nspawn: make --link-journal= configurable through .nspawn files, too
This commit is contained in:
Lennart Poettering
parent
b8ea7a6e12
commit
4e1d6aa983
|
|
@ -349,6 +349,15 @@
|
|||
details.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><varname>LinkJournal=</varname></term>
|
||||
|
||||
<listitem><para>Configures how to link host and container journal setups. This is equivalent to the
|
||||
<option>--link-journal=</option> command line switch, and takes the same parameter. See
|
||||
<citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry> for
|
||||
details.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
</variablelist>
|
||||
</refsect1>
|
||||
|
||||
|
|
|
|||
|
|
@ -54,6 +54,7 @@ Exec.NoNewPrivileges, config_parse_tristate, 0, of
|
|||
Exec.OOMScoreAdjust, config_parse_oom_score_adjust, 0, 0
|
||||
Exec.CPUAffinity, config_parse_cpu_affinity, 0, 0
|
||||
Exec.ResolvConf, config_parse_resolv_conf, 0, offsetof(Settings, resolv_conf)
|
||||
Exec.LinkJournal, config_parse_link_journal, 0, 0
|
||||
Files.ReadOnly, config_parse_tristate, 0, offsetof(Settings, read_only)
|
||||
Files.Volatile, config_parse_volatile_mode, 0, offsetof(Settings, volatile_mode)
|
||||
Files.Bind, config_parse_bind, 0, 0
|
||||
|
|
|
|||
|
|
@ -37,6 +37,7 @@ int settings_load(FILE *f, const char *path, Settings **ret) {
|
|||
s->personality = PERSONALITY_INVALID;
|
||||
s->userns_mode = _USER_NAMESPACE_MODE_INVALID;
|
||||
s->resolv_conf = _RESOLV_CONF_MODE_INVALID;
|
||||
s->link_journal = _LINK_JOURNAL_INVALID;
|
||||
s->uid_shift = UID_INVALID;
|
||||
s->uid_range = UID_INVALID;
|
||||
s->no_new_privileges = -1;
|
||||
|
|
@ -740,3 +741,59 @@ static const char *const resolv_conf_mode_table[_RESOLV_CONF_MODE_MAX] = {
|
|||
};
|
||||
|
||||
DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(resolv_conf_mode, ResolvConfMode, RESOLV_CONF_AUTO);
|
||||
|
||||
int parse_link_journal(const char *s, LinkJournal *ret_mode, bool *ret_try) {
|
||||
assert(s);
|
||||
assert(ret_mode);
|
||||
assert(ret_try);
|
||||
|
||||
if (streq(s, "auto")) {
|
||||
*ret_mode = LINK_AUTO;
|
||||
*ret_try = false;
|
||||
} else if (streq(s, "no")) {
|
||||
*ret_mode = LINK_NO;
|
||||
*ret_try = false;
|
||||
} else if (streq(s, "guest")) {
|
||||
*ret_mode = LINK_GUEST;
|
||||
*ret_try = false;
|
||||
} else if (streq(s, "host")) {
|
||||
*ret_mode = LINK_HOST;
|
||||
*ret_try = false;
|
||||
} else if (streq(s, "try-guest")) {
|
||||
*ret_mode = LINK_GUEST;
|
||||
*ret_try = true;
|
||||
} else if (streq(s, "try-host")) {
|
||||
*ret_mode = LINK_HOST;
|
||||
*ret_try = true;
|
||||
} else
|
||||
return -EINVAL;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int config_parse_link_journal(
|
||||
const char *unit,
|
||||
const char *filename,
|
||||
unsigned line,
|
||||
const char *section,
|
||||
unsigned section_line,
|
||||
const char *lvalue,
|
||||
int ltype,
|
||||
const char *rvalue,
|
||||
void *data,
|
||||
void *userdata) {
|
||||
|
||||
Settings *settings = data;
|
||||
int r;
|
||||
|
||||
assert(rvalue);
|
||||
assert(settings);
|
||||
|
||||
r = parse_link_journal(rvalue, &settings->link_journal, &settings->link_journal_try);
|
||||
if (r < 0) {
|
||||
log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse link journal mode, ignoring: %s", rvalue);
|
||||
return 0;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -45,6 +45,15 @@ typedef enum ResolvConfMode {
|
|||
_RESOLV_CONF_MODE_INVALID = -1
|
||||
} ResolvConfMode;
|
||||
|
||||
typedef enum LinkJournal {
|
||||
LINK_NO,
|
||||
LINK_AUTO,
|
||||
LINK_HOST,
|
||||
LINK_GUEST,
|
||||
_LINK_JOURNAL_MAX,
|
||||
_LINK_JOURNAL_INVALID = -1
|
||||
} LinkJournal;
|
||||
|
||||
typedef enum SettingsMask {
|
||||
SETTING_START_MODE = UINT64_C(1) << 0,
|
||||
SETTING_ENVIRONMENT = UINT64_C(1) << 1,
|
||||
|
|
@ -68,9 +77,10 @@ typedef enum SettingsMask {
|
|||
SETTING_OOM_SCORE_ADJUST = UINT64_C(1) << 19,
|
||||
SETTING_CPU_AFFINITY = UINT64_C(1) << 20,
|
||||
SETTING_RESOLV_CONF = UINT64_C(1) << 21,
|
||||
SETTING_RLIMIT_FIRST = UINT64_C(1) << 22, /* we define one bit per resource limit here */
|
||||
SETTING_RLIMIT_LAST = UINT64_C(1) << (22 + _RLIMIT_MAX - 1),
|
||||
_SETTINGS_MASK_ALL = (UINT64_C(1) << (22 + _RLIMIT_MAX)) - 1,
|
||||
SETTING_LINK_JOURNAL = UINT64_C(1) << 22,
|
||||
SETTING_RLIMIT_FIRST = UINT64_C(1) << 23, /* we define one bit per resource limit here */
|
||||
SETTING_RLIMIT_LAST = UINT64_C(1) << (23 + _RLIMIT_MAX - 1),
|
||||
_SETTINGS_MASK_ALL = (UINT64_C(1) << (23 + _RLIMIT_MAX)) - 1,
|
||||
_FORCE_ENUM_WIDTH = UINT64_MAX
|
||||
} SettingsMask;
|
||||
|
||||
|
|
@ -110,6 +120,8 @@ typedef struct Settings {
|
|||
cpu_set_t *cpuset;
|
||||
unsigned cpuset_ncpus;
|
||||
ResolvConfMode resolv_conf;
|
||||
LinkJournal link_journal;
|
||||
bool link_journal_try;
|
||||
|
||||
/* [Image] */
|
||||
int read_only;
|
||||
|
|
@ -158,6 +170,9 @@ CONFIG_PARSER_PROTOTYPE(config_parse_hostname);
|
|||
CONFIG_PARSER_PROTOTYPE(config_parse_oom_score_adjust);
|
||||
CONFIG_PARSER_PROTOTYPE(config_parse_cpu_affinity);
|
||||
CONFIG_PARSER_PROTOTYPE(config_parse_resolv_conf);
|
||||
CONFIG_PARSER_PROTOTYPE(config_parse_link_journal);
|
||||
|
||||
const char *resolv_conf_mode_to_string(ResolvConfMode a) _const_;
|
||||
ResolvConfMode resolv_conf_mode_from_string(const char *s) _pure_;
|
||||
|
||||
int parse_link_journal(const char *s, LinkJournal *ret_mode, bool *ret_try);
|
||||
|
|
|
|||
|
|
@ -118,13 +118,6 @@ typedef enum ContainerStatus {
|
|||
CONTAINER_REBOOTED
|
||||
} ContainerStatus;
|
||||
|
||||
typedef enum LinkJournal {
|
||||
LINK_NO,
|
||||
LINK_AUTO,
|
||||
LINK_HOST,
|
||||
LINK_GUEST
|
||||
} LinkJournal;
|
||||
|
||||
static char *arg_directory = NULL;
|
||||
static char *arg_template = NULL;
|
||||
static char *arg_chdir = NULL;
|
||||
|
|
@ -810,32 +803,17 @@ static int parse_argv(int argc, char *argv[]) {
|
|||
case 'j':
|
||||
arg_link_journal = LINK_GUEST;
|
||||
arg_link_journal_try = true;
|
||||
arg_settings_mask |= SETTING_LINK_JOURNAL;
|
||||
break;
|
||||
|
||||
case ARG_LINK_JOURNAL:
|
||||
if (streq(optarg, "auto")) {
|
||||
arg_link_journal = LINK_AUTO;
|
||||
arg_link_journal_try = false;
|
||||
} else if (streq(optarg, "no")) {
|
||||
arg_link_journal = LINK_NO;
|
||||
arg_link_journal_try = false;
|
||||
} else if (streq(optarg, "guest")) {
|
||||
arg_link_journal = LINK_GUEST;
|
||||
arg_link_journal_try = false;
|
||||
} else if (streq(optarg, "host")) {
|
||||
arg_link_journal = LINK_HOST;
|
||||
arg_link_journal_try = false;
|
||||
} else if (streq(optarg, "try-guest")) {
|
||||
arg_link_journal = LINK_GUEST;
|
||||
arg_link_journal_try = true;
|
||||
} else if (streq(optarg, "try-host")) {
|
||||
arg_link_journal = LINK_HOST;
|
||||
arg_link_journal_try = true;
|
||||
} else {
|
||||
log_error("Failed to parse link journal mode %s", optarg);
|
||||
r = parse_link_journal(optarg, &arg_link_journal, &arg_link_journal_try);
|
||||
if (r < 0) {
|
||||
log_error_errno(r, "Failed to parse link journal mode %s", optarg);
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
arg_settings_mask |= SETTING_LINK_JOURNAL;
|
||||
break;
|
||||
|
||||
case ARG_BIND:
|
||||
|
|
@ -3451,6 +3429,17 @@ static int merge_settings(Settings *settings, const char *path) {
|
|||
settings->resolv_conf != _RESOLV_CONF_MODE_INVALID)
|
||||
arg_resolv_conf = settings->resolv_conf;
|
||||
|
||||
if ((arg_settings_mask & SETTING_LINK_JOURNAL) == 0 &&
|
||||
settings->link_journal != _LINK_JOURNAL_INVALID) {
|
||||
|
||||
if (!arg_settings_trusted)
|
||||
log_warning("Ignoring journal link setting, file '%s' is not trusted.", path);
|
||||
else {
|
||||
arg_link_journal = settings->link_journal;
|
||||
arg_link_journal_try = settings->link_journal_try;
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue