll get
full inetractivity if you invoke it on a tty but things will also be
very nicely pipeable. OTOH you cannot invoke a full init system like
this, because you might or might not become a /dev/console this way...

Prompted-by: #17070
(I named this "autopipe" rather than "auto" or so, since the default
mode probably should be named "auto" one day if we add a name for it,
and this is so similar to "auto" except that it uses pipes in the
non-tty case).

diff --git a/man/systemd-nspawn.xml b/man/systemd-nspawn.xml
index 1e7e6a82d53e20c4fb4473a11c568ab5ff2cc99a..c8fbb01d007a25e3840011596c7053a9d3f0f12c 100644 (file)
--- a/man/systemd-nspawn.xml
+++ b/man/systemd-nspawn.xml
@@ -1370,15 +1370,18 @@
 
         <listitem><para>Configures how to set up standard input, output and error output for the container
         payload, as well as the <filename>/dev/console</filename> device for the container. Takes one of
-        <option>interactive</option>, <option>read-only</option>, <option>passive</option>, or
-        <option>pipe</option>. If <option>interactive</option>, a pseudo-TTY is allocated and made available
-        as <filename>/dev/console</filename> in the container. It is then bi-directionally connected to the
-        standard input and output passed to <command>systemd-nspawn</command>. <option>read-only</option> is
-        similar but only the output of the container is propagated and no input from the caller is read. If
-        <option>passive</option>, a pseudo TTY is allocated, but it is not connected anywhere. Finally, in
-        <option>pipe</option> mode no pseudo TTY is allocated, but the standard input, output and error
-        output file descriptors passed to <command>systemd-nspawn</command> are passed on — as they are — to
-        the container payload, see the following paragraph. Defaults to <option>interactive</option> if
+        <option>interactive</option>, <option>read-only</option>, <option>passive</option>,
+        <option>pipe</option> or <option>autopipe</option>. If <option>interactive</option>, a pseudo-TTY is
+        allocated and made available as <filename>/dev/console</filename> in the container. It is then
+        bi-directionally connected to the standard input and output passed to
+        <command>systemd-nspawn</command>. <option>read-only</option> is similar but only the output of the
+        container is propagated and no input from the caller is read. If <option>passive</option>, a pseudo
+        TTY is allocated, but it is not connected anywhere. In <option>pipe</option> mode no pseudo TTY is
+        allocated, but the standard input, output and error output file descriptors passed to
+        <command>systemd-nspawn</command> are passed on — as they are — to the container payload, see the
+        following paragraph. Finally, <option>autopipe</option> mode operates like
+        <option>interactive</option> when <command>systemd-nspawn</command> is invoked on a terminal, and
+        like <option>pipe</option> otherwise. Defaults to <option>interactive</option> if
         <command>systemd-nspawn</command> is invoked from a terminal, and <option>read-only</option>
         otherwise.</para>
 

diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index 282f12d9c141ba019949cb36660a32da6a47360b..11a82090b0980b2e662a138c3e08a1a262a9c6d3 100644 (file)
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -256,10 +256,11 @@ STATIC_DESTRUCTOR_REGISTER(arg_sysctl, strv_freep);
 
 static int handle_arg_console(const char *arg) {
         if (streq(arg, "help")) {
-                puts("interactive\n"
-                     "read-only\n"
+                puts("autopipe\n"
+                     "interactive\n"
                      "passive\n"
-                     "pipe");
+                     "pipe\n"
+                     "read-only");
                 return 0;
         }
 
@@ -277,6 +278,11 @@ static int handle_arg_console(const char *arg) {
                                  "Proceeding anyway.");
 
                 arg_console_mode = CONSOLE_PIPE;
+        } else if (streq(arg, "autopipe")) {
+                if (isatty(STDIN_FILENO) > 0 && isatty(STDOUT_FILENO) > 0)
+                        arg_console_mode = CONSOLE_INTERACTIVE;
+                else
+                        arg_console_mode = CONSOLE_PIPE;
         } else
                 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Unknown console mode: %s", optarg);