X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=root-context%2Fexec%2Frun_with_devices;fp=root-context%2Fexec%2Frun_with_devices;h=c0b2312a3758913201cb92e3a320a6d96cf4932a;hb=10503d985ac1acdac4ed653e608ccc492baa446a;hp=0000000000000000000000000000000000000000;hpb=46f46b3486d68231a875c7c21e5dd64282b3813a;p=vsys-scripts.git diff --git a/root-context/exec/run_with_devices b/root-context/exec/run_with_devices new file mode 100755 index 0000000..c0b2312 --- /dev/null +++ b/root-context/exec/run_with_devices @@ -0,0 +1,57 @@ +#!/usr/bin/python -u +# All vsys scripts should use STDOUT in unbuferred mode, or else sometimes your output will get bufferred and you will not see it till the buffer gets flushed. + +import sys +import os + +vsys_config_dir = "/etc/planetlab/vsys-attributes" + +slicename=sys.argv[1] +sliceid = pwd.getpwnam(slicename).pw_uid + +arglines = map(string.strip, sys.stdin.readlines()) +command_name = arglines[0] +device_names = arglines[1:] + +print "Validating interface names... ", +# Validate interface names + +for vif in device_names: + if len(vif)>16: + print "Interface name %s invalid"%(vif) + sys.exit(1) + if re.match(r'(tun|tap)%d-\d+' % sliceid, vif ) is None: + print "Interface name %s does not match slice id %d."%(vif, sliceid) + sys.exit(1) + print "[OK]" + +# The interfaces have been validated. We don't need to validate the executable +# path for escape hatches because we are going to use execve. + +pid = os.fork() +if (pid): + # Close open fds before execve + print "Closing file descriptors." + for fd in xrange(3, 1023): + try: + os.close(fd) + except OSError: + pass + # Execute command + vserver_command = "/usr/sbin/vserver" + args = [slicename] + args += ['exec'] + args += [command_name] + + os.system('touch /etc/vservers/%s/spaces/net'%slicename) + + try: + os.execve(vserver_command, args) + except: + pass + + os.system('rm /etc/vservers/%s/spaces/net'%slicename) +else: + for vif in device_names: + os.system('/sbin/ip link set %s netns %d'%(vif, pid)) +