nstool: Replace "pid" subcommand with "info" subcommand

The new subcommand gives more information about the holder process and its
namespace, and may be further extended in future.  Add some options which
give the old behaviour for existing scripts.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
This commit is contained in:
David Gibson 2023-04-06 13:28:10 +10:00 committed by Stefano Brivio
parent a4b017d91c
commit fd4a752e92
2 changed files with 55 additions and 17 deletions

View file

@ -78,7 +78,7 @@ setup_pasta() {
layout_pasta layout_pasta
context_run_bg unshare "unshare -rUnpf ${NSTOOL} hold ${STATESETUP}/ns.hold" context_run_bg unshare "unshare -rUnpf ${NSTOOL} hold ${STATESETUP}/ns.hold"
__target_pid=$(${NSTOOL} pid ${STATESETUP}/ns.hold) __target_pid=$(${NSTOOL} info -pw ${STATESETUP}/ns.hold)
context_setup_nsenter ns -U -n -p --preserve-credentials -t ${__target_pid} context_setup_nsenter ns -U -n -p --preserve-credentials -t ${__target_pid}
@ -128,7 +128,7 @@ setup_passt_in_ns() {
context_run_bg pasta "./pasta ${__opts} -t 10001,10002,10011,10012 -T 10003,10013 -u 10001,10002,10011,10012 -U 10003,10013 -P ${STATESETUP}/pasta.pid --config-net ${NSTOOL} hold ${STATESETUP}/ns.hold" context_run_bg pasta "./pasta ${__opts} -t 10001,10002,10011,10012 -T 10003,10013 -u 10001,10002,10011,10012 -U 10003,10013 -P ${STATESETUP}/pasta.pid --config-net ${NSTOOL} hold ${STATESETUP}/ns.hold"
wait_for [ -f "${STATESETUP}/pasta.pid" ] wait_for [ -f "${STATESETUP}/pasta.pid" ]
__ns_pid=$(${NSTOOL} pid ${STATESETUP}/ns.hold) __ns_pid=$(${NSTOOL} info -pw ${STATESETUP}/ns.hold)
context_setup_nsenter qemu "-t ${__ns_pid} -U -n -p --preserve-credentials" context_setup_nsenter qemu "-t ${__ns_pid} -U -n -p --preserve-credentials"
context_setup_nsenter ns "-t ${__ns_pid} -U -n -p --preserve-credentials" context_setup_nsenter ns "-t ${__ns_pid} -U -n -p --preserve-credentials"
@ -190,7 +190,7 @@ setup_two_guests() {
[ ${DEBUG} -eq 1 ] && __opts="${__opts} -d" [ ${DEBUG} -eq 1 ] && __opts="${__opts} -d"
[ ${TRACE} -eq 1 ] && __opts="${__opts} --trace" [ ${TRACE} -eq 1 ] && __opts="${__opts} --trace"
context_run_bg pasta_1 "./pasta ${__opts} --trace -l /tmp/pasta1.log -P ${STATESETUP}/pasta_1.pid -t 10001,10002 -T 10003,10004 -u 10001,10002 -U 10003,10004 --config-net ${NSTOOL} hold ${STATESETUP}/ns1.hold" context_run_bg pasta_1 "./pasta ${__opts} --trace -l /tmp/pasta1.log -P ${STATESETUP}/pasta_1.pid -t 10001,10002 -T 10003,10004 -u 10001,10002 -U 10003,10004 --config-net ${NSTOOL} hold ${STATESETUP}/ns1.hold"
__ns1_pid=$(${NSTOOL} pid ${STATESETUP}/ns1.hold) __ns1_pid=$(${NSTOOL} info -pw ${STATESETUP}/ns1.hold)
context_setup_nsenter passt_1 -U -n -p --preserve-credentials -t ${__ns1_pid} context_setup_nsenter passt_1 -U -n -p --preserve-credentials -t ${__ns1_pid}
__opts= __opts=
@ -198,7 +198,7 @@ setup_two_guests() {
[ ${DEBUG} -eq 1 ] && __opts="${__opts} -d" [ ${DEBUG} -eq 1 ] && __opts="${__opts} -d"
[ ${TRACE} -eq 1 ] && __opts="${__opts} --trace" [ ${TRACE} -eq 1 ] && __opts="${__opts} --trace"
context_run_bg pasta_2 "./pasta ${__opts} --trace -l /tmp/pasta2.log -P ${STATESETUP}/pasta_2.pid -t 10004,10005 -T 10003,10001 -u 10004,10005 -U 10003,10001 --config-net ${NSTOOL} hold ${STATESETUP}/ns2.hold" context_run_bg pasta_2 "./pasta ${__opts} --trace -l /tmp/pasta2.log -P ${STATESETUP}/pasta_2.pid -t 10004,10005 -T 10003,10001 -u 10004,10005 -U 10003,10001 --config-net ${NSTOOL} hold ${STATESETUP}/ns2.hold"
__ns2_pid=$(${NSTOOL} pid ${STATESETUP}/ns2.hold) __ns2_pid=$(${NSTOOL} info -pw ${STATESETUP}/ns2.hold)
context_setup_nsenter passt_2 -U -n -p --preserve-credentials -t ${__ns2_pid} context_setup_nsenter passt_2 -U -n -p --preserve-credentials -t ${__ns2_pid}
context_setup_nsenter qemu_1 -U -n -p --preserve-credentials -t ${__ns1_pid} context_setup_nsenter qemu_1 -U -n -p --preserve-credentials -t ${__ns1_pid}
@ -310,8 +310,8 @@ teardown_passt_in_ns() {
# teardown_two_guests() - Exit namespaces, kill qemu processes, passt and pasta # teardown_two_guests() - Exit namespaces, kill qemu processes, passt and pasta
teardown_two_guests() { teardown_two_guests() {
__ns1_pid=$(${NSTOOL} pid "${STATESETUP}/ns1.hold") __ns1_pid=$(${NSTOOL} info -pw "${STATESETUP}/ns1.hold")
__ns2_pid=$(${NSTOOL} pid "${STATESETUP}/ns2.hold") __ns2_pid=$(${NSTOOL} info -pw "${STATESETUP}/ns2.hold")
nsenter -U -p --preserve-credentials -t ${__ns1_pid} kill $(cat "${STATESETUP}/qemu_1.pid") nsenter -U -p --preserve-credentials -t ${__ns1_pid} kill $(cat "${STATESETUP}/qemu_1.pid")
nsenter -U -p --preserve-credentials -t ${__ns2_pid} kill $(cat "${STATESETUP}/qemu_2.pid") nsenter -U -p --preserve-credentials -t ${__ns2_pid} kill $(cat "${STATESETUP}/qemu_2.pid")
context_wait qemu_1 context_wait qemu_1

View file

@ -14,6 +14,7 @@
#include <stdbool.h> #include <stdbool.h>
#include <errno.h> #include <errno.h>
#include <unistd.h> #include <unistd.h>
#include <getopt.h>
#include <sys/socket.h> #include <sys/socket.h>
#include <linux/un.h> #include <linux/un.h>
@ -30,9 +31,11 @@ static void usage(void)
" Run within a set of namespaces, open a Unix domain socket\n" " Run within a set of namespaces, open a Unix domain socket\n"
" (the \"control socket\") at SOCK and wait for requests from\n" " (the \"control socket\") at SOCK and wait for requests from\n"
" other nstool subcommands.\n" " other nstool subcommands.\n"
" nstool pid SOCK\n" " nstool info [-pw] pid SOCK\n"
" Print the pid of the nstool hold process with control socket\n" " Print information about the nstool hold process with control\n"
" at SOCK, as seen in the caller's namespace.\n" " socket at SOCK\n"
" -p Print just the holder's PID as seen by the caller\n"
" -w Retry connecting to SOCK until it is ready\n"
" nstool stop SOCK\n" " nstool stop SOCK\n"
" Instruct the nstool hold with control socket at SOCK to\n" " Instruct the nstool hold with control socket at SOCK to\n"
" terminate.\n"); " terminate.\n");
@ -103,17 +106,45 @@ static void cmd_hold(int argc, char *argv[])
unlink(sockpath); unlink(sockpath);
} }
static void cmd_pid(int argc, char *argv[]) static void cmd_info(int argc, char *argv[])
{ {
const char *sockpath = argv[1]; const struct option options[] = {
{"pid", no_argument, NULL, 'p' },
{"wait", no_argument, NULL, 'w' },
{ 0 },
};
bool pidonly = false, waitforsock = false;
struct ucred peercred; struct ucred peercred;
socklen_t optlen = sizeof(peercred); socklen_t optlen = sizeof(peercred);
int fd, rc; const char *optstring = "pw";
const char *sockpath;
int fd, rc, opt;
if (argc != 2) do {
opt = getopt_long(argc, argv, optstring, options, NULL);
switch (opt) {
case 'p':
pidonly = true;
break;
case 'w':
waitforsock = true;
break;
case -1:
break;
default:
usage(); usage();
}
} while (opt != -1);
fd = connect_ctl(sockpath, true); if (optind != argc - 1) {
fprintf(stderr, "B\n");
usage();
}
sockpath = argv[optind];
fd = connect_ctl(sockpath, waitforsock);
rc = getsockopt(fd, SOL_SOCKET, SO_PEERCRED, rc = getsockopt(fd, SOL_SOCKET, SO_PEERCRED,
&peercred, &optlen); &peercred, &optlen);
@ -123,7 +154,14 @@ static void cmd_pid(int argc, char *argv[])
close(fd); close(fd);
if (pidonly) {
printf("%d\n", peercred.pid); printf("%d\n", peercred.pid);
} else {
printf("As seen from calling context:\n");
printf("\tPID:\t%d\n", peercred.pid);
printf("\tUID:\t%u\n", peercred.uid);
printf("\tGID:\t%u\n", peercred.gid);
}
} }
static void cmd_stop(int argc, char *argv[]) static void cmd_stop(int argc, char *argv[])
@ -158,8 +196,8 @@ int main(int argc, char *argv[])
if (strcmp(subcmd, "hold") == 0) if (strcmp(subcmd, "hold") == 0)
cmd_hold(argc - 1, argv + 1); cmd_hold(argc - 1, argv + 1);
else if (strcmp(subcmd, "pid") == 0) else if (strcmp(subcmd, "info") == 0)
cmd_pid(argc - 1, argv + 1); cmd_info(argc - 1, argv + 1);
else if (strcmp(subcmd, "stop") == 0) else if (strcmp(subcmd, "stop") == 0)
cmd_stop(argc - 1, argv + 1); cmd_stop(argc - 1, argv + 1);
else else