static int
testUserXattrEnabled(void)
{
int ret = -1;
ssize_t len;
const char *con_value = "system_u:object_r:svirt_image_t:s0:c41,c264";
char *path = NULL;
if (virAsprintf(&path, "%s/securityselinuxlabeldata/testxattr",
abs_builddir) < 0)
goto cleanup;
if (virFileMakePath(abs_builddir "/securityselinuxlabeldata") < 0 ||
virFileTouch(path, 0600) < 0)
goto cleanup;
len = setxattr(path, "user.libvirt.selinux", con_value,
strlen(con_value), 0);
if (len < 0) {
if (errno == EOPNOTSUPP)
ret = 0;
goto cleanup;
}
ret = 1;
cleanup:
unlink(path);
rmdir(abs_builddir "/securityselinuxlabeldata");
VIR_FREE(path);
return ret;
}
static int
testSELinuxCreateDisks(testSELinuxFile *files, size_t nfiles)
{
size_t i;
if (virFileMakePath(abs_builddir "/securityselinuxlabeldata/nfs") < 0)
return -1;
for (i = 0; i < nfiles; i++) {
if (virFileTouch(files[i].file, 0600) < 0)
return -1;
}
return 0;
}
static int lxcContainerPopulateDevices(char **ttyPaths, size_t nttyPaths)
{
size_t i;
const struct {
int maj;
int min;
mode_t mode;
const char *path;
} devs[] = {
{ LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_NULL, 0666, "/dev/null" },
{ LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_ZERO, 0666, "/dev/zero" },
{ LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_FULL, 0666, "/dev/full" },
{ LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_RANDOM, 0666, "/dev/random" },
{ LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_URANDOM, 0666, "/dev/urandom" },
};
const struct {
const char *src;
const char *dst;
} links[] = {
{ "/proc/self/fd/0", "/dev/stdin" },
{ "/proc/self/fd/1", "/dev/stdout" },
{ "/proc/self/fd/2", "/dev/stderr" },
{ "/proc/self/fd", "/dev/fd" },
};
/* Populate /dev/ with a few important bits */
for (i = 0 ; i < ARRAY_CARDINALITY(devs) ; i++) {
dev_t dev = makedev(devs[i].maj, devs[i].min);
if (mknod(devs[i].path, S_IFCHR, dev) < 0 ||
chmod(devs[i].path, devs[i].mode)) {
virReportSystemError(errno,
_("Failed to make device %s"),
devs[i].path);
return -1;
}
}
for (i = 0 ; i < ARRAY_CARDINALITY(links) ; i++) {
if (symlink(links[i].src, links[i].dst) < 0) {
virReportSystemError(errno,
_("Failed to symlink device %s to %s"),
links[i].dst, links[i].src);
return -1;
}
}
if (access("/dev/pts/ptmx", W_OK) == 0) {
/* We have private devpts capability, so bind that */
if (virFileTouch("/dev/ptmx", 0666) < 0)
return -1;
if (mount("/dev/pts/ptmx", "/dev/ptmx", "ptmx", MS_BIND, NULL) < 0) {
virReportSystemError(errno, "%s",
_("Failed to bind /dev/pts/ptmx on to /dev/ptmx"));
return -1;
}
} else {
/* Legacy devpts, so we need to just use shared one */
dev_t dev = makedev(LXC_DEV_MAJ_TTY, LXC_DEV_MIN_PTMX);
if (mknod("/dev/ptmx", S_IFCHR, dev) < 0 ||
chmod("/dev/ptmx", 0666)) {
virReportSystemError(errno, "%s",
_("Failed to make device /dev/ptmx"));
return -1;
}
}
for (i = 0 ; i < nttyPaths ; i++) {
char *tty;
if (virAsprintf(&tty, "/dev/tty%zu", i+1) < 0) {
virReportOOMError();
return -1;
}
if (symlink(ttyPaths[i], tty) < 0) {
VIR_FREE(tty);
virReportSystemError(errno,
_("Failed to symlink %s to %s"),
ttyPaths[i], tty);
return -1;
}
VIR_FREE(tty);
if (i == 0 &&
symlink(ttyPaths[i], "/dev/console") < 0) {
virReportSystemError(errno,
_("Failed to symlink %s to /dev/console"),
ttyPaths[i]);
return -1;
}
}
return 0;
}
