Re: [lxc-devel] [PATCH 1/1] lxc-user-nic: compute first available nic name in container

Mon, 21 Jul 2014 14:45:13 -0700 

Quoting Stéphane Graber (stgra...@ubuntu.com):
> On Mon, Jul 21, 2014 at 07:27:02PM +0000, Serge Hallyn wrote:
> > Rather than always using eth0.  Otherwise unpriv containers cannot have
> > multiple lxc.network.type = veth's without manually setting
> > lxc.network.name =.
> > 
> > Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
> > ---
> >  src/lxc/lxc_user_nic.c | 31 ++++++++++++++++++++++++++-----
> >  1 file changed, 26 insertions(+), 5 deletions(-)
> > 
> > diff --git a/src/lxc/lxc_user_nic.c b/src/lxc/lxc_user_nic.c
> > index 1105b3d..75e4851 100644
> > --- a/src/lxc/lxc_user_nic.c
> > +++ b/src/lxc/lxc_user_nic.c
> > @@ -470,7 +470,7 @@ again:
> >     goto again;
> >  }
> >  
> > -static int rename_in_ns(int pid, char *oldname, char *newname)
> > +static int rename_in_ns(int pid, char *oldname, char **newnamep)
> >  {
> >     char nspath[MAXPATHLEN];
> >     int fd = -1, ofd = -1, ret;
> > @@ -495,8 +495,29 @@ static int rename_in_ns(int pid, char *oldname, char 
> > *newname)
> >             goto out_err;
> >     }
> >     close(fd); fd = -1;
> > -   if ((ret = lxc_netdev_rename_by_name(oldname, newname)) < 0) {
> > -           fprintf(stderr, "Error %d renaming netdev %s to %s in 
> > container\n", ret, oldname, newname);
> > +
> > +   if (!*newnamep) {
> > +           int i = 0;
> > +           char nicname[10];
> > +           while (i < 100) {
> > +                   ret = snprintf(nicname, 10, "eth%d", i);
> > +                   if (ret < 0 || ret >= 10)
> > +                           return -1;
> > +                   if (if_nametoindex(nicname) == 0)
> > +                           break;
> > +                   i++;
> > +           }
> > +           if (i == 100) {
> > +                   fprintf(stderr, "too many nics in container\n");
> > +                   return -1;
> > +           }
> > +           *newnamep = strdup(nicname);
> > +           if (!*newnamep)
> > +                   return -1;
> > +   }
> 
> As I said on IRC, are you sure we can't somehow get rid of all of that
> code and just somehow pass 'eth%d' to the kernel through netlink which
> will then make it use the next available ethX device (we already use
> that trick for privileged networking).

From 01950a5f05c6a9d1a6aed05c993ba2d1952c65a9 Mon Sep 17 00:00:00 2001
From: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Mon, 21 Jul 2014 16:36:44 -0500
Subject: [PATCH 1/1] unprivileged containers: use next available nic name if
 unspecified

Rather than always using eth0.  Otherwise unpriv containers cannot have
multiple lxc.network.type = veth's without manually setting
lxc.network.name =.

Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
---
 src/lxc/lxc_user_nic.c | 35 +++++++++++++++++++++++++++--------
 1 file changed, 27 insertions(+), 8 deletions(-)

diff --git a/src/lxc/lxc_user_nic.c b/src/lxc/lxc_user_nic.c
index 1105b3d..5a1f6db 100644
--- a/src/lxc/lxc_user_nic.c
+++ b/src/lxc/lxc_user_nic.c
@@ -470,10 +470,13 @@ again:
        goto again;
 }
 
-static int rename_in_ns(int pid, char *oldname, char *newname)
+#define VETH_DEF_NAME "eth%d"
+
+static int rename_in_ns(int pid, char *oldname, char **newnamep)
 {
        char nspath[MAXPATHLEN];
-       int fd = -1, ofd = -1, ret;
+       int fd = -1, ofd = -1, ret, ifindex;
+       bool grab_newname = false;
 
        ret = snprintf(nspath, MAXPATHLEN, "/proc/%d/ns/net", getpid());
        if (ret < 0 || ret >= MAXPATHLEN)
@@ -495,10 +498,28 @@ static int rename_in_ns(int pid, char *oldname, char 
*newname)
                goto out_err;
        }
        close(fd); fd = -1;
-       if ((ret = lxc_netdev_rename_by_name(oldname, newname)) < 0) {
-               fprintf(stderr, "Error %d renaming netdev %s to %s in 
container\n", ret, oldname, newname);
+       if (!*newnamep) {
+               grab_newname = true;
+               *newnamep = VETH_DEF_NAME;
+               if (!(ifindex = if_nametoindex(oldname))) {
+                       fprintf(stderr, "failed to get netdev index\n");
+                       goto out_err;
+               }
+       }
+       if ((ret = lxc_netdev_rename_by_name(oldname, *newnamep)) < 0) {
+               fprintf(stderr, "Error %d renaming netdev %s to %s in 
container\n", ret, oldname, *newnamep);
                goto out_err;
        }
+       if (grab_newname) {
+               char ifname[IFNAMSIZ], *namep = ifname;
+               if (!if_indextoname(ifindex, namep)) {
+                       fprintf(stderr, "Failed to get new netdev name\n");
+                       goto out_err;
+               }
+               *newnamep = strdup(namep);
+               if (!*newnamep)
+                       goto out_err;
+       }
        if (setns(ofd, 0) < 0) {
                fprintf(stderr, "Error returning to original netns\n");
                close(ofd);
@@ -566,7 +587,7 @@ int main(int argc, char *argv[])
        char *me;
        char *nicname = alloca(40);
        char *cnic = NULL; // created nic name in container is returned here.
-       char *vethname;
+       char *vethname = NULL;
        int pid;
 
        if ((me = get_username()) == NULL) {
@@ -578,8 +599,6 @@ int main(int argc, char *argv[])
                usage(argv[0], true);
        if (argc >= 5)
                vethname = argv[4];
-       else
-               vethname = "eth0";
 
        errno = 0;
        pid = (int) strtol(argv[1], NULL, 10);
@@ -614,7 +633,7 @@ int main(int argc, char *argv[])
        }
 
        // Now rename the link
-       if (rename_in_ns(pid, cnic, vethname) < 0) {
+       if (rename_in_ns(pid, cnic, &vethname) < 0) {
                fprintf(stderr, "Failed to rename the link\n");
                exit(1);
        }
-- 
1.9.1

_______________________________________________
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel

Reply via email to