From 10e8a60baa2336b92419282a7f0373167d3f77fb Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Thu, 17 Sep 2020 16:26:14 +0200 Subject: [PATCH] nspawn: add --console=autopipe mode By default we'll run a container in --console=interactive and --console=read-only mode depending if we are invoked on a tty or not so that the container always gets a /dev/console allocated, i.e is always suitable to run a full init system /as those typically expect a /dev/console to exist). With the new --console=autopipe mode we do something similar, but slightly different: when not invoked on a tty we'll use --console=pipe. This means, if you invoke some tool in a container with this you'll get full inetractivity if you invoke it on a tty but things will also be very nicely pipeable. OTOH you cannot invoke a full init system like this, because you might or might not become a /dev/console this way... Prompted-by: #17070 (I named this "autopipe" rather than "auto" or so, since the default mode probably should be named "auto" one day if we add a name for it, and this is so similar to "auto" except that it uses pipes in the non-tty case). --- man/systemd-nspawn.xml | 21 ++++++++++++--------- src/nspawn/nspawn.c | 12 +++++++++--- 2 files changed, 21 insertions(+), 12 deletions(-) diff --git a/man/systemd-nspawn.xml b/man/systemd-nspawn.xml index 1e7e6a82d5..c8fbb01d00 100644 --- a/man/systemd-nspawn.xml +++ b/man/systemd-nspawn.xml @@ -1370,15 +1370,18 @@ Configures how to set up standard input, output and error output for the container payload, as well as the /dev/console device for the container. Takes one of - , , , or - . If , a pseudo-TTY is allocated and made available - as /dev/console in the container. It is then bi-directionally connected to the - standard input and output passed to systemd-nspawn. is - similar but only the output of the container is propagated and no input from the caller is read. If - , a pseudo TTY is allocated, but it is not connected anywhere. Finally, in - mode no pseudo TTY is allocated, but the standard input, output and error - output file descriptors passed to systemd-nspawn are passed on — as they are — to - the container payload, see the following paragraph. Defaults to if + , , , + or . If , a pseudo-TTY is + allocated and made available as /dev/console in the container. It is then + bi-directionally connected to the standard input and output passed to + systemd-nspawn. is similar but only the output of the + container is propagated and no input from the caller is read. If , a pseudo + TTY is allocated, but it is not connected anywhere. In mode no pseudo TTY is + allocated, but the standard input, output and error output file descriptors passed to + systemd-nspawn are passed on — as they are — to the container payload, see the + following paragraph. Finally, mode operates like + when systemd-nspawn is invoked on a terminal, and + like otherwise. Defaults to if systemd-nspawn is invoked from a terminal, and otherwise. diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c index 282f12d9c1..11a82090b0 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -256,10 +256,11 @@ STATIC_DESTRUCTOR_REGISTER(arg_sysctl, strv_freep); static int handle_arg_console(const char *arg) { if (streq(arg, "help")) { - puts("interactive\n" - "read-only\n" + puts("autopipe\n" + "interactive\n" "passive\n" - "pipe"); + "pipe\n" + "read-only"); return 0; } @@ -277,6 +278,11 @@ static int handle_arg_console(const char *arg) { "Proceeding anyway."); arg_console_mode = CONSOLE_PIPE; + } else if (streq(arg, "autopipe")) { + if (isatty(STDIN_FILENO) > 0 && isatty(STDOUT_FILENO) > 0) + arg_console_mode = CONSOLE_INTERACTIVE; + else + arg_console_mode = CONSOLE_PIPE; } else return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Unknown console mode: %s", optarg);