From 518b3a2f03a8584560e6d1f71095a4246aeb350e Mon Sep 17 00:00:00 2001 From: Andy Bavier Date: Fri, 24 Apr 2009 18:09:07 +0000 Subject: [PATCH 1/1] Rewriting util-vserver-pl to wrap util-vserver, as proof-of-concept --- Makefile.am | 9 ++++---- python/vserver.py | 55 +++++++------------------------------------- scripts/vuseradd | 7 +++--- util-vserver-pl.spec | 4 ++-- 4 files changed, 18 insertions(+), 57 deletions(-) diff --git a/Makefile.am b/Makefile.am index bcc0c23..32c7ab0 100644 --- a/Makefile.am +++ b/Makefile.am @@ -25,9 +25,6 @@ python_vserverimpl_la_LDFLAGS = -module -avoid-version src_vip6_autod_SOURCES = src/vip6-autod.c src_vip6_autod_LDADD = -lvserver -lnl -src_vsh_SOURCES = src/vsh.c src/planetlab.c src/netns.c -src_vsh_LDADD = -lvserver - noinst_HEADERS = src/planetlab.h man_MANS = man/vsh.8 @@ -41,9 +38,11 @@ pyexec_DATA = python/vserver.py \ sbin_SCRIPTS = python/bwlimit \ python/disklimit \ scripts/vuseradd \ - scripts/vuserdel + scripts/vuserdel \ + scripts/vsh + +sbin_PROGRAMS = -sbin_PROGRAMS = src/vsh sysv_SCRIPTS = if ENSC_HAVE_LIBNL diff --git a/python/vserver.py b/python/vserver.py index 654077f..a4b063b 100644 --- a/python/vserver.py +++ b/python/vserver.py @@ -200,6 +200,9 @@ class VServer: def set_capabilities_config(self, capabilities): bcaps = self.get_bcaps_from_capabilities(capabilities) ccaps = self.get_ccaps_from_capabilities(capabilities) + if len(bcaps) > 0: + bcaps += "," + bcaps += "CAP_NET_RAW" self.config.update('bcapabilities', bcaps) self.config.update('ccapabilities', ccaps) ret = vserverimpl.setbcaps(self.ctx, vserverimpl.text2bcaps(bcaps)) @@ -227,6 +230,7 @@ class VServer: vserverimpl.netadd(self.ctx, a) def set_ipaddresses_config(self, addresses): + return i = 0 for a in addresses.split(","): self.config.update("interfaces/%d/ip" % i, a) @@ -419,12 +423,9 @@ class VServer: raise ex def enter(self): - self.config.cache_it() - self.__do_chroot() - self.__do_chcontext(None) + subprocess.call("/usr/sbin/vserver %s enter" % self.name, shell=True) def start(self, runlevel = 3): - if (os.fork() != 0): # Parent should just return. self.vm_running = True @@ -432,48 +433,8 @@ class VServer: else: # child process try: - # so we don't chcontext with priv'ed fds - close_nonstandard_fds() - - # get a new session - os.setsid() - - # open state file to record vserver info - state_file = open("/var/run/vservers/%s" % self.name, "w") - - # use /dev/null for stdin, /var/log/boot.log for stdout/err - fd = os.open("/dev/null", os.O_RDONLY) - if fd != 0: - os.dup2(fd, 0) - os.close(fd) - - # perform pre-init cleanup - self.__prep(runlevel) - - self.config.cache_it() - self.__do_chroot() - log = open("/var/log/boot.log", "a", 0) - if log.fileno() != 1: - os.dup2(log.fileno(), 1) - os.dup2(1, 2) - - print >>log, ("%s: starting the virtual server %s" % - (time.asctime(time.gmtime()), self.name)) - # execute each init script in turn - # XXX - we don't support all scripts that vserver script does - self.__do_chcontext(state_file) - for cmd in self.INITSCRIPTS: - try: - # enter vserver context - arg_subst = { 'runlevel': runlevel } - cmd_args = [cmd[0]] + map(lambda x: x % arg_subst, - cmd[1:]) - if os.path.isfile(cmd[0]): - print >>log, "executing '%s'" % " ".join(cmd_args) - os.spawnvp(os.P_NOWAIT,cmd[0],cmd_args) - except: - print >>log, traceback.format_exc() - + subprocess.call("/usr/sbin/vserver %s start" % self.name, + shell=True) # we get here due to an exception in the top-level child process except Exception, ex: self.log(traceback.format_exc()) @@ -514,8 +475,8 @@ class VServer: return self.disk_blocks * 1024 def stop(self, signal = signal.SIGKILL): - vserverimpl.killall(self.ctx, signal) self.vm_running = False + subprocess.call("/usr/sbin/vserver %s stop" % self.name, shell=True) def setname(self, slice_id): '''Set vcVHI_CONTEXT field in kernel to slice_id''' diff --git a/scripts/vuseradd b/scripts/vuseradd index f77d58b..627b5d4 100755 --- a/scripts/vuseradd +++ b/scripts/vuseradd @@ -78,8 +78,9 @@ if [ ! -d $__CONFDIR/$NAME ] ; then fi $_VSERVER $NAME build -m skeleton --context $USERID \ - --interface nodev:0.0.0.0/0 \ - --flags persistent,~info_init,sched_hard + --interface nodev:`hostname -i` \ + --interface nodev:127.0.0.1 \ + --flags persistent,~info_init RETVAL=$? DIR=$__CONFDIR/$NAME if [ $RETVAL -ne 0 ] ; then @@ -91,7 +92,7 @@ if [ ! -d $__CONFDIR/$NAME ] ; then echo 1000 > $DIR/rlimits/nproc.hard # Set persistent for the network context - echo persistent > $DIR/nflags + echo persistent,lback_allow > $DIR/nflags # Set up the scheduler echo 100 > $DIR/sched/interval diff --git a/util-vserver-pl.spec b/util-vserver-pl.spec index c2d502e..a6fe3f3 100644 --- a/util-vserver-pl.spec +++ b/util-vserver-pl.spec @@ -4,8 +4,8 @@ %define url $URL$ %define name util-vserver-pl -%define version 0.3 -%define taglevel 16.trellis +%define version 0.4 +%define taglevel 1.trellis %define release %{taglevel}%{?pldistro:.%{pldistro}}%{?date:.%{date}} -- 2.43.0