static int pid_from_lxcname(const char *lxcname_or_pid, const char *lxcpath) {
char *eptr;
int pid = strtol(lxcname_or_pid, &eptr, 10);
if (*eptr != '\0' || pid < 1) {
struct lxc_container *s;
s = lxc_container_new(lxcname_or_pid, lxcpath);
if (!s) {
SYSERROR("'%s' is not a valid pid nor a container name", lxcname_or_pid);
return -1;
}
if (!s->may_control(s)) {
SYSERROR("Insufficient privileges to control container '%s'", s->name);
lxc_container_put(s);
return -1;
}
pid = s->init_pid(s);
if (pid < 1) {
SYSERROR("Is container '%s' running?", s->name);
lxc_container_put(s);
return -1;
}
lxc_container_put(s);
}
if (kill(pid, 0) < 0) {
SYSERROR("Can't send signal to pid %d", pid);
return -1;
}
return pid;
}
bool restore(struct lxc_container *c)
{
pid_t pid = 0;
bool ret = true;
if (c->is_running(c)) {
fprintf(stderr, "%s is running, not restoring.\n", my_args.name);
lxc_container_put(c);
return false;
}
if (my_args.daemonize)
pid = fork();
if (pid == 0) {
if (my_args.daemonize) {
close(0);
close(1);
}
ret = c->restore(c, checkpoint_dir, verbose);
if (!ret) {
fprintf(stderr, "Restoring %s failed.\n", my_args.name);
}
}
lxc_container_put(c);
return ret;
}
int main(int argc, char *argv[])
{
int count = 0;
int i = 0;
int ret = 0;
struct lxc_container **containers = NULL;
struct lxc_list *cmd_groups_list = NULL;
struct lxc_list *c_groups_list = NULL;
struct lxc_list *it, *next;
char *const default_start_args[] = {
"/sbin/init",
'\0',
};
if (lxc_arguments_parse(&my_args, argc, argv))
return 1;
count = list_defined_containers(NULL, NULL, &containers);
if (count < 0)
return 1;
qsort(&containers[0], count, sizeof(struct lxc_container *), cmporder);
if (my_args.groups && !my_args.all)
cmd_groups_list = get_list((char*)my_args.groups, ",");
for (i = 0; i < count; i++) {
struct lxc_container *c = containers[i];
if (!c->may_control(c)) {
lxc_container_put(c);
continue;
}
if (get_config_integer(c, "lxc.start.auto") != 1) {
lxc_container_put(c);
continue;
}
if (!my_args.all) {
/* Filter by group */
c_groups_list = get_config_list(c, "lxc.group");
ret = lists_contain_common_entry(cmd_groups_list, c_groups_list);
if (c_groups_list) {
lxc_list_for_each_safe(it, c_groups_list, next) {
lxc_list_del(it);
free(it->elem);
free(it);
}
free(c_groups_list);
}
if (ret == 0) {
lxc_container_put(c);
continue;
}
}
static void test_list_func(const char *lxcpath, const char *type,
int (*func)(const char *path, char ***names,
struct lxc_container ***cret))
{
int i, n, n2;
struct lxc_container **clist;
char **names;
printf("%-10s Counting containers\n", type);
n = func(lxcpath, NULL, NULL);
printf("%-10s Counted %d containers\n", type, n);
printf("%-10s Get container struct only\n", type);
n2 = func(lxcpath, NULL, &clist);
if (n2 != n)
printf("Warning: first call returned %d, second %d\n", n, n2);
for (i = 0; i < n2; i++) {
struct lxc_container *c = clist[i];
printf("%-10s Got container struct %s\n", type, c->name);
lxc_container_put(c);
}
if (n2 > 0) {
free(clist);
clist = NULL;
}
printf("%-10s Get names only\n", type);
n2 = func(lxcpath, &names, NULL);
if (n2 != n)
printf("Warning: first call returned %d, second %d\n", n, n2);
for (i = 0; i < n2; i++) {
printf("%-10s Got container name %s\n", type, names[i]);
free(names[i]);
}
if (n2 > 0) {
free(names);
names = NULL;
}
printf("%-10s Get names and containers\n", type);
n2 = func(lxcpath, &names, &clist);
if (n2 != n)
printf("Warning: first call returned %d, second %d\n", n, n2);
for (i = 0; i < n2; i++) {
struct lxc_container *c = clist[i];
printf("%-10s Got container struct %s, name %s\n", type, c->name, names[i]);
if (strcmp(c->name, names[i]))
fprintf(stderr, "ERROR: name mismatch!\n");
free(names[i]);
lxc_container_put(c);
}
if (n2 > 0) {
free(names);
free(clist);
}
}
int main()
{
struct lxc_container *c;
const char *p1, *p2;
int retval = -1;
c = lxc_container_new(MYNAME, NULL);
if (!c) {
TSTERR("create using default path");
goto err;
}
p1 = c->get_config_path(c);
p2 = c->config_file_name(c);
if (!p1 || !p2 || strncmp(p1, p2, strlen(p1))) {
TSTERR("Bad result for path names");
goto err;
}
#define CPATH "/boo"
#define FPATH "/boo/lxctest1/config"
if (!c->set_config_path(c, "/boo")) {
TSTERR("Error setting custom path");
goto err;
}
p1 = c->get_config_path(c);
p2 = c->config_file_name(c);
if (strcmp(p1, CPATH) || strcmp(p2, FPATH)) {
TSTERR("Bad result for path names after set_config_path()");
goto err;
}
lxc_container_put(c);
c = lxc_container_new(MYNAME, CPATH);
if (!c) {
TSTERR("create using custom path");
goto err;
}
p1 = c->get_config_path(c);
p2 = c->config_file_name(c);
if (strcmp(p1, CPATH) || strcmp(p2, FPATH)) {
TSTERR("Bad result for path names after create with custom path");
goto err;
}
retval = 0;
err:
lxc_container_put(c);
return retval;
}
/*
* TODO: this should be re-written to use the get_config_item("lxc.id_map")
* cmd api instead of getting the idmap from c->lxc_conf. The reason is
* that the id_maps may be different if the container was started with a
* -f or -s argument.
* The reason I'm punting on that is because we'll need to parse the
* idmap results.
*/
static bool cgm_attach(const char *name, const char *lxcpath, pid_t pid)
{
bool pass = false;
char *cgroup = NULL;
struct lxc_container *c;
c = lxc_container_new(name, lxcpath);
if (!c) {
ERROR("Could not load container %s:%s", lxcpath, name);
return false;
}
if (!collect_subsytems()) {
ERROR("Error collecting cgroup subsystems");
goto out;
}
// cgm_create makes sure that we have the same cgroup name for all
// subsystems, so since this is a slow command over the cmd socket,
// just get the cgroup name for the first one.
cgroup = lxc_cmd_get_cgroup_path(name, lxcpath, subsystems[0]);
if (!cgroup) {
ERROR("Failed to get cgroup for controller %s", subsystems[0]);
goto out;
}
if (!(pass = do_cgm_enter(pid, cgroup)))
ERROR("Failed to enter group %s", cgroup);
out:
free(cgroup);
lxc_container_put(c);
return pass;
}
static void lxc_proc_put_context_info(struct lxc_proc_context_info *ctx)
{
free(ctx->lsm_label);
if (ctx->container)
lxc_container_put(ctx->container);
free(ctx);
}
int main(int argc, char *argv[])
{
struct lxc_container *c;
bool s;
int ret = 1;
if (lxc_arguments_parse(&my_args, argc, argv))
return 1;
if (lxc_log_init(my_args.name, my_args.log_file, my_args.log_priority,
my_args.progname, my_args.quiet, my_args.lxcpath[0]))
return 1;
/* shortcut - if locking is bogus, we should be able to kill
* containers at least */
if (my_args.nolock)
return lxc_cmd_stop(my_args.name, my_args.lxcpath[0]);
c = lxc_container_new(my_args.name, my_args.lxcpath[0]);
if (!c) {
fprintf(stderr, "Error opening container\n");
goto out;
}
if (!c->may_control(c)) {
fprintf(stderr, "Insufficent privileges to control %s\n", c->name);
goto out;
}
if (!c->is_running(c)) {
fprintf(stderr, "%s is not running\n", c->name);
ret = 2;
goto out;
}
if (my_args.hardstop) {
ret = c->stop(c) ? 0 : 1;
goto out;
}
if (my_args.reboot) {
ret = do_reboot_and_check(&my_args, c);
goto out;
}
if (my_args.shutdown)
my_args.timeout = 0;
s = c->shutdown(c, my_args.timeout);
if (!s) {
if (!my_args.shutdown)
ret = c->wait(c, "STOPPED", -1) ? 0 : 1;
else
ret = 1; // fail
} else
ret = 0;
out:
lxc_container_put(c);
return ret;
}
void LxcZone::refresh()
{
//TODO Consider make LxcZone state-less
std::string zoneName = mLxcContainer->name;
std::string lxcPath = mLxcContainer->config_path;
lxc_container_put(mLxcContainer);
mLxcContainer = lxc_container_new(zoneName.c_str(), lxcPath.c_str());
}
static int container_gc(lua_State *L)
{
struct lxc_container *c = lua_unboxpointer(L, 1, CONTAINER_TYPENAME);
/* XXX what to do if this fails? */
lxc_container_put(c);
return 0;
}
int main(int argc, char *argv[])
{
struct lxc_container *c;
bool ret;
if (lxc_arguments_parse(&my_args, argc, argv))
exit(1);
if (!my_args.log_file)
my_args.log_file = "none";
if (lxc_log_init(my_args.name, my_args.log_file, my_args.log_priority,
my_args.progname, my_args.quiet, my_args.lxcpath[0]))
exit(1);
lxc_log_options_no_override();
c = lxc_container_new(my_args.name, my_args.lxcpath[0]);
if (!c) {
fprintf(stderr, "System error loading %s\n", my_args.name);
exit(1);
}
if (!c->may_control(c)) {
fprintf(stderr, "Insufficent privileges to control %s\n", my_args.name);
lxc_container_put(c);
exit(1);
}
if (!c->is_defined(c)) {
fprintf(stderr, "%s is not defined\n", my_args.name);
lxc_container_put(c);
exit(1);
}
if (do_restore)
ret = restore(c);
else if (do_pre_checkpoint)
ret = pre_checkpoint(c);
else
ret = checkpoint(c);
return !ret;
}
bool restore_finalize(struct lxc_container *c)
{
bool ret = c->restore(c, checkpoint_dir, verbose);
if (!ret) {
fprintf(stderr, "Restoring %s failed.\n", my_args.name);
}
lxc_container_put(c);
return ret;
}
int main(int argc, char *argv[])
{
struct lxc_container *c;
int ret = 1;
if ((c = lxc_container_new(MYNAME, NULL)) == NULL) {
fprintf(stderr, "%d: error opening lxc_container %s\n", __LINE__, MYNAME);
ret = 1;
goto out;
}
if (c->is_defined(c)) {
fprintf(stderr, "%d: %s thought it was defined\n", __LINE__, MYNAME);
goto out;
}
if (create_container()) {
fprintf(stderr, "%d: failed to create a container\n", __LINE__);
goto out;
}
if (!c->is_defined(c)) {
fprintf(stderr, "%d: %s thought it was not defined\n", __LINE__, MYNAME);
goto out;
}
c->load_config(c, NULL);
unlink("/tmp/lxctest1");
if (!c->save_config(c, "/tmp/lxctest1")) {
fprintf(stderr, "%d: failed writing config file /tmp/lxctest1\n", __LINE__);
goto out;
}
rename(LXCPATH "/" MYNAME "/config", LXCPATH "/" MYNAME "/config.bak");
if (!c->save_config(c, NULL)) {
fprintf(stderr, "%d: failed writing config file\n", __LINE__);
goto out;
}
if (!c->destroy(c)) {
fprintf(stderr, "%d: error deleting %s\n", __LINE__, MYNAME);
goto out;
}
if (c->is_defined(c)) {
fprintf(stderr, "%d: %s thought it was defined\n", __LINE__, MYNAME);
goto out;
}
fprintf(stderr, "all lxc_container tests passed for %s\n", c->name);
ret = 0;
out:
lxc_container_put(c);
exit(ret);
}
bool pre_checkpoint(struct lxc_container *c)
{
bool ret;
if (!c->is_running(c)) {
fprintf(stderr, "%s not running, not pre-checkpointing.\n", my_args.name);
lxc_container_put(c);
return false;
}
ret = c->pre_checkpoint(c, checkpoint_dir, prev_checkpoint_dir, verbose);
lxc_container_put(c);
if (!ret) {
fprintf(stderr, "Pre-checkpointing %s failed.\n", my_args.name);
return false;
}
return true;
}
static void try_to_remove(void)
{
struct lxc_container *c;
c = lxc_container_new(RESTNAME, NULL);
if (c) {
c->snapshot_destroy_all(c);
if (c->is_defined(c))
c->destroy(c);
lxc_container_put(c);
}
c = lxc_container_new(MYNAME2, NULL);
if (c) {
c->destroy_with_snapshots(c);
lxc_container_put(c);
}
c = lxc_container_new(MYNAME, NULL);
if (c) {
c->snapshot_destroy_all(c);
if (c->is_defined(c))
c->destroy(c);
lxc_container_put(c);
}
}
void try_to_remove()
{
struct lxc_container *c;
char snappath[1024];
c = lxc_container_new(RESTNAME, NULL);
if (c) {
if (c->is_defined(c))
c->destroy(c);
lxc_container_put(c);
}
snprintf(snappath, 1024, "%ssnaps/%s", lxc_get_default_config_path(), MYNAME);
c = lxc_container_new("snap0", snappath);
if (c) {
if (c->is_defined(c))
c->destroy(c);
lxc_container_put(c);
}
c = lxc_container_new(MYNAME, NULL);
if (c) {
if (c->is_defined(c))
c->destroy(c);
lxc_container_put(c);
}
}
bool restore(struct lxc_container *c)
{
if (c->is_running(c)) {
fprintf(stderr, "%s is running, not restoring.\n", my_args.name);
lxc_container_put(c);
return false;
}
if (my_args.daemonize) {
pid_t pid;
pid = fork();
if (pid < 0) {
perror("fork");
return false;
}
if (pid == 0) {
close(0);
close(1);
exit(!restore_finalize(c));
} else {
return wait_for_pid(pid) == 0;
}
} else {
int status;
if (!restore_finalize(c))
return false;
if (waitpid(-1, &status, 0) < 0)
return false;
return WIFEXITED(status) && WEXITSTATUS(status) == 0;
}
}
static void
Container_dealloc(Container* self)
{
lxc_container_put(self->container);
Py_TYPE(self)->tp_free((PyObject*)self);
}
int main(int argc, char *argv[])
{
int ret;
struct lxc_container *c;
int fd = -1, fret = EXIT_FAILURE;
char tmpf[] = "lxc-parse-config-file-XXXXXX";
char retval[4096] = {0};
fd = lxc_make_tmpfile(tmpf, false);
if (fd < 0) {
lxc_error("%s\n", "Could not create temporary file");
exit(fret);
}
close(fd);
c = lxc_container_new(tmpf, NULL);
if (!c) {
lxc_error("%s\n", "Failed to create new container");
exit(EXIT_FAILURE);
}
if (set_get_compare_clear_save_load(c, "lxc.arch", "x86_64", tmpf,
true) < 0) {
lxc_error("%s\n", "lxc.arch");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.pty.max", "1000", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.pty.max");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.tty.max", "4", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.tty.max");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.tty.dir", "not-dev", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.tty.dir");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.apparmor.profile", "unconfined", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.apparmor.profile");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.apparmor.allow_incomplete", "1", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.apparmor.allow_incomplete");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.selinux.context", "system_u:system_r:lxc_t:s0:c22", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.selinux.context");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.cgroup.cpuset.cpus",
"1-100", tmpf, false) < 0) {
lxc_error("%s\n", "lxc.cgroup.cpuset.cpus");
goto non_test_error;
}
if (!c->set_config_item(c, "lxc.cgroup.cpuset.cpus", "1-100")) {
lxc_error("%s\n", "failed to set config item \"lxc.cgroup.cpuset.cpus\" to \"1-100\"");
return -1;
}
if (!c->set_config_item(c, "lxc.cgroup.memory.limit_in_bytes", "123456789")) {
lxc_error("%s\n", "failed to set config item \"lxc.cgroup.memory.limit_in_bytes\" to \"123456789\"");
return -1;
}
if (!c->get_config_item(c, "lxc.cgroup", retval, sizeof(retval))) {
lxc_error("%s\n", "failed to get config item \"lxc.cgroup\"");
return -1;
}
c->clear_config(c);
c->lxc_conf = NULL;
/* lxc.idmap
* We can't really save the config here since save_config() wants to
* chown the container's directory but we haven't created an on-disk
* container. So let's test set-get-clear.
*/
if (set_get_compare_clear_save_load(c, "lxc.idmap", "u 0 100000 1000000000", NULL, false) < 0) {
lxc_error("%s\n", "lxc.idmap");
goto non_test_error;
}
if (!c->set_config_item(c, "lxc.idmap", "u 1 100000 10000000")) {
lxc_error("%s\n", "failed to set config item \"lxc.idmap\" to \"u 1 100000 10000000\"");
return -1;
}
if (!c->set_config_item(c, "lxc.idmap", "g 1 100000 10000000")) {
lxc_error("%s\n", "failed to set config item \"lxc.idmap\" to \"g 1 100000 10000000\"");
return -1;
}
if (!c->get_config_item(c, "lxc.idmap", retval, sizeof(retval))) {
lxc_error("%s\n", "failed to get config item \"lxc.idmap\"");
return -1;
}
c->clear_config(c);
c->lxc_conf = NULL;
if (set_get_compare_clear_save_load(c, "lxc.log.level", "DEBUG", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.log.level");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.log.file", "/some/path", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.log.file");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.mount.fstab", "/some/path", NULL, true) < 0) {
lxc_error("%s\n", "lxc.mount.fstab");
goto non_test_error;
}
/* lxc.mount.auto
* Note that we cannot compare the values since the getter for
* lxc.mount.auto does not preserve ordering.
*/
if (set_get_compare_clear_save_load(c, "lxc.mount.auto", "proc:rw sys:rw cgroup-full:rw", tmpf, false) < 0) {
lxc_error("%s\n", "lxc.mount.auto");
goto non_test_error;
}
/* lxc.mount.entry
* Note that we cannot compare the values since the getter for
* lxc.mount.entry appends newlines.
*/
if (set_get_compare_clear_save_load(c, "lxc.mount.entry", "/dev/dri dev/dri none bind,optional,create=dir", tmpf, false) < 0) {
lxc_error("%s\n", "lxc.mount.entry");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.rootfs.path", "/some/path", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.rootfs.path");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.rootfs.mount", "/some/path", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.rootfs.mount");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.rootfs.options", "ext4,discard", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.rootfs.options");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.uts.name", "the-shire", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.uts.name");
goto non_test_error;
}
if (set_get_compare_clear_save_load(
c, "lxc.hook.pre-start", "/some/pre-start", tmpf, false) < 0) {
lxc_error("%s\n", "lxc.hook.pre-start");
goto non_test_error;
}
if (set_get_compare_clear_save_load(
c, "lxc.hook.pre-mount", "/some/pre-mount", tmpf, false) < 0) {
lxc_error("%s\n", "lxc.hook.pre-mount");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.hook.mount", "/some/mount", tmpf, false) < 0) {
lxc_error("%s\n", "lxc.hook.mount");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.hook.autodev", "/some/autodev", tmpf, false) < 0) {
lxc_error("%s\n", "lxc.hook.autodev");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.hook.start", "/some/start", tmpf, false) < 0) {
lxc_error("%s\n", "lxc.hook.start");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.hook.stop", "/some/stop", tmpf, false) < 0) {
lxc_error("%s\n", "lxc.hook.stop");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.hook.post-stop", "/some/post-stop", tmpf, false) < 0) {
lxc_error("%s\n", "lxc.hook.post-stop");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.hook.clone", "/some/clone", tmpf, false) < 0) {
lxc_error("%s\n", "lxc.hook.clone");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.hook.destroy", "/some/destroy", tmpf, false) < 0) {
lxc_error("%s\n", "lxc.hook.destroy");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.cap.drop", "sys_module mknod setuid net_raw", tmpf, false) < 0) {
lxc_error("%s\n", "lxc.cap.drop");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.cap.keep", "sys_module mknod setuid net_raw", tmpf, false) < 0) {
lxc_error("%s\n", "lxc.cap.keep");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.console.path", "none", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.console.path");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.console.logfile", "/some/logfile", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.console.logfile");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.seccomp.profile", "/some/seccomp/file", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.seccomp.profile");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.autodev", "1", tmpf, true) <
0) {
lxc_error("%s\n", "lxc.autodev");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.signal.halt", "1", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.signal.halt");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.signal.reboot", "1", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.signal.reboot");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.signal.stop", "1", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.signal.stop");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.start.auto", "1", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.start.auto");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.start.delay", "5", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.start.delay");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.start.order", "1", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.start.order");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.log.syslog", "local0", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.log.syslog");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.monitor.unshare", "1", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.monitor.unshare");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.group", "some,container,groups", tmpf, false) < 0) {
lxc_error("%s\n", "lxc.group");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.environment", "FOO=BAR", tmpf, false) < 0) {
lxc_error("%s\n", "lxc.environment");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.init.cmd", "/bin/bash", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.init.cmd");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.init.uid", "1000", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.init.uid");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.init.gid", "1000", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.init.gid");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.ephemeral", "1", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.ephemeral");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.no_new_privs", "1", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.no_new_privs");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.sysctl.net.core.somaxconn", "256", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.sysctl.net.core.somaxconn");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.proc.oom_score_adj", "10", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.proc.oom_score_adj");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.prlimit.nofile", "65536", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.prlimit.nofile");
goto non_test_error;
}
if (test_idmap_parser() < 0) {
lxc_error("%s\n", "failed to test parser for \"lxc.id_map\"");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.net.0.type", "veth", tmpf, true)) {
lxc_error("%s\n", "lxc.net.0.type");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.net.2.type", "none", tmpf, true)) {
lxc_error("%s\n", "lxc.net.2.type");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.net.3.type", "empty", tmpf, true)) {
lxc_error("%s\n", "lxc.net.3.type");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.net.4.type", "vlan", tmpf, true)) {
lxc_error("%s\n", "lxc.net.4.type");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.net.0.type", "macvlan", tmpf, true)) {
lxc_error("%s\n", "lxc.net.0.type");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.net.0.type", "ipvlan", tmpf, true)) {
lxc_error("%s\n", "lxc.net.0.type");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.net.1000.type", "phys", tmpf, true)) {
lxc_error("%s\n", "lxc.net.1000.type");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.net.0.flags", "up", tmpf, true)) {
lxc_error("%s\n", "lxc.net.0.flags");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.net.0.name", "eth0", tmpf, true)) {
lxc_error("%s\n", "lxc.net.0.name");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.net.0.link", "bla", tmpf, true)) {
lxc_error("%s\n", "lxc.net.0.link");
goto non_test_error;
}
if (set_get_compare_clear_save_load_network(c, "lxc.net.0.macvlan.mode", "private", tmpf, true, "macvlan")) {
lxc_error("%s\n", "lxc.net.0.macvlan.mode");
goto non_test_error;
}
if (set_get_compare_clear_save_load_network(c, "lxc.net.0.macvlan.mode", "vepa", tmpf, true, "macvlan")) {
lxc_error("%s\n", "lxc.net.0.macvlan.mode");
goto non_test_error;
}
if (set_get_compare_clear_save_load_network(c, "lxc.net.0.macvlan.mode", "bridge", tmpf, true, "macvlan")) {
lxc_error("%s\n", "lxc.net.0.macvlan.mode");
goto non_test_error;
}
if (set_get_compare_clear_save_load_network(c, "lxc.net.0.ipvlan.mode", "l3", tmpf, true, "ipvlan")) {
lxc_error("%s\n", "lxc.net.0.ipvlan.mode");
goto non_test_error;
}
if (set_get_compare_clear_save_load_network(c, "lxc.net.0.ipvlan.mode", "l3s", tmpf, true, "ipvlan")) {
lxc_error("%s\n", "lxc.net.0.ipvlan.mode");
goto non_test_error;
}
if (set_get_compare_clear_save_load_network(c, "lxc.net.0.ipvlan.mode", "l2", tmpf, true, "ipvlan")) {
lxc_error("%s\n", "lxc.net.0.ipvlan.mode");
goto non_test_error;
}
if (set_get_compare_clear_save_load_network(c, "lxc.net.0.ipvlan.isolation", "bridge", tmpf, true, "ipvlan")) {
lxc_error("%s\n", "lxc.net.0.ipvlan.isolation");
goto non_test_error;
}
if (set_get_compare_clear_save_load_network(c, "lxc.net.0.ipvlan.isolation", "private", tmpf, true, "ipvlan")) {
lxc_error("%s\n", "lxc.net.0.ipvlan.isolation");
goto non_test_error;
}
if (set_get_compare_clear_save_load_network(c, "lxc.net.0.ipvlan.isolation", "vepa", tmpf, true, "ipvlan")) {
lxc_error("%s\n", "lxc.net.0.ipvlan.isolation");
goto non_test_error;
}
if (set_get_compare_clear_save_load_network(c, "lxc.net.0.veth.pair", "clusterfuck", tmpf, true, "veth")) {
lxc_error("%s\n", "lxc.net.0.veth.pair");
goto non_test_error;
}
if (set_get_compare_clear_save_load_network(c, "lxc.net.0.veth.ipv4.route", "192.0.2.1/32", tmpf, true, "veth")) {
lxc_error("%s\n", "lxc.net.0.veth.ipv4.route");
return -1;
}
if (set_get_compare_clear_save_load_network(c, "lxc.net.0.veth.ipv6.route", "2001:db8::1/128", tmpf, true, "veth")) {
lxc_error("%s\n", "lxc.net.0.veth.ipv6.route");
return -1;
}
if (set_get_compare_clear_save_load(c, "lxc.net.0.script.up", "/some/up/path", tmpf, true)) {
lxc_error("%s\n", "lxc.net.0.script.up");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.net.0.script.down", "/some/down/path", tmpf, true)) {
lxc_error("%s\n", "lxc.net.0.script.down");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.net.0.hwaddr", "52:54:00:80:7a:5d", tmpf, true)) {
lxc_error("%s\n", "lxc.net.0.hwaddr");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.net.0.mtu", "2000", tmpf, true)) {
lxc_error("%s\n", "lxc.net.0.mtu");
goto non_test_error;
}
if (set_get_compare_clear_save_load_network(c, "lxc.net.0.vlan.id", "2", tmpf, true, "vlan")) {
lxc_error("%s\n", "lxc.net.0.vlan.id");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.net.0.ipv4.gateway", "10.0.2.2", tmpf, true)) {
lxc_error("%s\n", "lxc.net.0.ipv4.gateway");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.net.0.ipv6.gateway", "2003:db8:1::1", tmpf, true)) {
lxc_error("%s\n", "lxc.net.0.ipv6.gateway");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.net.0.ipv4.address", "10.0.2.3/24", tmpf, true)) {
lxc_error("%s\n", "lxc.net.0.ipv4.address");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.net.0.ipv6.address", "2003:db8:1:0:214:1234:fe0b:3596/64", tmpf, true)) {
lxc_error("%s\n", "lxc.net.0.ipv6.address");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.cgroup.dir", "lxd", tmpf, true)) {
lxc_error("%s\n", "lxc.cgroup.dir");
goto non_test_error;
}
if (set_and_clear_complete_netdev(c) < 0) {
lxc_error("%s\n", "failed to clear whole network");
goto non_test_error;
}
if (set_invalid_netdev(c) < 0) {
lxc_error("%s\n", "failed to reject invalid configuration");
goto non_test_error;
}
ret = set_get_compare_clear_save_load(c, "lxc.hook.version", "1", tmpf, true);
if (ret < 0) {
lxc_error("%s\n", "lxc.hook.version");
goto non_test_error;
}
ret = set_get_compare_clear_save_load(c, "lxc.hook.version", "2", tmpf, true);
if (ret == 0) {
lxc_error("%s\n", "lxc.hook.version");
goto non_test_error;
}
ret = set_get_compare_clear_save_load(c, "lxc.monitor.signal.pdeath", "SIGKILL", tmpf, true);
if (ret == 0) {
lxc_error("%s\n", "lxc.hook.version");
goto non_test_error;
}
if (set_get_compare_clear_save_load(c, "lxc.rootfs.managed", "1", tmpf, true) < 0) {
lxc_error("%s\n", "lxc.rootfs.managed");
goto non_test_error;
}
if (c->set_config_item(c, "lxc.notaconfigkey", "invalid")) {
lxc_error("%s\n", "Managed to set to set invalid config item \"lxc.notaconfigkey\" to \"invalid\"");
return -1;
}
fret = EXIT_SUCCESS;
non_test_error:
(void)unlink(tmpf);
(void)rmdir(dirname(c->configfile));
lxc_container_put(c);
exit(fret);
}
int main(int argc, char *argv[])
{
struct lxc_container *c;
int ret;
char v1[2], v2[256], v3[2048];
if ((c = lxc_container_new("testxyz", NULL)) == NULL) {
fprintf(stderr, "%d: error opening lxc_container %s\n", __LINE__, MYNAME);
ret = 1;
goto out;
}
if (!c->set_config_item(c, "lxc.hook.pre-start", "hi there")) {
fprintf(stderr, "%d: failed to set hook.pre-start\n", __LINE__);
ret = 1;
goto out;
}
ret = c->get_config_item(c, "lxc.hook.pre-start", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(lxc.hook.pre-start) returned %d\n", __LINE__, ret);
ret = 1;
goto out;
}
fprintf(stderr, "lxc.hook.pre-start returned %d %s\n", ret, v2);
ret = c->get_config_item(c, "lxc.network", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item returned %d\n", __LINE__, ret);
ret = 1;
goto out;
}
fprintf(stderr, "%d: get_config_item(lxc.network) returned %d %s\n", __LINE__, ret, v2);
if (!c->set_config_item(c, "lxc.tty", "4")) {
fprintf(stderr, "%d: failed to set tty\n", __LINE__);
ret = 1;
goto out;
}
ret = c->get_config_item(c, "lxc.tty", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(lxc.tty) returned %d\n", __LINE__, ret);
ret = 1;
goto out;
}
fprintf(stderr, "lxc.tty returned %d %s\n", ret, v2);
if (!c->set_config_item(c, "lxc.arch", "x86")) {
fprintf(stderr, "%d: failed to set arch\n", __LINE__);
ret = 1;
goto out;
}
ret = c->get_config_item(c, "lxc.arch", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(lxc.arch) returned %d\n", __LINE__, ret);
ret = 1;
goto out;
}
printf("lxc.arch returned %d %s\n", ret, v2);
if (!c->set_config_item(c, "lxc.init_uid", "100")) {
fprintf(stderr, "%d: failed to set init_uid\n", __LINE__);
ret = 1;
goto out;
}
ret = c->get_config_item(c, "lxc.init_uid", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(lxc.init_uid) returned %d\n", __LINE__, ret);
ret = 1;
goto out;
}
printf("lxc.init_uid returned %d %s\n", ret, v2);
if (!c->set_config_item(c, "lxc.init_gid", "100")) {
fprintf(stderr, "%d: failed to set init_gid\n", __LINE__);
ret = 1;
goto out;
}
ret = c->get_config_item(c, "lxc.init_gid", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(lxc.init_gid) returned %d\n", __LINE__, ret);
ret = 1;
goto out;
}
printf("lxc.init_gid returned %d %s\n", ret, v2);
#define HNAME "hostname1"
// demonstrate proper usage:
char *alloced;
if (!c->set_config_item(c, "lxc.utsname", HNAME)) {
fprintf(stderr, "%d: failed to set utsname\n", __LINE__);
ret = 1;
goto out;
}
int len;
len = c->get_config_item(c, "lxc.utsname", NULL, 0); // query the size of the string
if (len < 0) {
fprintf(stderr, "%d: get_config_item(lxc.utsname) returned %d\n", __LINE__, len);
ret = 1;
goto out;
}
printf("lxc.utsname returned %d\n", len);
// allocate the length of string + 1 for trailing \0
alloced = malloc(len+1);
if (!alloced) {
fprintf(stderr, "%d: failed to allocate %d bytes for utsname\n", __LINE__, len);
ret = 1;
goto out;
}
// now pass in the malloc'd array, and pass in length of string + 1: again
// because we need room for the trailing \0
ret = c->get_config_item(c, "lxc.utsname", alloced, len+1);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(lxc.utsname) returned %d\n", __LINE__, ret);
ret = 1;
goto out;
}
if (strcmp(alloced, HNAME) != 0 || ret != len) {
fprintf(stderr, "lxc.utsname returned wrong value: %d %s not %d %s\n", ret, alloced, len, HNAME);
ret = 1;
goto out;
}
printf("lxc.utsname returned %d %s\n", len, alloced);
free(alloced);
if (!c->set_config_item(c, "lxc.mount.entry", "hi there")) {
fprintf(stderr, "%d: failed to set mount.entry\n", __LINE__);
ret = 1;
goto out;
}
ret = c->get_config_item(c, "lxc.mount.entry", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(lxc.mount.entry) returned %d\n", __LINE__, ret);
ret = 1;
goto out;
}
printf("lxc.mount.entry returned %d %s\n", ret, v2);
if (!c->set_config_item(c, "lxc.aa_profile", "unconfined")) {
fprintf(stderr, "%d: failed to set aa_profile\n", __LINE__);
ret = 1;
goto out;
}
ret = c->get_config_item(c, "lxc.aa_profile", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(lxc.aa_profile) returned %d\n", __LINE__, ret);
ret = 1;
goto out;
}
printf("lxc.aa_profile returned %d %s\n", ret, v2);
lxc_container_put(c);
// new test with real container
if ((c = lxc_container_new(MYNAME, NULL)) == NULL) {
fprintf(stderr, "%d: error opening lxc_container %s\n", __LINE__, MYNAME);
ret = 1;
goto out;
}
c->destroy(c);
lxc_container_put(c);
if ((c = lxc_container_new(MYNAME, NULL)) == NULL) {
fprintf(stderr, "%d: error opening lxc_container %s\n", __LINE__, MYNAME);
ret = 1;
goto out;
}
if (!c->createl(c, "busybox", NULL, NULL, 0, NULL)) {
fprintf(stderr, "%d: failed to create a trusty container\n", __LINE__);
ret = 1;
goto out;
}
lxc_container_put(c);
/* XXX TODO load_config needs to clear out any old config first */
if ((c = lxc_container_new(MYNAME, NULL)) == NULL) {
fprintf(stderr, "%d: error opening lxc_container %s\n", __LINE__, MYNAME);
ret = 1;
goto out;
}
ret = c->get_config_item(c, "lxc.cap.drop", NULL, 300);
if (ret < 5 || ret > 255) {
fprintf(stderr, "%d: get_config_item(lxc.cap.drop) with NULL returned %d\n", __LINE__, ret);
ret = 1;
goto out;
}
ret = c->get_config_item(c, "lxc.cap.drop", v1, 1);
if (ret < 5 || ret > 255) {
fprintf(stderr, "%d: get_config_item(lxc.cap.drop) returned %d\n", __LINE__, ret);
ret = 1;
goto out;
}
ret = c->get_config_item(c, "lxc.cap.drop", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(lxc.cap.drop) returned %d %s\n", __LINE__, ret, v2);
ret = 1;
goto out;
}
printf("%d: get_config_item(lxc.cap.drop) returned %d %s\n", __LINE__, ret, v2);
ret = c->get_config_item(c, "lxc.network", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item returned %d\n", __LINE__, ret);
ret = 1;
goto out;
}
printf("%d: get_config_item(lxc.network) returned %d %s\n", __LINE__, ret, v2);
if (!c->set_config_item(c, "lxc.network.ipv4", "10.2.3.4")) {
fprintf(stderr, "%d: failed to set ipv4\n", __LINE__);
ret = 1;
goto out;
}
ret = c->get_config_item(c, "lxc.network.0.ipv4", v2, 255);
if (ret <= 0) {
fprintf(stderr, "%d: lxc.network.0.ipv4 returned %d\n", __LINE__, ret);
ret = 1;
goto out;
}
if (!c->clear_config_item(c, "lxc.network.0.ipv4")) {
fprintf(stderr, "%d: failed clearing all ipv4 entries\n", __LINE__);
ret = 1;
goto out;
}
ret = c->get_config_item(c, "lxc.network.0.ipv4", v2, 255);
if (ret != 0) {
fprintf(stderr, "%d: after clearing ipv4 entries get_item(lxc.network.0.ipv4 returned %d\n", __LINE__, ret);
ret = 1;
goto out;
}
if (!c->set_config_item(c, "lxc.network.ipv4.gateway", "10.2.3.254")) {
fprintf(stderr, "%d: failed to set ipv4.gateway\n", __LINE__);
ret = 1;
goto out;
}
ret = c->get_config_item(c, "lxc.network.0.ipv4.gateway", v2, 255);
if (ret <= 0) {
fprintf(stderr, "%d: lxc.network.0.ipv4.gateway returned %d\n", __LINE__, ret);
ret = 1;
goto out;
}
if (!c->set_config_item(c, "lxc.network.0.ipv4.gateway", "")) {
fprintf(stderr, "%d: failed clearing ipv4.gateway\n", __LINE__);
ret = 1;
goto out;
}
ret = c->get_config_item(c, "lxc.network.0.ipv4.gateway", v2, 255);
if (ret != 0) {
fprintf(stderr, "%d: after clearing ipv4.gateway get_item(lxc.network.0.ipv4.gateway returned %d\n", __LINE__, ret);
ret = 1;
goto out;
}
ret = c->get_config_item(c, "lxc.network.0.link", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item returned %d\n", __LINE__, ret);
ret = 1;
goto out;
}
printf("%d: get_config_item (link) returned %d %s\n", __LINE__, ret, v2);
ret = c->get_config_item(c, "lxc.network.0.name", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item returned %d\n", __LINE__, ret);
ret = 1;
goto out;
}
printf("%d: get_config_item (name) returned %d %s\n", __LINE__, ret, v2);
if (!c->clear_config_item(c, "lxc.network")) {
fprintf(stderr, "%d: clear_config_item failed\n", __LINE__);
ret = 1;
goto out;
}
ret = c->get_config_item(c, "lxc.network", v2, 255);
if (ret != 0) {
fprintf(stderr, "%d: network was not actually cleared (get_network returned %d)\n", __LINE__, ret);
ret = 1;
goto out;
}
ret = c->get_config_item(c, "lxc.cgroup", v3, 2047);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(cgroup.devices) returned %d\n", __LINE__, ret);
ret = 1;
goto out;
}
printf("%d: get_config_item (cgroup.devices) returned %d %s\n", __LINE__, ret, v3);
ret = c->get_config_item(c, "lxc.cgroup.devices.allow", v3, 2047);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(cgroup.devices.devices.allow) returned %d\n", __LINE__, ret);
ret = 1;
goto out;
}
printf("%d: get_config_item (cgroup.devices.devices.allow) returned %d %s\n", __LINE__, ret, v3);
if (!c->clear_config_item(c, "lxc.cgroup")) {
fprintf(stderr, "%d: failed clearing lxc.cgroup\n", __LINE__);
ret = 1;
goto out;
}
if (!c->clear_config_item(c, "lxc.cap.drop")) {
fprintf(stderr, "%d: failed clearing lxc.cap.drop\n", __LINE__);
ret = 1;
goto out;
}
if (!c->clear_config_item(c, "lxc.mount.entries")) {
fprintf(stderr, "%d: failed clearing lxc.mount.entries\n", __LINE__);
ret = 1;
goto out;
}
if (!c->clear_config_item(c, "lxc.hook")) {
fprintf(stderr, "%d: failed clearing lxc.hook\n", __LINE__);
ret = 1;
goto out;
}
c->destroy(c);
printf("All get_item tests passed\n");
ret = 0;
out:
lxc_container_put(c);
exit(ret);
};
int main(int argc, char *argv[])
{
int ret;
struct lxc_container *c;
int fret = EXIT_FAILURE;
char v1[2], v2[256], v3[2048];
if ((c = lxc_container_new("testxyz", NULL)) == NULL) {
fprintf(stderr, "%d: error opening lxc_container %s\n", __LINE__, MYNAME);
exit(EXIT_FAILURE);
}
/* EXPECT SUCCESS: lxc.log.syslog with valid value. */
if (!c->set_config_item(c, "lxc.log.syslog", "local0")) {
lxc_error("%s\n", "Failed to set lxc.log.syslog.\n");
goto out;
}
ret = c->get_config_item(c, "lxc.log.syslog", v2, 255);
if (ret < 0) {
lxc_error("Failed to retrieve lxc.log.syslog: %d.\n", ret);
goto out;
}
if (strcmp(v2, "local0") != 0) {
lxc_error("Expected: local0 == %s.\n", v2);
goto out;
}
lxc_debug("Retrieving value for lxc.log.syslog correctly returned: %s.\n", v2);
/* EXPECT FAILURE: lxc.log.syslog with invalid value. */
if (c->set_config_item(c, "lxc.log.syslog", "NONSENSE")) {
lxc_error("%s\n", "Succeeded int setting lxc.log.syslog to invalid value \"NONSENSE\".\n");
goto out;
}
lxc_debug("%s\n", "Successfully failed to set lxc.log.syslog to invalid value.\n");
if (!c->set_config_item(c, "lxc.hook.pre-start", "hi there")) {
fprintf(stderr, "%d: failed to set hook.pre-start\n", __LINE__);
goto out;
}
ret = c->get_config_item(c, "lxc.hook.pre-start", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(lxc.hook.pre-start) returned %d\n", __LINE__, ret);
goto out;
}
fprintf(stderr, "lxc.hook.pre-start returned %d %s\n", ret, v2);
ret = c->get_config_item(c, "lxc.net", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item returned %d\n", __LINE__, ret);
goto out;
}
fprintf(stderr, "%d: get_config_item(lxc.net) returned %d %s\n", __LINE__, ret, v2);
if (!c->set_config_item(c, "lxc.tty.max", "4")) {
fprintf(stderr, "%d: failed to set tty\n", __LINE__);
goto out;
}
ret = c->get_config_item(c, "lxc.tty.max", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(lxc.tty) returned %d\n", __LINE__, ret);
goto out;
}
fprintf(stderr, "lxc.tty returned %d %s\n", ret, v2);
if (!c->set_config_item(c, "lxc.arch", "x86")) {
fprintf(stderr, "%d: failed to set arch\n", __LINE__);
goto out;
}
ret = c->get_config_item(c, "lxc.arch", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(lxc.arch) returned %d\n", __LINE__, ret);
goto out;
}
printf("lxc.arch returned %d %s\n", ret, v2);
if (!c->set_config_item(c, "lxc.init.uid", "100")) {
fprintf(stderr, "%d: failed to set init_uid\n", __LINE__);
goto out;
}
ret = c->get_config_item(c, "lxc.init.uid", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(lxc.init_uid) returned %d\n", __LINE__, ret);
goto out;
}
printf("lxc.init_uid returned %d %s\n", ret, v2);
if (!c->set_config_item(c, "lxc.init.gid", "100")) {
fprintf(stderr, "%d: failed to set init_gid\n", __LINE__);
goto out;
}
ret = c->get_config_item(c, "lxc.init.gid", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(lxc.init_gid) returned %d\n", __LINE__, ret);
goto out;
}
printf("lxc.init_gid returned %d %s\n", ret, v2);
#define HNAME "hostname1"
// demonstrate proper usage:
char *alloced;
int len;
if (!c->set_config_item(c, "lxc.uts.name", HNAME)) {
fprintf(stderr, "%d: failed to set utsname\n", __LINE__);
goto out;
}
len = c->get_config_item(c, "lxc.uts.name", NULL, 0); // query the size of the string
if (len < 0) {
fprintf(stderr, "%d: get_config_item(lxc.utsname) returned %d\n", __LINE__, len);
goto out;
}
printf("lxc.utsname returned %d\n", len);
// allocate the length of string + 1 for trailing \0
alloced = malloc(len+1);
if (!alloced) {
fprintf(stderr, "%d: failed to allocate %d bytes for utsname\n", __LINE__, len);
goto out;
}
// now pass in the malloc'd array, and pass in length of string + 1: again
// because we need room for the trailing \0
ret = c->get_config_item(c, "lxc.uts.name", alloced, len+1);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(lxc.utsname) returned %d\n", __LINE__, ret);
goto out;
}
if (strcmp(alloced, HNAME) != 0 || ret != len) {
fprintf(stderr, "lxc.utsname returned wrong value: %d %s not %d %s\n", ret, alloced, len, HNAME);
goto out;
}
printf("lxc.utsname returned %d %s\n", len, alloced);
free(alloced);
if (!c->set_config_item(c, "lxc.mount.entry", "hi there")) {
fprintf(stderr, "%d: failed to set mount.entry\n", __LINE__);
goto out;
}
ret = c->get_config_item(c, "lxc.mount.entry", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(lxc.mount.entry) returned %d\n", __LINE__, ret);
goto out;
}
printf("lxc.mount.entry returned %d %s\n", ret, v2);
ret = c->get_config_item(c, "lxc.prlimit", v3, 2047);
if (ret != 0) {
fprintf(stderr, "%d: get_config_item(limit) returned %d\n", __LINE__, ret);
goto out;
}
if (!c->set_config_item(c, "lxc.prlimit.nofile", "1234:unlimited")) {
fprintf(stderr, "%d: failed to set limit.nofile\n", __LINE__);
goto out;
}
ret = c->get_config_item(c, "lxc.prlimit.nofile", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(lxc.prlimit.nofile) returned %d\n", __LINE__, ret);
goto out;
}
if (strcmp(v2, "1234:unlimited")) {
fprintf(stderr, "%d: lxc.prlimit.nofile returned wrong value: %d %s not 14 1234:unlimited\n", __LINE__, ret, v2);
goto out;
}
printf("lxc.prlimit.nofile returned %d %s\n", ret, v2);
if (!c->set_config_item(c, "lxc.prlimit.stack", "unlimited")) {
fprintf(stderr, "%d: failed to set limit.stack\n", __LINE__);
goto out;
}
ret = c->get_config_item(c, "lxc.prlimit.stack", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(lxc.prlimit.stack) returned %d\n", __LINE__, ret);
goto out;
}
if (strcmp(v2, "unlimited")) {
fprintf(stderr, "%d: lxc.prlimit.stack returned wrong value: %d %s not 9 unlimited\n", __LINE__, ret, v2);
goto out;
}
printf("lxc.prlimit.stack returned %d %s\n", ret, v2);
#define LIMIT_STACK "lxc.prlimit.stack = unlimited\n"
#define ALL_LIMITS "lxc.prlimit.nofile = 1234:unlimited\n" LIMIT_STACK
ret = c->get_config_item(c, "lxc.prlimit", v3, 2047);
if (ret != sizeof(ALL_LIMITS)-1) {
fprintf(stderr, "%d: get_config_item(limit) returned %d\n", __LINE__, ret);
goto out;
}
if (strcmp(v3, ALL_LIMITS)) {
fprintf(stderr, "%d: lxc.prlimit returned wrong value: %d %s not %d %s\n", __LINE__, ret, v3, (int)sizeof(ALL_LIMITS)-1, ALL_LIMITS);
goto out;
}
printf("lxc.prlimit returned %d %s\n", ret, v3);
if (!c->clear_config_item(c, "lxc.prlimit.nofile")) {
fprintf(stderr, "%d: failed clearing limit.nofile\n", __LINE__);
goto out;
}
ret = c->get_config_item(c, "lxc.prlimit", v3, 2047);
if (ret != sizeof(LIMIT_STACK)-1) {
fprintf(stderr, "%d: get_config_item(limit) returned %d\n", __LINE__, ret);
goto out;
}
if (strcmp(v3, LIMIT_STACK)) {
fprintf(stderr, "%d: lxc.prlimit returned wrong value: %d %s not %d %s\n", __LINE__, ret, v3, (int)sizeof(LIMIT_STACK)-1, LIMIT_STACK);
goto out;
}
printf("lxc.prlimit returned %d %s\n", ret, v3);
#define SYSCTL_SOMAXCONN "lxc.sysctl.net.core.somaxconn = 256\n"
#define ALL_SYSCTLS "lxc.sysctl.net.ipv4.ip_forward = 1\n" SYSCTL_SOMAXCONN
ret = c->get_config_item(c, "lxc.sysctl", v3, 2047);
if (ret != 0) {
fprintf(stderr, "%d: get_config_item(sysctl) returned %d\n", __LINE__, ret);
goto out;
}
if (!c->set_config_item(c, "lxc.sysctl.net.ipv4.ip_forward", "1")) {
fprintf(stderr, "%d: failed to set lxc.sysctl.net.ipv4.ip_forward\n", __LINE__);
goto out;
}
ret = c->get_config_item(c, "lxc.sysctl.net.ipv4.ip_forward", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(lxc.sysctl.net.ipv4.ip_forward) returned %d\n", __LINE__, ret);
goto out;
}
if (strcmp(v2, "1")) {
fprintf(stderr, "%d: lxc.sysctl.net.ipv4.ip_forward returned wrong value: %d %s not 1\n", __LINE__, ret, v2);
goto out;
}
printf("lxc.sysctl.net.ipv4.ip_forward returned %d %s\n", ret, v2);
if (!c->set_config_item(c, "lxc.sysctl.net.core.somaxconn", "256")) {
fprintf(stderr, "%d: failed to set lxc.sysctl.net.core.somaxconn\n", __LINE__);
goto out;
}
ret = c->get_config_item(c, "lxc.sysctl.net.core.somaxconn", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(lxc.sysctl.net.core.somaxconn) returned %d\n", __LINE__, ret);
goto out;
}
if (strcmp(v2, "256")) {
fprintf(stderr, "%d: lxc.sysctl.net.core.somaxconn returned wrong value: %d %s not 256\n", __LINE__, ret, v2);
goto out;
}
printf("lxc.sysctl.net.core.somaxconn returned %d %s\n", ret, v2);
ret = c->get_config_item(c, "lxc.sysctl", v3, 2047);
if (ret != sizeof(ALL_SYSCTLS)-1) {
fprintf(stderr, "%d: get_config_item(sysctl) returned %d\n", __LINE__, ret);
goto out;
}
if (strcmp(v3, ALL_SYSCTLS)) {
fprintf(stderr, "%d: lxc.sysctl returned wrong value: %d %s not %d %s\n", __LINE__, ret, v3, (int)sizeof(ALL_SYSCTLS) - 1, ALL_SYSCTLS);
goto out;
}
printf("lxc.sysctl returned %d %s\n", ret, v3);
if (!c->clear_config_item(c, "lxc.sysctl.net.ipv4.ip_forward")) {
fprintf(stderr, "%d: failed clearing lxc.sysctl.net.ipv4.ip_forward\n", __LINE__);
goto out;
}
ret = c->get_config_item(c, "lxc.sysctl", v3, 2047);
if (ret != sizeof(SYSCTL_SOMAXCONN) - 1) {
fprintf(stderr, "%d: get_config_item(sysctl) returned %d\n", __LINE__, ret);
goto out;
}
if (strcmp(v3, SYSCTL_SOMAXCONN)) {
fprintf(stderr, "%d: lxc.sysctl returned wrong value: %d %s not %d %s\n", __LINE__, ret, v3, (int)sizeof(SYSCTL_SOMAXCONN) - 1, SYSCTL_SOMAXCONN);
goto out;
}
printf("lxc.sysctl returned %d %s\n", ret, v3);
#define PROC_OOM_SCORE_ADJ "lxc.proc.oom_score_adj = 10\n"
#define ALL_PROCS "lxc.proc.setgroups = allow\n" PROC_OOM_SCORE_ADJ
ret = c->get_config_item(c, "lxc.proc", v3, 2047);
if (ret != 0) {
fprintf(stderr, "%d: get_config_item(proc) returned %d\n", __LINE__, ret);
goto out;
}
if (!c->set_config_item(c, "lxc.proc.setgroups", "allow")) {
fprintf(stderr, "%d: failed to set lxc.proc.setgroups\n", __LINE__);
goto out;
}
ret = c->get_config_item(c, "lxc.proc.setgroups", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(lxc.proc.setgroups) returned %d\n", __LINE__, ret);
goto out;
}
if (strcmp(v2, "allow")) {
fprintf(stderr, "%d: lxc.proc.setgroups returned wrong value: %d %s not 10\n", __LINE__, ret, v2);
goto out;
}
printf("lxc.proc.setgroups returned %d %s\n", ret, v2);
if (!c->set_config_item(c, "lxc.proc.oom_score_adj", "10")) {
fprintf(stderr, "%d: failed to set lxc.proc.oom_score_adj\n", __LINE__);
goto out;
}
ret = c->get_config_item(c, "lxc.proc.oom_score_adj", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(lxc.proc.oom_score_adj) returned %d\n", __LINE__, ret);
goto out;
}
if (strcmp(v2, "10")) {
fprintf(stderr, "%d: lxc.proc.oom_score_adj returned wrong value: %d %s not 10\n", __LINE__, ret, v2);
goto out;
}
printf("lxc.proc.oom_score_adj returned %d %s\n", ret, v2);
ret = c->get_config_item(c, "lxc.proc", v3, 2047);
if (ret != sizeof(ALL_PROCS)-1) {
fprintf(stderr, "%d: get_config_item(proc) returned %d\n", __LINE__, ret);
goto out;
}
if (strcmp(v3, ALL_PROCS)) {
fprintf(stderr, "%d: lxc.proc returned wrong value: %d %s not %d %s\n", __LINE__, ret, v3, (int)sizeof(ALL_PROCS) - 1, ALL_PROCS);
goto out;
}
printf("lxc.proc returned %d %s\n", ret, v3);
if (!c->clear_config_item(c, "lxc.proc.setgroups")) {
fprintf(stderr, "%d: failed clearing lxc.proc.setgroups\n", __LINE__);
goto out;
}
ret = c->get_config_item(c, "lxc.proc", v3, 2047);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(proc) returned %d\n", __LINE__, ret);
goto out;
}
if (strcmp(v3, PROC_OOM_SCORE_ADJ)) {
fprintf(stderr, "%d: lxc.proc returned wrong value: %d %s not %d %s\n", __LINE__, ret, v3, (int)sizeof(PROC_OOM_SCORE_ADJ) - 1, PROC_OOM_SCORE_ADJ);
goto out;
}
printf("lxc.proc returned %d %s\n", ret, v3);
if (!c->set_config_item(c, "lxc.apparmor.profile", "unconfined")) {
fprintf(stderr, "%d: failed to set aa_profile\n", __LINE__);
goto out;
}
ret = c->get_config_item(c, "lxc.apparmor.profile", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(lxc.aa_profile) returned %d\n", __LINE__, ret);
goto out;
}
printf("lxc.aa_profile returned %d %s\n", ret, v2);
lxc_container_put(c);
// new test with real container
if ((c = lxc_container_new(MYNAME, NULL)) == NULL) {
fprintf(stderr, "%d: error opening lxc_container %s\n", __LINE__, MYNAME);
goto out;
}
c->destroy(c);
lxc_container_put(c);
if ((c = lxc_container_new(MYNAME, NULL)) == NULL) {
fprintf(stderr, "%d: error opening lxc_container %s\n", __LINE__, MYNAME);
goto out;
}
if (!c->createl(c, "busybox", NULL, NULL, 0, NULL)) {
fprintf(stderr, "%d: failed to create a trusty container\n", __LINE__);
goto out;
}
lxc_container_put(c);
/* XXX TODO load_config needs to clear out any old config first */
if ((c = lxc_container_new(MYNAME, NULL)) == NULL) {
fprintf(stderr, "%d: error opening lxc_container %s\n", __LINE__, MYNAME);
goto out;
}
ret = c->get_config_item(c, "lxc.cap.drop", NULL, 300);
if (ret < 5 || ret > 255) {
fprintf(stderr, "%d: get_config_item(lxc.cap.drop) with NULL returned %d\n", __LINE__, ret);
goto out;
}
ret = c->get_config_item(c, "lxc.cap.drop", v1, 1);
if (ret < 5 || ret > 255) {
fprintf(stderr, "%d: get_config_item(lxc.cap.drop) returned %d\n", __LINE__, ret);
goto out;
}
ret = c->get_config_item(c, "lxc.cap.drop", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(lxc.cap.drop) returned %d %s\n", __LINE__, ret, v2);
goto out;
}
printf("%d: get_config_item(lxc.cap.drop) returned %d %s\n", __LINE__, ret, v2);
ret = c->get_config_item(c, "lxc.net", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(lxc.net) returned %d\n", __LINE__, ret);
goto out;
}
printf("%d: get_config_item(lxc.net) returned %d %s\n", __LINE__, ret, v2);
if (!c->set_config_item(c, "lxc.net.0.type", "veth")) {
fprintf(stderr, "%d: failed to set lxc.net.0.type\n", __LINE__);
goto out;
}
if (!c->set_config_item(c, "lxc.net.0.link", "lxcbr0")) {
fprintf(stderr, "%d: failed to set network.link\n", __LINE__);
goto out;
}
if (!c->set_config_item(c, "lxc.net.0.flags", "up")) {
fprintf(stderr, "%d: failed to set network.flags\n", __LINE__);
goto out;
}
if (!c->set_config_item(c, "lxc.net.0.hwaddr", "00:16:3e:xx:xx:xx")) {
fprintf(stderr, "%d: failed to set network.hwaddr\n", __LINE__);
goto out;
}
if (!c->set_config_item(c, "lxc.net.0.ipv4.address", "10.2.3.4")) {
fprintf(stderr, "%d: failed to set ipv4\n", __LINE__);
goto out;
}
ret = c->get_config_item(c, "lxc.net.0.ipv4.address", v2, 255);
if (ret <= 0) {
fprintf(stderr, "%d: lxc.net.0.ipv4 returned %d\n", __LINE__, ret);
goto out;
}
if (!c->clear_config_item(c, "lxc.net.0.ipv4.address")) {
fprintf(stderr, "%d: failed clearing all ipv4 entries\n", __LINE__);
goto out;
}
ret = c->get_config_item(c, "lxc.net.0.ipv4.address", v2, 255);
if (ret != 0) {
fprintf(stderr, "%d: after clearing ipv4 entries get_item(lxc.network.0.ipv4 returned %d\n", __LINE__, ret);
goto out;
}
if (!c->set_config_item(c, "lxc.net.0.ipv4.gateway", "10.2.3.254")) {
fprintf(stderr, "%d: failed to set ipv4.gateway\n", __LINE__);
goto out;
}
ret = c->get_config_item(c, "lxc.net.0.ipv4.gateway", v2, 255);
if (ret <= 0) {
fprintf(stderr, "%d: lxc.net.0.ipv4.gateway returned %d\n", __LINE__, ret);
goto out;
}
if (!c->set_config_item(c, "lxc.net.0.ipv4.gateway", "")) {
fprintf(stderr, "%d: failed clearing ipv4.gateway\n", __LINE__);
goto out;
}
ret = c->get_config_item(c, "lxc.net.0.ipv4.gateway", v2, 255);
if (ret != 0) {
fprintf(stderr, "%d: after clearing ipv4.gateway get_item(lxc.network.0.ipv4.gateway returned %d\n", __LINE__, ret);
goto out;
}
ret = c->get_config_item(c, "lxc.net.0.link", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item returned %d\n", __LINE__, ret);
goto out;
}
printf("%d: get_config_item (link) returned %d %s\n", __LINE__, ret, v2);
ret = c->get_config_item(c, "lxc.net.0.name", v2, 255);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item returned %d\n", __LINE__, ret);
goto out;
}
printf("%d: get_config_item (name) returned %d %s\n", __LINE__, ret, v2);
if (!c->clear_config_item(c, "lxc.net")) {
fprintf(stderr, "%d: clear_config_item failed\n", __LINE__);
goto out;
}
ret = c->get_config_item(c, "lxc.net", v2, 255);
if (ret != 0) {
fprintf(stderr, "%d: network was not actually cleared (get_network returned %d)\n", __LINE__, ret);
goto out;
}
ret = c->get_config_item(c, "lxc.cgroup", v3, 2047);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(cgroup.devices) returned %d\n", __LINE__, ret);
goto out;
}
printf("%d: get_config_item (cgroup.devices) returned %d %s\n", __LINE__, ret, v3);
ret = c->get_config_item(c, "lxc.cgroup.devices.allow", v3, 2047);
if (ret < 0) {
fprintf(stderr, "%d: get_config_item(cgroup.devices.devices.allow) returned %d\n", __LINE__, ret);
goto out;
}
printf("%d: get_config_item (cgroup.devices.devices.allow) returned %d %s\n", __LINE__, ret, v3);
if (!c->clear_config_item(c, "lxc.cgroup")) {
fprintf(stderr, "%d: failed clearing lxc.cgroup\n", __LINE__);
goto out;
}
if (!c->clear_config_item(c, "lxc.cap.drop")) {
fprintf(stderr, "%d: failed clearing lxc.cap.drop\n", __LINE__);
goto out;
}
if (!c->clear_config_item(c, "lxc.mount.entry")) {
fprintf(stderr, "%d: failed clearing lxc.mount.entry\n", __LINE__);
goto out;
}
if (!c->clear_config_item(c, "lxc.hook")) {
fprintf(stderr, "%d: failed clearing lxc.hook\n", __LINE__);
goto out;
}
if (!lxc_config_item_is_supported("lxc.arch")) {
fprintf(stderr, "%d: failed to report \"lxc.arch\" as supported configuration item\n", __LINE__);
goto out;
}
if (lxc_config_item_is_supported("lxc.nonsense")) {
fprintf(stderr, "%d: failed to detect \"lxc.nonsense\" as unsupported configuration item\n", __LINE__);
goto out;
}
if (c->set_config_item(c, "lxc.notaconfigkey", "invalid")) {
fprintf(stderr, "%d: Managed to set \"lxc.notaconfigkey\"\n", __LINE__);
goto out;
}
printf("All get_item tests passed\n");
fret = EXIT_SUCCESS;
out:
if (c) {
c->destroy(c);
lxc_container_put(c);
}
exit(fret);
}
int main(int argc, char *argv[])
{
struct lxc_container *c;
int ret = 0;
const char *s;
bool b;
char *str;
ret = 1;
/* test refcounting */
c = lxc_container_new(MYNAME, NULL);
if (!c) {
fprintf(stderr, "%d: error creating lxc_container %s\n", __LINE__, MYNAME);
goto out;
}
if (!lxc_container_get(c)) {
fprintf(stderr, "%d: error getting refcount\n", __LINE__);
goto out;
}
/* peek in, inappropriately, make sure refcount is a we'd like */
if (c->numthreads != 2) {
fprintf(stderr, "%d: refcount is %d, not %d\n", __LINE__, c->numthreads, 2);
goto out;
}
if (strcmp(c->name, MYNAME) != 0) {
fprintf(stderr, "%d: container has wrong name (%s not %s)\n", __LINE__, c->name, MYNAME);
goto out;
}
str = c->config_file_name(c);
#define CONFIGFNAM LXCPATH "/" MYNAME "/config"
if (!str || strcmp(str, CONFIGFNAM)) {
fprintf(stderr, "%d: got wrong config file name (%s, not %s)\n", __LINE__, str, CONFIGFNAM);
goto out;
}
free(str);
free(c->configfile);
c->configfile = NULL;
str = c->config_file_name(c);
if (str) {
fprintf(stderr, "%d: config file name was not NULL as it should have been\n", __LINE__);
goto out;
}
if (lxc_container_put(c) != 0) {
fprintf(stderr, "%d: c was freed on non-final put\n", __LINE__);
goto out;
}
if (c->numthreads != 1) {
fprintf(stderr, "%d: refcount is %d, not %d\n", __LINE__, c->numthreads, 1);
goto out;
}
if (lxc_container_put(c) != 1) {
fprintf(stderr, "%d: c was not freed on final put\n", __LINE__);
goto out;
}
/* test a real container */
c = lxc_container_new(MYNAME, NULL);
if (!c) {
fprintf(stderr, "%d: error creating lxc_container %s\n", __LINE__, MYNAME);
ret = 1;
goto out;
}
b = c->is_defined(c);
if (b) {
fprintf(stderr, "%d: %s thought it was defined\n", __LINE__, MYNAME);
goto out;
}
s = c->state(c);
if (s && strcmp(s, "STOPPED") != 0) {
// liblxc says a container is STOPPED if it doesn't exist. That's because
// the container may be an application container - it's not wrong, just
// sometimes unintuitive.
fprintf(stderr, "%d: %s thinks it is in state %s\n", __LINE__, c->name, s);
goto out;
}
// create a container
// the liblxc api does not support creation - it probably will eventually,
// but not yet.
// So we just call out to lxc-create. We'll create a busybox container.
ret = create_busybox();
if (ret) {
fprintf(stderr, "%d: failed to create a busybox container\n", __LINE__);
goto out;
}
b = c->is_defined(c);
if (!b) {
fprintf(stderr, "%d: %s thought it was not defined\n", __LINE__, MYNAME);
goto out;
}
s = c->state(c);
if (!s || strcmp(s, "STOPPED")) {
fprintf(stderr, "%d: %s is in state %s, not in STOPPED.\n", __LINE__, c->name, s ? s : "undefined");
goto out;
}
b = c->load_config(c, NULL);
if (!b) {
fprintf(stderr, "%d: %s failed to read its config\n", __LINE__, c->name);
goto out;
}
// test wait states
int numstates = lxc_get_wait_states(NULL);
if (numstates != MAX_STATE) {
fprintf(stderr, "%d: lxc_get_wait_states gave %d not %d\n", __LINE__, numstates, MAX_STATE);
goto out;
}
const char **sstr = malloc(numstates * sizeof(const char *));
numstates = lxc_get_wait_states(sstr);
int i;
for (i=0; i<numstates; i++) {
fprintf(stderr, "got state %d %s\n", i, sstr[i]);
}
free(sstr);
/* non-daemonized is tested in 'startone' */
c->want_daemonize(c, true);
if (!c->startl(c, 0, NULL, NULL)) {
fprintf(stderr, "%d: %s failed to start daemonized\n", __LINE__, c->name);
goto out;
}
if (!c->wait(c, "RUNNING", -1)) {
fprintf(stderr, "%d: failed waiting for state RUNNING\n", __LINE__);
goto out;
}
sleep(3);
s = c->state(c);
if (!s || strcmp(s, "RUNNING")) {
fprintf(stderr, "%d: %s is in state %s, not in RUNNING.\n", __LINE__, c->name, s ? s : "undefined");
goto out;
}
fprintf(stderr, "all lxc_container tests passed for %s\n", c->name);
ret = 0;
out:
if (c) {
c->stop(c);
destroy_busybox();
}
lxc_container_put(c);
exit(ret);
}
int main(int argc, char *argv[])
{
struct lxc_container *c;
int ret = 1;
if ((c = lxc_container_new(MYNAME, NULL)) == NULL) {
fprintf(stderr, "%d: error opening lxc_container %s\n", __LINE__, MYNAME);
ret = 1;
goto out;
}
if (c->is_defined(c)) {
fprintf(stderr, "%d: %s thought it was defined\n", __LINE__, MYNAME);
goto out;
}
if (!c->set_config_item(c, "lxc.network.type", "veth")) {
fprintf(stderr, "%d: failed to set network type\n", __LINE__);
goto out;
}
c->set_config_item(c, "lxc.network.link", "lxcbr0");
c->set_config_item(c, "lxc.network.flags", "up");
if (!c->createl(c, "ubuntu", NULL, NULL, "-r", "lucid", NULL)) {
fprintf(stderr, "%d: failed to create a lucid container\n", __LINE__);
goto out;
}
if (!c->is_defined(c)) {
fprintf(stderr, "%d: %s thought it was not defined\n", __LINE__, MYNAME);
goto out;
}
c->load_config(c, NULL);
c->want_daemonize(c);
if (!c->startl(c, 0, NULL)) {
fprintf(stderr, "%d: failed to start %s\n", __LINE__, MYNAME);
goto out;
}
fprintf(stderr, "%d: %s started, you have 60 seconds to test a console\n", __LINE__, MYNAME);
sleep(60); // wait a minute to let user connect to console
if (!c->shutdown(c, 60)) {
fprintf(stderr, "%d: failed to shut down %s\n", __LINE__, MYNAME);
goto out;
}
if (!c->destroy(c)) {
fprintf(stderr, "%d: error deleting %s\n", __LINE__, MYNAME);
goto out;
}
if (c->is_defined(c)) {
fprintf(stderr, "%d: %s thought it was defined\n", __LINE__, MYNAME);
goto out;
}
fprintf(stderr, "all lxc_container tests passed for %s\n", c->name);
ret = 0;
out:
lxc_container_put(c);
exit(ret);
}
int main(int argc, char *argv[])
{
int i, init_pid, j;
char proc_ns_path[4096];
char ipc_ns_buf[4096];
char net_ns_buf[4096];
pthread_attr_t attr;
pthread_t threads[10];
struct thread_args args[10];
struct lxc_container *c;
int ret = EXIT_FAILURE;
c = lxc_container_new("owning-ns", NULL);
if (!c) {
lxc_error("%s", "Failed to create container \"owning-ns\"");
exit(ret);
}
if (c->is_defined(c)) {
lxc_error("%s\n", "Container \"owning-ns\" is defined");
goto on_error_put;
}
if (!c->createl(c, "busybox", NULL, NULL, 0, NULL)) {
lxc_error("%s\n", "Failed to create busybox container \"owning-ns\"");
goto on_error_put;
}
if (!c->is_defined(c)) {
lxc_error("%s\n", "Container \"owning-ns\" is not defined");
goto on_error_put;
}
c->clear_config(c);
if (!c->load_config(c, NULL)) {
lxc_error("%s\n", "Failed to load config for container \"owning-ns\"");
goto on_error_stop;
}
if (!c->want_daemonize(c, true)) {
lxc_error("%s\n", "Failed to mark container \"owning-ns\" daemonized");
goto on_error_stop;
}
if (!c->startl(c, 0, NULL)) {
lxc_error("%s\n", "Failed to start container \"owning-ns\" daemonized");
goto on_error_stop;
}
init_pid = c->init_pid(c);
if (init_pid < 0) {
lxc_error("%s\n", "Failed to retrieve init pid of container \"owning-ns\"");
goto on_error_stop;
}
/* record our ipc namespace */
ret = snprintf(proc_ns_path, sizeof(proc_ns_path), "/proc/%d/ns/ipc", init_pid);
if (ret < 0 || (size_t)ret >= sizeof(proc_ns_path)) {
lxc_error("%s\n", "Failed to create string for container \"owning-ns\"");
goto on_error_stop;
}
ret = readlink(proc_ns_path, ipc_ns_buf, sizeof(ipc_ns_buf));
if (ret < 0 || (size_t)ret >= sizeof(ipc_ns_buf)) {
lxc_error("%s\n", "Failed to retrieve ipc namespace for container \"owning-ns\"");
goto on_error_stop;
}
ipc_ns_buf[ret] = '\0';
/* record our net namespace */
ret = snprintf(proc_ns_path, sizeof(proc_ns_path), "/proc/%d/ns/net", init_pid);
if (ret < 0 || (size_t)ret >= sizeof(proc_ns_path)) {
lxc_error("%s\n", "Failed to create string for container \"owning-ns\"");
goto on_error_stop;
}
ret = readlink(proc_ns_path, net_ns_buf, sizeof(net_ns_buf));
if (ret < 0 || (size_t)ret >= sizeof(net_ns_buf)) {
lxc_error("%s\n", "Failed to retrieve ipc namespace for container \"owning-ns\"");
goto on_error_stop;
}
net_ns_buf[ret] = '\0';
sleep(5);
pthread_attr_init(&attr);
for (j = 0; j < 10; j++) {
lxc_debug("Starting namespace sharing test iteration %d\n", j);
for (i = 0; i < 10; i++) {
int ret;
args[i].thread_id = i;
args[i].success = false;
args[i].init_pid = init_pid;
args[i].inherited_ipc_ns = ipc_ns_buf;
args[i].inherited_net_ns = net_ns_buf;
ret = pthread_create(&threads[i], &attr, ns_sharing_wrapper, (void *) &args[i]);
if (ret != 0)
goto on_error_stop;
}
for (i = 0; i < 10; i++) {
int ret;
ret = pthread_join(threads[i], NULL);
if (ret != 0)
goto on_error_stop;
if (!args[i].success) {
lxc_error("ns sharing thread %d failed\n", args[i].thread_id);
goto on_error_stop;
}
}
}
ret = EXIT_SUCCESS;
on_error_stop:
if (c->is_running(c) && !c->stop(c))
lxc_error("%s\n", "Failed to stop container \"owning-ns\"");
if (!c->destroy(c))
lxc_error("%s\n", "Failed to destroy container \"owning-ns\"");
on_error_put:
lxc_container_put(c);
if (ret == EXIT_SUCCESS)
lxc_debug("%s\n", "All state namespace sharing tests passed");
exit(ret);
}
int main(int argc, char *argv[])
{
struct lxc_container *c;
bool s;
int ret = EXIT_FAILURE;
if (lxc_arguments_parse(&my_args, argc, argv))
exit(ret);
if (lxc_log_init(my_args.name, my_args.log_file, my_args.log_priority,
my_args.progname, my_args.quiet, my_args.lxcpath[0]))
exit(ret);
lxc_log_options_no_override();
/* Set default timeout */
if (my_args.timeout == -2) {
if (my_args.hardstop)
my_args.timeout = 0;
else
my_args.timeout = 60;
}
if (my_args.nowait)
my_args.timeout = 0;
/* some checks */
if (!my_args.hardstop && my_args.timeout < -1) {
fprintf(stderr, "invalid timeout\n");
exit(ret);
}
if (my_args.hardstop && my_args.nokill) {
fprintf(stderr, "-k can't be used with --nokill\n");
exit(ret);
}
if (my_args.hardstop && my_args.reboot) {
fprintf(stderr, "-k can't be used with -r\n");
exit(ret);
}
if (my_args.hardstop && my_args.timeout) {
fprintf(stderr, "-k doesn't allow timeouts\n");
exit(ret);
}
if (my_args.nolock && !my_args.hardstop) {
fprintf(stderr, "--nolock may only be used with -k\n");
exit(ret);
}
/* shortcut - if locking is bogus, we should be able to kill
* containers at least */
if (my_args.nolock) {
ret = lxc_cmd_stop(my_args.name, my_args.lxcpath[0]);
exit(ret);
}
c = lxc_container_new(my_args.name, my_args.lxcpath[0]);
if (!c) {
fprintf(stderr, "Error opening container\n");
goto out;
}
if (my_args.rcfile) {
c->clear_config(c);
if (!c->load_config(c, my_args.rcfile)) {
fprintf(stderr, "Failed to load rcfile\n");
goto out;
}
c->configfile = strdup(my_args.rcfile);
if (!c->configfile) {
fprintf(stderr, "Out of memory setting new config filename\n");
goto out;
}
}
if (!c->may_control(c)) {
fprintf(stderr, "Insufficent privileges to control %s\n", c->name);
goto out;
}
if (!c->is_running(c)) {
fprintf(stderr, "%s is not running\n", c->name);
/* Per our manpage we need to exit with exit code:
* 2: The specified container exists but was not running.
*/
ret = 2;
goto out;
}
/* kill */
if (my_args.hardstop) {
ret = c->stop(c) ? EXIT_SUCCESS : EXIT_FAILURE;
goto out;
}
/* reboot */
if (my_args.reboot) {
ret = do_reboot_and_check(&my_args, c) < 0 ? EXIT_SUCCESS : EXIT_FAILURE;
goto out;
}
/* shutdown */
s = c->shutdown(c, my_args.timeout);
if (!s) {
if (my_args.timeout == 0)
ret = EXIT_SUCCESS;
else if (my_args.nokill)
ret = EXIT_FAILURE;
else
ret = c->stop(c) ? EXIT_SUCCESS : EXIT_FAILURE;
} else {
ret = EXIT_SUCCESS;
}
out:
lxc_container_put(c);
exit(ret);
}
int main(int argc, char *argv[])
{
struct lxc_container *c;
int ret = 0;
const char *s;
bool b;
char buf[201];
int len;
ret = 1;
/* test a real container */
c = lxc_container_new(MYNAME, NULL);
if (!c) {
fprintf(stderr, "%d: error creating lxc_container %s\n", __LINE__, MYNAME);
ret = 1;
goto out;
}
if (c->is_defined(c)) {
fprintf(stderr, "%d: %s thought it was defined\n", __LINE__, MYNAME);
goto out;
}
ret = create_ubuntu();
if (ret) {
fprintf(stderr, "%d: failed to create a ubuntu container\n", __LINE__);
goto out;
}
b = c->is_defined(c);
if (!b) {
fprintf(stderr, "%d: %s thought it was not defined\n", __LINE__, MYNAME);
goto out;
}
len = c->get_cgroup_item(c, "cpuset.cpus", buf, 200);
if (len >= 0) {
fprintf(stderr, "%d: %s not running but had cgroup settings\n", __LINE__, MYNAME);
goto out;
}
sprintf(buf, "0");
b = c->set_cgroup_item(c, "cpuset.cpus", buf);
if (b) {
fprintf(stderr, "%d: %s not running but coudl set cgroup settings\n", __LINE__, MYNAME);
goto out;
}
s = c->state(c);
if (!s || strcmp(s, "STOPPED")) {
fprintf(stderr, "%d: %s is in state %s, not in STOPPED.\n", __LINE__, c->name, s ? s : "undefined");
goto out;
}
b = c->load_config(c, NULL);
if (!b) {
fprintf(stderr, "%d: %s failed to read its config\n", __LINE__, c->name);
goto out;
}
if (!c->set_config_item(c, "lxc.utsname", "bobo")) {
fprintf(stderr, "%d: failed setting lxc.utsname\n", __LINE__);
goto out;
}
printf("hit return to start container");
char mychar;
ret = scanf("%c", &mychar);
if (ret < 0)
goto out;
if (!lxc_container_get(c)) {
fprintf(stderr, "%d: failed to get extra ref to container\n", __LINE__);
exit(1);
}
pid_t pid = fork();
if (pid < 0) {
fprintf(stderr, "%d: fork failed\n", __LINE__);
goto out;
}
if (pid == 0) {
b = c->startl(c, 0, NULL);
if (!b)
fprintf(stderr, "%d: %s failed to start\n", __LINE__, c->name);
lxc_container_put(c);
exit(!b);
}
sleep(3);
s = c->state(c);
if (!s || strcmp(s, "RUNNING")) {
fprintf(stderr, "%d: %s is in state %s, not in RUNNING.\n", __LINE__, c->name, s ? s : "undefined");
goto out;
}
len = c->get_cgroup_item(c, "cpuset.cpus", buf, 0);
if (len <= 0) {
fprintf(stderr, "%d: not able to get length of cpuset.cpus (ret %d)\n", __LINE__, len);
goto out;
}
len = c->get_cgroup_item(c, "cpuset.cpus", buf, 200);
if (len <= 0 || strcmp(buf, "0\n")) {
fprintf(stderr, "%d: not able to get cpuset.cpus (len %d buf %s)\n", __LINE__, len, buf);
goto out;
}
sprintf(buf, "FROZEN");
b = c->set_cgroup_item(c, "freezer.state", buf);
if (!b) {
fprintf(stderr, "%d: not able to set freezer.state.\n", __LINE__);
goto out;
}
sprintf(buf, "XXX");
len = c->get_cgroup_item(c, "freezer.state", buf, 200);
if (len <= 0 || (strcmp(buf, "FREEZING\n") && strcmp(buf, "FROZEN\n"))) {
fprintf(stderr, "%d: not able to get freezer.state (len %d buf %s)\n", __LINE__, len, buf);
goto out;
}
c->set_cgroup_item(c, "freezer.state", "THAWED");
printf("hit return to finish");
ret = scanf("%c", &mychar);
if (ret < 0)
goto out;
c->stop(c);
/* feh - multilib has moved the lxc-init crap */
#if 0
goto ok;
ret = system("mkdir -p " LXCPATH "/lxctest1/rootfs//usr/local/libexec/lxc");
if (!ret)
ret = system("mkdir -p " LXCPATH "/lxctest1/rootfs/usr/lib/lxc/");
if (!ret)
ret = system("cp src/lxc/lxc-init " LXCPATH "/lxctest1/rootfs//usr/local/libexec/lxc");
if (!ret)
ret = system("cp src/lxc/liblxc.so " LXCPATH "/lxctest1/rootfs/usr/lib/lxc");
if (!ret)
ret = system("cp src/lxc/liblxc.so " LXCPATH "/lxctest1/rootfs/usr/lib/lxc/liblxc.so.0");
if (!ret)
ret = system("cp src/lxc/liblxc.so " LXCPATH "/lxctest1/rootfs/usr/lib");
if (!ret)
ret = system("mkdir -p " LXCPATH "/lxctest1/rootfs/dev/shm");
if (!ret)
ret = system("chroot " LXCPATH "/lxctest1/rootfs apt-get install --no-install-recommends lxc");
if (ret) {
fprintf(stderr, "%d: failed to installing lxc-init in container\n", __LINE__);
goto out;
}
// next write out the config file; does it match?
if (!c->startl(c, 1, "/bin/hostname", NULL)) {
fprintf(stderr, "%d: failed to lxc-execute /bin/hostname\n", __LINE__);
goto out;
}
// auto-check result? ('bobo' is printed on stdout)
ok:
#endif
fprintf(stderr, "all lxc_container tests passed for %s\n", c->name);
ret = 0;
out:
if (c) {
c->stop(c);
destroy_ubuntu();
}
lxc_container_put(c);
exit(ret);
}
int main(int argc, char *argv[])
{
int i, j;
pthread_attr_t attr;
pthread_t threads[10];
struct thread_args args[10];
struct lxc_container *c;
int ret = EXIT_FAILURE;
c = lxc_container_new("state-server", NULL);
if (!c) {
lxc_error("%s", "Failed to create container \"state-server\"");
exit(ret);
}
if (c->is_defined(c)) {
lxc_error("%s\n", "Container \"state-server\" is defined");
goto on_error_put;
}
if (!c->createl(c, "busybox", NULL, NULL, 0, NULL)) {
lxc_error("%s\n", "Failed to create busybox container \"state-server\"");
goto on_error_put;
}
if (!c->is_defined(c)) {
lxc_error("%s\n", "Container \"state-server\" is not defined");
goto on_error_put;
}
c->clear_config(c);
if (!c->load_config(c, NULL)) {
lxc_error("%s\n", "Failed to load config for container \"state-server\"");
goto on_error_stop;
}
if (!c->want_daemonize(c, true)) {
lxc_error("%s\n", "Failed to mark container \"state-server\" daemonized");
goto on_error_stop;
}
pthread_attr_init(&attr);
for (j = 0; j < 10; j++) {
lxc_debug("Starting state server test iteration %d\n", j);
if (!c->startl(c, 0, NULL)) {
lxc_error("%s\n", "Failed to start container \"state-server\" daemonized");
goto on_error_stop;
}
sleep(5);
for (i = 0; i < 10; i++) {
int ret;
args[i].thread_id = i;
args[i].c = c;
args[i].timeout = -1;
/* test non-blocking shutdown request */
if (i == 0)
args[i].timeout = 0;
ret = pthread_create(&threads[i], &attr, state_wrapper, (void *) &args[i]);
if (ret != 0)
goto on_error_stop;
}
for (i = 0; i < 10; i++) {
int ret;
ret = pthread_join(threads[i], NULL);
if (ret != 0)
goto on_error_stop;
if (!args[i].success) {
lxc_error("State server thread %d failed\n", args[i].thread_id);
goto on_error_stop;
}
}
}
ret = EXIT_SUCCESS;
on_error_stop:
if (c->is_running(c) && !c->stop(c))
lxc_error("%s\n", "Failed to stop container \"state-server\"");
if (!c->destroy(c))
lxc_error("%s\n", "Failed to destroy container \"state-server\"");
on_error_put:
lxc_container_put(c);
if (ret == EXIT_SUCCESS)
lxc_debug("%s\n", "All state server tests passed");
exit(ret);
}
/* test_ct_destroy: stop and destroy the test container
*
* @ct : the container
*/
static void test_ct_destroy(struct lxc_container *ct)
{
ct->stop(ct);
ct->destroy(ct);
lxc_container_put(ct);
}
int main(int argc, char *argv[])
{
struct lxc_container *c;
char *cmd, *dev_name, *dst_name;
int ret = 1;
if (geteuid() != 0) {
ERROR("%s must be run as root", argv[0]);
exit(1);
}
if (lxc_arguments_parse(&my_args, argc, argv))
goto err;
if (!my_args.log_file)
my_args.log_file = "none";
if (lxc_log_init(my_args.name, my_args.log_file, my_args.log_priority,
my_args.progname, my_args.quiet, my_args.lxcpath[0]))
goto err;
lxc_log_options_no_override();
c = lxc_container_new(my_args.name, my_args.lxcpath[0]);
if (!c) {
ERROR("%s doesn't exist", my_args.name);
goto err;
}
if (!c->is_running(c)) {
ERROR("Container %s is not running.", c->name);
goto err1;
}
if (my_args.argc < 2) {
ERROR("Error: no command given (Please see --help output)");
goto err1;
}
cmd = my_args.argv[0];
dev_name = my_args.argv[1];
if (my_args.argc < 3)
dst_name = dev_name;
else
dst_name = my_args.argv[2];
if (strcmp(cmd, "add") == 0) {
if (is_interface(dev_name, 1)) {
ret = c->attach_interface(c, dev_name, dst_name);
} else {
ret = c->add_device_node(c, dev_name, dst_name);
}
if (ret != true) {
ERROR("Failed to add %s to %s.", dev_name, c->name);
ret = 1;
goto err1;
}
INFO("Add %s to %s.", dev_name, c->name);
} else if (strcmp(cmd, "del") == 0) {
if (is_interface(dev_name, c->init_pid(c))) {
ret = c->detach_interface(c, dev_name, dst_name);
} else {
ret = c->remove_device_node(c, dev_name, dst_name);
}
if (ret != true) {
ERROR("Failed to del %s from %s.", dev_name, c->name);
ret = 1;
goto err1;
}
INFO("Delete %s from %s.", dev_name, c->name);
} else {
ERROR("Error: Please use add or del (Please see --help output)");
goto err1;
}
exit(0);
err1:
lxc_container_put(c);
err:
exit(ret);
}
static PyObject *
Container_clone(Container *self, PyObject *args, PyObject *kwds)
{
char *newname = NULL;
char *config_path = NULL;
int flags = 0;
char *bdevtype = NULL;
char *bdevdata = NULL;
unsigned long newsize = 0;
char **hookargs = NULL;
PyObject *py_hookargs = NULL;
PyObject *py_config_path = NULL;
struct lxc_container *new_container = NULL;
int i = 0;
static char *kwlist[] = {"newname", "config_path", "flags", "bdevtype",
"bdevdata", "newsize", "hookargs", NULL};
if (! PyArg_ParseTupleAndKeywords(args, kwds, "s|O&isskO", kwlist,
&newname,
PyUnicode_FSConverter, &py_config_path,
&flags, &bdevtype, &bdevdata, &newsize,
&py_hookargs))
return NULL;
if (py_hookargs) {
if (PyTuple_Check(py_hookargs)) {
hookargs = convert_tuple_to_char_pointer_array(py_hookargs);
if (!hookargs) {
return NULL;
}
}
else {
PyErr_SetString(PyExc_ValueError, "hookargs needs to be a tuple");
return NULL;
}
}
if (py_config_path != NULL) {
config_path = PyBytes_AS_STRING(py_config_path);
assert(config_path != NULL);
}
new_container = self->container->clone(self->container, newname,
config_path, flags, bdevtype,
bdevdata, newsize, hookargs);
Py_XDECREF(py_config_path);
if (hookargs) {
for (i = 0; i < PyTuple_GET_SIZE(py_hookargs); i++)
free(hookargs[i]);
free(hookargs);
}
if (new_container == NULL) {
Py_RETURN_FALSE;
}
lxc_container_put(new_container);
Py_RETURN_TRUE;
}