#include <sys/types.h>
#include <sys/stat.h>
#include <unistd.h>
+#include <sys/socket.h>
+#include <arpa/inet.h>
#include "config.h"
#include "pathconfig.h"
{
int ctx_is_new;
xid_t ctx;
- uint_least64_t bcaps = ~vc_get_insecurebcaps();
+ uint_least64_t bcaps = 0;
- if (!PyArg_ParseTuple(args, "I", &ctx))
+ if (!PyArg_ParseTuple(args, "I|K", &ctx, &bcaps))
return NULL;
+ bcaps |= ~vc_get_insecurebcaps();
if ((ctx_is_new = pl_chcontext(ctx, bcaps, 0)) < 0)
return PyErr_SetFromErrno(PyExc_OSError);
static PyObject *
vserver_killall(PyObject *self, PyObject *args)
{
- xid_t ctx;
- int sig;
+ xid_t ctx;
+ int sig;
+ struct vc_ctx_flags cflags = {
+ .flagword = 0,
+ .mask = VC_VXF_PERSISTENT
+ };
+ struct vc_net_flags nflags = {
+ .flagword = 0,
+ .mask = VC_NXF_PERSISTENT
+ };
if (!PyArg_ParseTuple(args, "Ii", &ctx, &sig))
return NULL;
if (vc_ctx_kill(ctx, 0, sig) && errno != ESRCH)
return PyErr_SetFromErrno(PyExc_OSError);
+ if (vc_set_cflags(ctx, &cflags) && errno != ESRCH)
+ return PyErr_SetFromErrno(PyExc_OSError);
+
+ if (vc_set_nflags(ctx, &nflags) && errno != ESRCH)
+ return PyErr_SetFromErrno(PyExc_OSError);
+
+ return NONE;
+}
+
+static PyObject *
+vserver_set_bcaps(PyObject *self, PyObject *args)
+{
+ xid_t ctx;
+ struct vc_ctx_caps caps;
+
+ if (!PyArg_ParseTuple(args, "IK", &ctx, &caps.bcaps))
+ return NULL;
+
+ caps.bmask = vc_get_insecurebcaps();
+ caps.cmask = caps.ccaps = 0;
+ if (vc_set_ccaps(ctx, &caps) == -1 && errno != ESRCH)
+ return PyErr_SetFromErrno(PyExc_OSError);
+
+ return NONE;
+}
+
+static PyObject *
+vserver_text2bcaps(PyObject *self, PyObject *args)
+{
+ struct vc_ctx_caps caps = { .bcaps = 0 };
+ const char *list;
+ int len;
+ struct vc_err_listparser err;
+
+ if (!PyArg_ParseTuple(args, "s#", &list, &len))
+ return NULL;
+
+ vc_list2bcap(list, len, &err, &caps);
+
+ return Py_BuildValue("K", caps.bcaps);
+}
+
+static PyObject *
+vserver_get_bcaps(PyObject *self, PyObject *args)
+{
+ xid_t ctx;
+ struct vc_ctx_caps caps;
+
+ if (!PyArg_ParseTuple(args, "I", &ctx))
+ return NULL;
+
+ if (vc_get_ccaps(ctx, &caps) == -1) {
+ if (errno != -ESRCH)
+ return PyErr_SetFromErrno(PyExc_OSError);
+ else
+ caps.bcaps = 0;
+ }
+
+ return Py_BuildValue("K", caps.bcaps & vc_get_insecurebcaps());
+}
+
+static PyObject *
+vserver_bcaps2text(PyObject *self, PyObject *args)
+{
+ struct vc_ctx_caps caps = { .bcaps = 0 };
+ PyObject *list;
+ const char *cap;
+
+ if (!PyArg_ParseTuple(args, "K", &caps.bcaps))
+ return NULL;
+
+ list = PyString_FromString("");
+
+ while ((cap = vc_lobcap2text(&caps.bcaps)) != NULL) {
+ if (list == NULL)
+ break;
+ PyString_ConcatAndDel(&list, PyString_FromFormat(
+ (PyString_Size(list) > 0 ? ",CAP_%s" : "CAP_%s" ),
+ cap));
+ }
+
+ return list;
+}
+
+static inline int
+convertAddress(const char *str, vc_net_nx_type *type, void *dst)
+{
+ int ret;
+ if (type) *type = vcNET_IPV4;
+ ret = inet_pton(AF_INET, str, dst);
+ if (ret==0) {
+ if (type) *type = vcNET_IPV6;
+ ret = inet_pton(AF_INET6, str, dst);
+ }
+ return ret > 0 ? 0 : -1;
+}
+
+/* XXX These two functions are really similar */
+static PyObject *
+vserver_net_add(PyObject *self, PyObject *args)
+{
+ struct vc_net_nx addr;
+ nid_t nid;
+ const char *ip;
+
+ if (!PyArg_ParseTuple(args, "Is", &nid, &ip))
+ return NULL;
+
+ if (convertAddress(ip, &addr.type, &addr.ip) == -1)
+ return PyErr_Format(PyExc_ValueError, "%s is not a valid IP address", ip);
+
+ switch (addr.type) {
+ case vcNET_IPV4: addr.mask[0] = htonl(0xffffff00); break;
+ case vcNET_IPV6: addr.mask[0] = 64; break;
+ default: addr.mask[0] = 0; break;
+ }
+ addr.count = 1;
+
+ if (vc_net_add(nid, &addr) == -1 && errno != ESRCH)
+ return PyErr_SetFromErrno(PyExc_OSError);
+
+ return NONE;
+}
+
+static PyObject *
+vserver_net_remove(PyObject *self, PyObject *args)
+{
+ struct vc_net_nx addr;
+ nid_t nid;
+ const char *ip;
+
+ if (!PyArg_ParseTuple(args, "Is", &nid, &ip))
+ return NULL;
+
+ if (strcmp(ip, "all") == 0)
+ addr.type = vcNET_ANY;
+ else if (strcmp(ip, "all4") == 0)
+ addr.type = vcNET_IPV4A;
+ else if (strcmp(ip, "all6") == 0)
+ addr.type = vcNET_IPV6A;
+ else
+ if (convertAddress(ip, &addr.type, &addr.ip) == -1)
+ return PyErr_Format(PyExc_ValueError, "%s is not a valid IP address", ip);
+
+ switch (addr.type) {
+ case vcNET_IPV4: addr.mask[0] = htonl(0xffffff00); break;
+ case vcNET_IPV6: addr.mask[0] = 64; break;
+ default: addr.mask[0] = 0; break;
+ }
+ addr.count = 1;
+
+ if (vc_net_remove(nid, &addr) == -1 && errno != ESRCH)
+ return PyErr_SetFromErrno(PyExc_OSError);
+
return NONE;
}
"Send signal to all processes in vserver context" },
{ "isrunning", vserver_isrunning, METH_VARARGS,
"Check if vserver is running"},
+ { "setbcaps", vserver_set_bcaps, METH_VARARGS,
+ "Set POSIX capabilities of a vserver context" },
+ { "getbcaps", vserver_get_bcaps, METH_VARARGS,
+ "Get POSIX capabilities of a vserver context" },
+ { "text2bcaps", vserver_text2bcaps, METH_VARARGS,
+ "Translate a string of capabilities to a bitmap" },
+ { "bcaps2text", vserver_bcaps2text, METH_VARARGS,
+ "Translate a capability-bitmap into a string" },
+ { "netadd", vserver_net_add, METH_VARARGS,
+ "Assign an IP address to a context" },
+ { "netremove", vserver_net_remove, METH_VARARGS,
+ "Remove IP address(es) from a context" },
{ NULL, NULL, 0, NULL }
};
git://git.onelab.eu / util-vserver.git / blobdiff