2020-11-09 05:23:58 +01:00
|
|
|
/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
2015-09-07 18:36:05 +02:00
|
|
|
|
|
|
|
#include "sd-bus.h"
|
|
|
|
|
|
|
|
#include "bus-error.h"
|
2020-06-28 15:59:37 +02:00
|
|
|
#include "bus-locator.h"
|
2016-04-20 17:43:13 +02:00
|
|
|
#include "bus-unit-util.h"
|
2015-10-26 22:01:44 +01:00
|
|
|
#include "bus-util.h"
|
2019-03-06 19:38:45 +01:00
|
|
|
#include "bus-wait-for-jobs.h"
|
2015-09-07 18:36:05 +02:00
|
|
|
#include "nspawn-register.h"
|
2018-05-02 14:24:39 +02:00
|
|
|
#include "special.h"
|
2015-10-26 22:01:44 +01:00
|
|
|
#include "stat-util.h"
|
|
|
|
#include "strv.h"
|
|
|
|
#include "util.h"
|
2015-09-07 18:36:05 +02:00
|
|
|
|
2017-06-28 19:22:46 +02:00
|
|
|
static int append_machine_properties(
|
|
|
|
sd_bus_message *m,
|
|
|
|
CustomMount *mounts,
|
|
|
|
unsigned n_mounts,
|
2018-06-13 17:36:54 +02:00
|
|
|
int kill_signal) {
|
2017-06-28 19:22:46 +02:00
|
|
|
|
|
|
|
unsigned j;
|
|
|
|
int r;
|
|
|
|
|
|
|
|
assert(m);
|
|
|
|
|
|
|
|
r = sd_bus_message_append(m, "(sv)", "DevicePolicy", "s", "closed");
|
|
|
|
if (r < 0)
|
|
|
|
return bus_log_create_error(r);
|
|
|
|
|
|
|
|
/* If you make changes here, also make sure to update systemd-nspawn@.service, to keep the device policies in
|
|
|
|
* sync regardless if we are run with or without the --keep-unit switch. */
|
|
|
|
r = sd_bus_message_append(m, "(sv)", "DeviceAllow", "a(ss)", 2,
|
|
|
|
/* Allow the container to
|
|
|
|
* access and create the API
|
|
|
|
* device nodes, so that
|
|
|
|
* PrivateDevices= in the
|
|
|
|
* container can work
|
|
|
|
* fine */
|
|
|
|
"/dev/net/tun", "rwm",
|
|
|
|
/* Allow the container
|
|
|
|
* access to ptys. However,
|
|
|
|
* do not permit the
|
|
|
|
* container to ever create
|
|
|
|
* these device nodes. */
|
|
|
|
"char-pts", "rw");
|
|
|
|
if (r < 0)
|
|
|
|
return bus_log_create_error(r);
|
|
|
|
|
|
|
|
for (j = 0; j < n_mounts; j++) {
|
|
|
|
CustomMount *cm = mounts + j;
|
|
|
|
|
|
|
|
if (cm->type != CUSTOM_MOUNT_BIND)
|
|
|
|
continue;
|
|
|
|
|
|
|
|
r = is_device_node(cm->source);
|
|
|
|
if (r == -ENOENT) {
|
|
|
|
/* The bind source might only appear as the image is put together, hence don't complain */
|
|
|
|
log_debug_errno(r, "Bind mount source %s not found, ignoring: %m", cm->source);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if (r < 0)
|
|
|
|
return log_error_errno(r, "Failed to stat %s: %m", cm->source);
|
|
|
|
|
|
|
|
if (r) {
|
|
|
|
r = sd_bus_message_append(m, "(sv)", "DeviceAllow", "a(ss)", 1,
|
|
|
|
cm->source, cm->read_only ? "r" : "rw");
|
|
|
|
if (r < 0)
|
|
|
|
return log_error_errno(r, "Failed to append message arguments: %m");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (kill_signal != 0) {
|
|
|
|
r = sd_bus_message_append(m, "(sv)", "KillSignal", "i", kill_signal);
|
|
|
|
if (r < 0)
|
|
|
|
return bus_log_create_error(r);
|
|
|
|
|
|
|
|
r = sd_bus_message_append(m, "(sv)", "KillMode", "s", "mixed");
|
|
|
|
if (r < 0)
|
|
|
|
return bus_log_create_error(r);
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2017-11-23 19:27:47 +01:00
|
|
|
static int append_controller_property(sd_bus *bus, sd_bus_message *m) {
|
|
|
|
const char *unique;
|
|
|
|
int r;
|
|
|
|
|
|
|
|
assert(bus);
|
|
|
|
assert(m);
|
|
|
|
|
|
|
|
r = sd_bus_get_unique_name(bus, &unique);
|
|
|
|
if (r < 0)
|
|
|
|
return log_error_errno(r, "Failed to get unique name: %m");
|
|
|
|
|
|
|
|
r = sd_bus_message_append(m, "(sv)", "Controller", "s", unique);
|
|
|
|
if (r < 0)
|
|
|
|
return bus_log_create_error(r);
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2015-09-07 18:36:05 +02:00
|
|
|
int register_machine(
|
2017-11-23 19:27:47 +01:00
|
|
|
sd_bus *bus,
|
2015-09-07 18:36:05 +02:00
|
|
|
const char *machine_name,
|
|
|
|
pid_t pid,
|
|
|
|
const char *directory,
|
|
|
|
sd_id128_t uuid,
|
|
|
|
int local_ifindex,
|
|
|
|
const char *slice,
|
|
|
|
CustomMount *mounts,
|
|
|
|
unsigned n_mounts,
|
|
|
|
int kill_signal,
|
|
|
|
char **properties,
|
nspawn: add support for executing OCI runtime bundles with nspawn
This is a pretty large patch, and adds support for OCI runtime bundles
to nspawn. A new switch --oci-bundle= is added that takes a path to an
OCI bundle. The JSON file included therein is read similar to a .nspawn
settings files, however with a different feature set.
Implementation-wise this mostly extends the pre-existing Settings object
to carry additional properties for OCI. However, OCI supports some
concepts .nspawn files did not support yet, which this patch also adds:
1. Support for "masking" files and directories. This functionatly is now
also available via the new --inaccesible= cmdline command, and
Inaccessible= in .nspawn files.
2. Support for mounting arbitrary file systems. (not exposed through
nspawn cmdline nor .nspawn files, because probably not a good idea)
3. Ability to configure the console settings for a container. This
functionality is now also available on the nspawn cmdline in the new
--console= switch (not added to .nspawn for now, as it is something
specific to the invocation really, not a property of the container)
4. Console width/height configuration. Not exposed through
.nspawn/cmdline, but this may be controlled through $COLUMNS and
$LINES like in most other UNIX tools.
5. UID/GID configuration by raw numbers. (not exposed in .nspawn and on
the cmdline, since containers likely have different user tables, and
the existing --user= switch appears to be the better option)
6. OCI hook commands (no exposed in .nspawn/cmdline, as very specific to
OCI)
7. Creation of additional devices nodes in /dev. Most likely not a good
idea, hence not exposed in .nspawn/cmdline. There's already --bind=
to achieve the same, which is the better alternative.
8. Explicit syscall filters. This is not a good idea, due to the skewed
arch support, hence not exposed through .nspawn/cmdline.
9. Configuration of some sysctls on a whitelist. Questionnable, not
supported in .nspawn/cmdline for now.
10. Configuration of all 5 types of capabilities. Not a useful concept,
since the kernel will reduce the caps on execve() anyway. Not
exposed through .nspawn/cmdline as this is not very useful hence.
Note that this only implements the OCI runtime logic itself. It does not
provide a runc-compatible command line tool. This is left for a later
PR. Only with that in place tools such as "buildah" can use the OCI
support in nspawn as drop-in replacement.
Currently still missing is OCI hook support, but it's already parsed and
everything, and should be easy to add. Other than that it's OCI is
implemented pretty comprehensively.
There's a list of incompatibilities in the nspawn-oci.c file. In a later
PR I'd like to convert this into proper markdown and add it to the
documentation directory.
2018-04-25 11:23:37 +02:00
|
|
|
sd_bus_message *properties_message,
|
2015-11-09 11:32:34 +01:00
|
|
|
bool keep_unit,
|
|
|
|
const char *service) {
|
2015-09-07 18:36:05 +02:00
|
|
|
|
tree-wide: expose "p"-suffix unref calls in public APIs to make gcc cleanup easy
GLIB has recently started to officially support the gcc cleanup
attribute in its public API, hence let's do the same for our APIs.
With this patch we'll define an xyz_unrefp() call for each public
xyz_unref() call, to make it easy to use inside a
__attribute__((cleanup())) expression. Then, all code is ported over to
make use of this.
The new calls are also documented in the man pages, with examples how to
use them (well, I only added docs where the _unref() call itself already
had docs, and the examples, only cover sd_bus_unrefp() and
sd_event_unrefp()).
This also renames sd_lldp_free() to sd_lldp_unref(), since that's how we
tend to call our destructors these days.
Note that this defines no public macro that wraps gcc's attribute and
makes it easier to use. While I think it's our duty in the library to
make our stuff easy to use, I figure it's not our duty to make gcc's own
features easy to use on its own. Most likely, client code which wants to
make use of this should define its own:
#define _cleanup_(function) __attribute__((cleanup(function)))
Or similar, to make the gcc feature easier to use.
Making this logic public has the benefit that we can remove three header
files whose only purpose was to define these functions internally.
See #2008.
2015-11-27 19:13:45 +01:00
|
|
|
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
|
2015-09-07 18:36:05 +02:00
|
|
|
int r;
|
|
|
|
|
2017-11-23 19:27:47 +01:00
|
|
|
assert(bus);
|
2015-09-07 18:36:05 +02:00
|
|
|
|
|
|
|
if (keep_unit) {
|
2020-05-03 08:18:27 +02:00
|
|
|
r = bus_call_method(
|
2015-09-07 18:36:05 +02:00
|
|
|
bus,
|
2020-05-03 08:18:27 +02:00
|
|
|
bus_machine_mgr,
|
2015-09-07 18:36:05 +02:00
|
|
|
"RegisterMachineWithNetwork",
|
|
|
|
&error,
|
|
|
|
NULL,
|
|
|
|
"sayssusai",
|
|
|
|
machine_name,
|
|
|
|
SD_BUS_MESSAGE_APPEND_ID128(uuid),
|
2015-11-09 11:32:34 +01:00
|
|
|
service,
|
2015-09-07 18:36:05 +02:00
|
|
|
"container",
|
|
|
|
(uint32_t) pid,
|
|
|
|
strempty(directory),
|
|
|
|
local_ifindex > 0 ? 1 : 0, local_ifindex);
|
|
|
|
} else {
|
tree-wide: expose "p"-suffix unref calls in public APIs to make gcc cleanup easy
GLIB has recently started to officially support the gcc cleanup
attribute in its public API, hence let's do the same for our APIs.
With this patch we'll define an xyz_unrefp() call for each public
xyz_unref() call, to make it easy to use inside a
__attribute__((cleanup())) expression. Then, all code is ported over to
make use of this.
The new calls are also documented in the man pages, with examples how to
use them (well, I only added docs where the _unref() call itself already
had docs, and the examples, only cover sd_bus_unrefp() and
sd_event_unrefp()).
This also renames sd_lldp_free() to sd_lldp_unref(), since that's how we
tend to call our destructors these days.
Note that this defines no public macro that wraps gcc's attribute and
makes it easier to use. While I think it's our duty in the library to
make our stuff easy to use, I figure it's not our duty to make gcc's own
features easy to use on its own. Most likely, client code which wants to
make use of this should define its own:
#define _cleanup_(function) __attribute__((cleanup(function)))
Or similar, to make the gcc feature easier to use.
Making this logic public has the benefit that we can remove three header
files whose only purpose was to define these functions internally.
See #2008.
2015-11-27 19:13:45 +01:00
|
|
|
_cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
|
2015-09-07 18:36:05 +02:00
|
|
|
|
2020-05-03 08:18:27 +02:00
|
|
|
r = bus_message_new_method_call(bus, &m, bus_machine_mgr, "CreateMachineWithNetwork");
|
2015-09-07 18:36:05 +02:00
|
|
|
if (r < 0)
|
|
|
|
return bus_log_create_error(r);
|
|
|
|
|
|
|
|
r = sd_bus_message_append(
|
|
|
|
m,
|
|
|
|
"sayssusai",
|
|
|
|
machine_name,
|
|
|
|
SD_BUS_MESSAGE_APPEND_ID128(uuid),
|
2015-11-09 11:32:34 +01:00
|
|
|
service,
|
2015-09-07 18:36:05 +02:00
|
|
|
"container",
|
|
|
|
(uint32_t) pid,
|
|
|
|
strempty(directory),
|
|
|
|
local_ifindex > 0 ? 1 : 0, local_ifindex);
|
|
|
|
if (r < 0)
|
|
|
|
return bus_log_create_error(r);
|
|
|
|
|
|
|
|
r = sd_bus_message_open_container(m, 'a', "(sv)");
|
|
|
|
if (r < 0)
|
|
|
|
return bus_log_create_error(r);
|
|
|
|
|
|
|
|
if (!isempty(slice)) {
|
|
|
|
r = sd_bus_message_append(m, "(sv)", "Slice", "s", slice);
|
|
|
|
if (r < 0)
|
|
|
|
return bus_log_create_error(r);
|
|
|
|
}
|
|
|
|
|
2017-11-23 19:27:47 +01:00
|
|
|
r = append_controller_property(bus, m);
|
|
|
|
if (r < 0)
|
|
|
|
return r;
|
|
|
|
|
2017-06-28 19:22:46 +02:00
|
|
|
r = append_machine_properties(
|
|
|
|
m,
|
|
|
|
mounts,
|
|
|
|
n_mounts,
|
2018-06-13 17:36:54 +02:00
|
|
|
kill_signal);
|
2015-09-07 18:36:05 +02:00
|
|
|
if (r < 0)
|
2017-06-28 19:22:46 +02:00
|
|
|
return r;
|
2015-09-07 18:36:05 +02:00
|
|
|
|
nspawn: add support for executing OCI runtime bundles with nspawn
This is a pretty large patch, and adds support for OCI runtime bundles
to nspawn. A new switch --oci-bundle= is added that takes a path to an
OCI bundle. The JSON file included therein is read similar to a .nspawn
settings files, however with a different feature set.
Implementation-wise this mostly extends the pre-existing Settings object
to carry additional properties for OCI. However, OCI supports some
concepts .nspawn files did not support yet, which this patch also adds:
1. Support for "masking" files and directories. This functionatly is now
also available via the new --inaccesible= cmdline command, and
Inaccessible= in .nspawn files.
2. Support for mounting arbitrary file systems. (not exposed through
nspawn cmdline nor .nspawn files, because probably not a good idea)
3. Ability to configure the console settings for a container. This
functionality is now also available on the nspawn cmdline in the new
--console= switch (not added to .nspawn for now, as it is something
specific to the invocation really, not a property of the container)
4. Console width/height configuration. Not exposed through
.nspawn/cmdline, but this may be controlled through $COLUMNS and
$LINES like in most other UNIX tools.
5. UID/GID configuration by raw numbers. (not exposed in .nspawn and on
the cmdline, since containers likely have different user tables, and
the existing --user= switch appears to be the better option)
6. OCI hook commands (no exposed in .nspawn/cmdline, as very specific to
OCI)
7. Creation of additional devices nodes in /dev. Most likely not a good
idea, hence not exposed in .nspawn/cmdline. There's already --bind=
to achieve the same, which is the better alternative.
8. Explicit syscall filters. This is not a good idea, due to the skewed
arch support, hence not exposed through .nspawn/cmdline.
9. Configuration of some sysctls on a whitelist. Questionnable, not
supported in .nspawn/cmdline for now.
10. Configuration of all 5 types of capabilities. Not a useful concept,
since the kernel will reduce the caps on execve() anyway. Not
exposed through .nspawn/cmdline as this is not very useful hence.
Note that this only implements the OCI runtime logic itself. It does not
provide a runc-compatible command line tool. This is left for a later
PR. Only with that in place tools such as "buildah" can use the OCI
support in nspawn as drop-in replacement.
Currently still missing is OCI hook support, but it's already parsed and
everything, and should be easy to add. Other than that it's OCI is
implemented pretty comprehensively.
There's a list of incompatibilities in the nspawn-oci.c file. In a later
PR I'd like to convert this into proper markdown and add it to the
documentation directory.
2018-04-25 11:23:37 +02:00
|
|
|
if (properties_message) {
|
|
|
|
r = sd_bus_message_copy(m, properties_message, true);
|
|
|
|
if (r < 0)
|
|
|
|
return bus_log_create_error(r);
|
|
|
|
}
|
|
|
|
|
2017-12-23 08:59:56 +01:00
|
|
|
r = bus_append_unit_property_assignment_many(m, UNIT_SERVICE, properties);
|
2016-08-05 18:32:42 +02:00
|
|
|
if (r < 0)
|
|
|
|
return r;
|
2015-09-07 18:36:05 +02:00
|
|
|
|
|
|
|
r = sd_bus_message_close_container(m);
|
|
|
|
if (r < 0)
|
|
|
|
return bus_log_create_error(r);
|
|
|
|
|
|
|
|
r = sd_bus_call(bus, m, 0, &error, NULL);
|
|
|
|
}
|
|
|
|
|
2018-08-07 03:14:30 +02:00
|
|
|
if (r < 0)
|
|
|
|
return log_error_errno(r, "Failed to register machine: %s", bus_error_message(&error, r));
|
2015-09-07 18:36:05 +02:00
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2019-10-29 09:47:57 +01:00
|
|
|
int unregister_machine(
|
2018-10-05 22:54:57 +02:00
|
|
|
sd_bus *bus,
|
|
|
|
const char *machine_name) {
|
|
|
|
|
tree-wide: expose "p"-suffix unref calls in public APIs to make gcc cleanup easy
GLIB has recently started to officially support the gcc cleanup
attribute in its public API, hence let's do the same for our APIs.
With this patch we'll define an xyz_unrefp() call for each public
xyz_unref() call, to make it easy to use inside a
__attribute__((cleanup())) expression. Then, all code is ported over to
make use of this.
The new calls are also documented in the man pages, with examples how to
use them (well, I only added docs where the _unref() call itself already
had docs, and the examples, only cover sd_bus_unrefp() and
sd_event_unrefp()).
This also renames sd_lldp_free() to sd_lldp_unref(), since that's how we
tend to call our destructors these days.
Note that this defines no public macro that wraps gcc's attribute and
makes it easier to use. While I think it's our duty in the library to
make our stuff easy to use, I figure it's not our duty to make gcc's own
features easy to use on its own. Most likely, client code which wants to
make use of this should define its own:
#define _cleanup_(function) __attribute__((cleanup(function)))
Or similar, to make the gcc feature easier to use.
Making this logic public has the benefit that we can remove three header
files whose only purpose was to define these functions internally.
See #2008.
2015-11-27 19:13:45 +01:00
|
|
|
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
|
2015-09-07 18:36:05 +02:00
|
|
|
int r;
|
|
|
|
|
2017-11-23 19:27:47 +01:00
|
|
|
assert(bus);
|
2015-09-07 18:36:05 +02:00
|
|
|
|
2020-05-03 08:18:27 +02:00
|
|
|
r = bus_call_method(bus, bus_machine_mgr, "UnregisterMachine", &error, NULL, "s", machine_name);
|
2018-08-07 03:14:30 +02:00
|
|
|
if (r < 0)
|
2019-10-29 09:47:57 +01:00
|
|
|
log_debug("Failed to unregister machine: %s", bus_error_message(&error, r));
|
2015-09-07 18:36:05 +02:00
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
2017-06-28 19:22:46 +02:00
|
|
|
|
|
|
|
int allocate_scope(
|
2017-11-23 19:27:47 +01:00
|
|
|
sd_bus *bus,
|
2017-06-28 19:22:46 +02:00
|
|
|
const char *machine_name,
|
|
|
|
pid_t pid,
|
|
|
|
const char *slice,
|
|
|
|
CustomMount *mounts,
|
|
|
|
unsigned n_mounts,
|
|
|
|
int kill_signal,
|
nspawn: add support for executing OCI runtime bundles with nspawn
This is a pretty large patch, and adds support for OCI runtime bundles
to nspawn. A new switch --oci-bundle= is added that takes a path to an
OCI bundle. The JSON file included therein is read similar to a .nspawn
settings files, however with a different feature set.
Implementation-wise this mostly extends the pre-existing Settings object
to carry additional properties for OCI. However, OCI supports some
concepts .nspawn files did not support yet, which this patch also adds:
1. Support for "masking" files and directories. This functionatly is now
also available via the new --inaccesible= cmdline command, and
Inaccessible= in .nspawn files.
2. Support for mounting arbitrary file systems. (not exposed through
nspawn cmdline nor .nspawn files, because probably not a good idea)
3. Ability to configure the console settings for a container. This
functionality is now also available on the nspawn cmdline in the new
--console= switch (not added to .nspawn for now, as it is something
specific to the invocation really, not a property of the container)
4. Console width/height configuration. Not exposed through
.nspawn/cmdline, but this may be controlled through $COLUMNS and
$LINES like in most other UNIX tools.
5. UID/GID configuration by raw numbers. (not exposed in .nspawn and on
the cmdline, since containers likely have different user tables, and
the existing --user= switch appears to be the better option)
6. OCI hook commands (no exposed in .nspawn/cmdline, as very specific to
OCI)
7. Creation of additional devices nodes in /dev. Most likely not a good
idea, hence not exposed in .nspawn/cmdline. There's already --bind=
to achieve the same, which is the better alternative.
8. Explicit syscall filters. This is not a good idea, due to the skewed
arch support, hence not exposed through .nspawn/cmdline.
9. Configuration of some sysctls on a whitelist. Questionnable, not
supported in .nspawn/cmdline for now.
10. Configuration of all 5 types of capabilities. Not a useful concept,
since the kernel will reduce the caps on execve() anyway. Not
exposed through .nspawn/cmdline as this is not very useful hence.
Note that this only implements the OCI runtime logic itself. It does not
provide a runc-compatible command line tool. This is left for a later
PR. Only with that in place tools such as "buildah" can use the OCI
support in nspawn as drop-in replacement.
Currently still missing is OCI hook support, but it's already parsed and
everything, and should be easy to add. Other than that it's OCI is
implemented pretty comprehensively.
There's a list of incompatibilities in the nspawn-oci.c file. In a later
PR I'd like to convert this into proper markdown and add it to the
documentation directory.
2018-04-25 11:23:37 +02:00
|
|
|
char **properties,
|
|
|
|
sd_bus_message *properties_message) {
|
2017-06-28 19:22:46 +02:00
|
|
|
|
2018-10-05 22:56:20 +02:00
|
|
|
_cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL, *reply = NULL;
|
2017-06-28 19:22:46 +02:00
|
|
|
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
|
2017-07-03 07:59:49 +02:00
|
|
|
_cleanup_(bus_wait_for_jobs_freep) BusWaitForJobs *w = NULL;
|
2017-06-28 19:22:46 +02:00
|
|
|
_cleanup_free_ char *scope = NULL;
|
2017-07-03 07:59:49 +02:00
|
|
|
const char *description, *object;
|
2017-06-28 19:22:46 +02:00
|
|
|
int r;
|
|
|
|
|
2017-11-23 19:27:47 +01:00
|
|
|
assert(bus);
|
2017-06-28 19:22:46 +02:00
|
|
|
|
2017-07-03 07:59:49 +02:00
|
|
|
r = bus_wait_for_jobs_new(bus, &w);
|
|
|
|
if (r < 0)
|
|
|
|
return log_error_errno(r, "Could not watch job: %m");
|
|
|
|
|
2019-10-24 14:09:11 +02:00
|
|
|
r = unit_name_mangle_with_suffix(machine_name, "as machine name", 0, ".scope", &scope);
|
2017-06-28 19:22:46 +02:00
|
|
|
if (r < 0)
|
|
|
|
return log_error_errno(r, "Failed to mangle scope name: %m");
|
|
|
|
|
2020-05-03 08:18:27 +02:00
|
|
|
r = bus_message_new_method_call(bus, &m, bus_systemd_mgr, "StartTransientUnit");
|
2017-06-28 19:22:46 +02:00
|
|
|
if (r < 0)
|
|
|
|
return bus_log_create_error(r);
|
|
|
|
|
|
|
|
r = sd_bus_message_append(m, "ss", scope, "fail");
|
|
|
|
if (r < 0)
|
|
|
|
return bus_log_create_error(r);
|
|
|
|
|
|
|
|
/* Properties */
|
|
|
|
r = sd_bus_message_open_container(m, 'a', "(sv)");
|
|
|
|
if (r < 0)
|
|
|
|
return bus_log_create_error(r);
|
|
|
|
|
|
|
|
description = strjoina("Container ", machine_name);
|
|
|
|
|
2018-10-05 22:56:40 +02:00
|
|
|
r = sd_bus_message_append(m, "(sv)(sv)(sv)(sv)(sv)(sv)",
|
2017-06-28 19:22:46 +02:00
|
|
|
"PIDs", "au", 1, pid,
|
|
|
|
"Description", "s", description,
|
|
|
|
"Delegate", "b", 1,
|
2018-10-05 22:56:40 +02:00
|
|
|
"CollectMode", "s", "inactive-or-failed",
|
|
|
|
"AddRef", "b", 1,
|
2018-05-02 14:24:39 +02:00
|
|
|
"Slice", "s", isempty(slice) ? SPECIAL_MACHINE_SLICE : slice);
|
2017-06-28 19:22:46 +02:00
|
|
|
if (r < 0)
|
|
|
|
return bus_log_create_error(r);
|
|
|
|
|
2017-11-23 19:27:47 +01:00
|
|
|
r = append_controller_property(bus, m);
|
|
|
|
if (r < 0)
|
|
|
|
return r;
|
|
|
|
|
nspawn: add support for executing OCI runtime bundles with nspawn
This is a pretty large patch, and adds support for OCI runtime bundles
to nspawn. A new switch --oci-bundle= is added that takes a path to an
OCI bundle. The JSON file included therein is read similar to a .nspawn
settings files, however with a different feature set.
Implementation-wise this mostly extends the pre-existing Settings object
to carry additional properties for OCI. However, OCI supports some
concepts .nspawn files did not support yet, which this patch also adds:
1. Support for "masking" files and directories. This functionatly is now
also available via the new --inaccesible= cmdline command, and
Inaccessible= in .nspawn files.
2. Support for mounting arbitrary file systems. (not exposed through
nspawn cmdline nor .nspawn files, because probably not a good idea)
3. Ability to configure the console settings for a container. This
functionality is now also available on the nspawn cmdline in the new
--console= switch (not added to .nspawn for now, as it is something
specific to the invocation really, not a property of the container)
4. Console width/height configuration. Not exposed through
.nspawn/cmdline, but this may be controlled through $COLUMNS and
$LINES like in most other UNIX tools.
5. UID/GID configuration by raw numbers. (not exposed in .nspawn and on
the cmdline, since containers likely have different user tables, and
the existing --user= switch appears to be the better option)
6. OCI hook commands (no exposed in .nspawn/cmdline, as very specific to
OCI)
7. Creation of additional devices nodes in /dev. Most likely not a good
idea, hence not exposed in .nspawn/cmdline. There's already --bind=
to achieve the same, which is the better alternative.
8. Explicit syscall filters. This is not a good idea, due to the skewed
arch support, hence not exposed through .nspawn/cmdline.
9. Configuration of some sysctls on a whitelist. Questionnable, not
supported in .nspawn/cmdline for now.
10. Configuration of all 5 types of capabilities. Not a useful concept,
since the kernel will reduce the caps on execve() anyway. Not
exposed through .nspawn/cmdline as this is not very useful hence.
Note that this only implements the OCI runtime logic itself. It does not
provide a runc-compatible command line tool. This is left for a later
PR. Only with that in place tools such as "buildah" can use the OCI
support in nspawn as drop-in replacement.
Currently still missing is OCI hook support, but it's already parsed and
everything, and should be easy to add. Other than that it's OCI is
implemented pretty comprehensively.
There's a list of incompatibilities in the nspawn-oci.c file. In a later
PR I'd like to convert this into proper markdown and add it to the
documentation directory.
2018-04-25 11:23:37 +02:00
|
|
|
if (properties_message) {
|
|
|
|
r = sd_bus_message_copy(m, properties_message, true);
|
|
|
|
if (r < 0)
|
|
|
|
return bus_log_create_error(r);
|
|
|
|
}
|
|
|
|
|
2017-06-28 19:22:46 +02:00
|
|
|
r = append_machine_properties(
|
|
|
|
m,
|
|
|
|
mounts,
|
|
|
|
n_mounts,
|
2018-06-13 17:36:54 +02:00
|
|
|
kill_signal);
|
2017-06-28 19:22:46 +02:00
|
|
|
if (r < 0)
|
|
|
|
return r;
|
|
|
|
|
2017-12-23 08:59:56 +01:00
|
|
|
r = bus_append_unit_property_assignment_many(m, UNIT_SCOPE, properties);
|
2017-06-28 19:22:46 +02:00
|
|
|
if (r < 0)
|
|
|
|
return r;
|
|
|
|
|
|
|
|
r = sd_bus_message_close_container(m);
|
|
|
|
if (r < 0)
|
|
|
|
return bus_log_create_error(r);
|
|
|
|
|
|
|
|
/* No auxiliary units */
|
|
|
|
r = sd_bus_message_append(
|
|
|
|
m,
|
|
|
|
"a(sa(sv))",
|
|
|
|
0);
|
|
|
|
if (r < 0)
|
|
|
|
return bus_log_create_error(r);
|
|
|
|
|
2017-07-03 07:59:49 +02:00
|
|
|
r = sd_bus_call(bus, m, 0, &error, &reply);
|
2018-08-07 03:14:30 +02:00
|
|
|
if (r < 0)
|
|
|
|
return log_error_errno(r, "Failed to allocate scope: %s", bus_error_message(&error, r));
|
2017-06-28 19:22:46 +02:00
|
|
|
|
2017-07-03 07:59:49 +02:00
|
|
|
r = sd_bus_message_read(reply, "o", &object);
|
|
|
|
if (r < 0)
|
|
|
|
return bus_log_parse_error(r);
|
|
|
|
|
|
|
|
r = bus_wait_for_jobs_one(w, object, false);
|
|
|
|
if (r < 0)
|
|
|
|
return r;
|
|
|
|
|
2017-06-28 19:22:46 +02:00
|
|
|
return 0;
|
|
|
|
}
|
2018-10-05 22:56:40 +02:00
|
|
|
|
|
|
|
int terminate_scope(
|
|
|
|
sd_bus *bus,
|
|
|
|
const char *machine_name) {
|
|
|
|
|
|
|
|
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
|
|
|
|
_cleanup_free_ char *scope = NULL;
|
|
|
|
int r;
|
|
|
|
|
2019-10-24 14:09:11 +02:00
|
|
|
r = unit_name_mangle_with_suffix(machine_name, "to terminate", 0, ".scope", &scope);
|
2018-10-05 22:56:40 +02:00
|
|
|
if (r < 0)
|
|
|
|
return log_error_errno(r, "Failed to mangle scope name: %m");
|
|
|
|
|
2020-05-03 08:18:27 +02:00
|
|
|
r = bus_call_method(bus, bus_systemd_mgr, "AbandonScope", &error, NULL, "s", scope);
|
2018-10-05 22:56:40 +02:00
|
|
|
if (r < 0) {
|
|
|
|
log_debug_errno(r, "Failed to abandon scope '%s', ignoring: %s", scope, bus_error_message(&error, r));
|
|
|
|
sd_bus_error_free(&error);
|
|
|
|
}
|
|
|
|
|
2020-05-03 08:18:27 +02:00
|
|
|
r = bus_call_method(
|
2018-10-05 22:56:40 +02:00
|
|
|
bus,
|
2020-05-03 08:18:27 +02:00
|
|
|
bus_systemd_mgr,
|
2018-10-05 22:56:40 +02:00
|
|
|
"KillUnit",
|
|
|
|
&error,
|
|
|
|
NULL,
|
|
|
|
"ssi",
|
|
|
|
scope,
|
|
|
|
"all",
|
|
|
|
(int32_t) SIGKILL);
|
|
|
|
if (r < 0) {
|
|
|
|
log_debug_errno(r, "Failed to SIGKILL scope '%s', ignoring: %s", scope, bus_error_message(&error, r));
|
|
|
|
sd_bus_error_free(&error);
|
|
|
|
}
|
|
|
|
|
2020-05-03 08:18:27 +02:00
|
|
|
r = bus_call_method(bus, bus_systemd_mgr, "UnrefUnit", &error, NULL, "s", scope);
|
2018-10-05 22:56:40 +02:00
|
|
|
if (r < 0)
|
|
|
|
log_debug_errno(r, "Failed to drop reference to scope '%s', ignoring: %s", scope, bus_error_message(&error, r));
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|