[PATCH] procd: Use /dev/console for serial console if exists
inittab.c: Use "/dev/console" if it is present, before trying
"/sys/class/tty/console/active" in case if console kernel command
line is not provided during boot and to allow container environment
to use it as login PTY console.
Signed-off-by: Gaurav Pathak
---
inittab.c | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/inittab.c b/inittab.c
index 2c2270c..b2ffc9a 100644
--- a/inittab.c
+++ b/inittab.c
@@ -190,7 +190,10 @@ static void askconsole(struct init_action *a)
*/
tty = get_cmdline_val("console", line, sizeof(line));
if (tty == NULL) {
- tty = get_active_console(line, sizeof(line));
+ if (dev_exist("console"))
+ tty = "console";
+ else
+ tty = get_active_console(line, sizeof(line));
}
if (tty != NULL) {
split = strchr(tty, ',');
--
2.25.1
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[PATCH procd v2] inittab: use /dev/console for serial console if exists
Use "/dev/console" device node if it is present, before trying
"/sys/class/tty/console/active" in case if console kernel command line
is not provided during boot and to allow container environment to use
it as login PTY console.
Signed-off-by: Gaurav Pathak
Signed-off-by: Daniel Golle
---
Instead of explaining the various remaining issues, I just went ahead
and fixed them myself.
v2:
* Fix commit message (we are opening /dev/console which can also
be a pty and not necessarily (5,1))
* use tabs for indentation like in the rest of the file
* don't use curly brackets for single statement conditional
* use relative path when calling dev_exist()
* use relative path when setting tty variable (as the result of
inittab.c | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/inittab.c b/inittab.c
index 2c2270c..89e64f1 100644
--- a/inittab.c
+++ b/inittab.c
@@ -190,7 +190,10 @@ static void askconsole(struct init_action *a)
*/
tty = get_cmdline_val("console", line, sizeof(line));
if (tty == NULL) {
- tty = get_active_console(line, sizeof(line));
+ if (dev_exist("console"))
+ tty = "console";
+ else
+ tty = get_active_console(line, sizeof(line));
}
if (tty != NULL) {
split = strchr(tty, ',');
--
2.31.1
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[RFC] procd: Use /dev/console for serial console if exists
inittab.c: Use "/dev/console" character device (5,1) if it
is present, before trying "/sys/class/tty/console/active" in
case if console kernel command line is not provided during boot
and to allow container environment to use it as login PTY console.
Signed-off-by: Gaurav Pathak
---
inittab.c | 8 +++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/inittab.c b/inittab.c
index 2c2270c..716bcee 100644
--- a/inittab.c
+++ b/inittab.c
@@ -190,7 +190,13 @@ static void askconsole(struct init_action *a)
*/
tty = get_cmdline_val("console", line, sizeof(line));
if (tty == NULL) {
- tty = get_active_console(line, sizeof(line));
+if (dev_exist("/dev/console")) {
+tty = "/dev/console";
+}
+else {
+tty = get_active_console(line, sizeof(line));
+}
+
}
if (tty != NULL) {
split = strchr(tty, ',');
--
2.25.1
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [RFC] procd: Use /dev/console for serial console if exists
As Daniel mentioned, this change is for providing the capability to container
environment to be able to login using PTY.
Also, there can be a case when console option is not passed to kernel command
line,
in that case we should try and check for the presence of /dev/console character
device (5,1) and use it if it is present before trying
"/sys/class/tty/console/active".
On Sat, Apr 24, 2021 at 02:54:26PM +0100, Daniel Golle wrote:
> On Sat, Apr 24, 2021 at 03:39:51AM -1000, Paul Spooren wrote:
> >
> > On 4/24/21 1:01 AM, Gaurav Pathak wrote:
> > > Modified inittab.c to use "/dev/console" as preferred console if exists.
> > >
> > > Signed-off-by: Gaurav Pathak
> > > ---
> >
> > Could you please elaborate why this is useful?
>
> Container environments typically provide /dev/console PTY, hence it's
> nice to be able to login on that console.
>
> >
> > > Edited inittab.c to check and use "/dev/console" as the first
> > > console device before parsing "/sys/class/tty/console/active".
> > > inittab.c | 8 +++-
> > > 1 file changed, 7 insertions(+), 1 deletion(-)
> > >
> > > diff --git a/inittab.c b/inittab.c
> > > index 2c2270c..716bcee 100644
> > > --- a/inittab.c
> > > +++ b/inittab.c
> > > @@ -190,7 +190,13 @@ static void askconsole(struct init_action *a)
> > >*/
> > > tty = get_cmdline_val("console", line, sizeof(line));
> > > if (tty == NULL) {
> > > - tty = get_active_console(line, sizeof(line));
> > > +if (dev_exist("/dev/console")) {
> > > +tty = "/dev/console";
> > > +}
> > > +else {
> > > +tty = get_active_console(line, sizeof(line));
> > > +}
> > > +
> > > }
> > > if (tty != NULL) {
> > > split = strchr(tty, ',');
> >
> > ___
> > openwrt-devel mailing list
> > openwrt-devel@lists.openwrt.org
> > https://lists.openwrt.org/mailman/listinfo/openwrt-devel
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[RFC] procd: Use /dev/console for serial console if exists
Modified inittab.c to use "/dev/console" as preferred console if exists.
Signed-off-by: Gaurav Pathak
---
Edited inittab.c to check and use "/dev/console" as the first
console device before parsing "/sys/class/tty/console/active".
inittab.c | 8 +++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/inittab.c b/inittab.c
index 2c2270c..716bcee 100644
--- a/inittab.c
+++ b/inittab.c
@@ -190,7 +190,13 @@ static void askconsole(struct init_action *a)
*/
tty = get_cmdline_val("console", line, sizeof(line));
if (tty == NULL) {
- tty = get_active_console(line, sizeof(line));
+if (dev_exist("/dev/console")) {
+tty = "/dev/console";
+}
+else {
+tty = get_active_console(line, sizeof(line));
+}
+
}
if (tty != NULL) {
split = strchr(tty, ',');
--
2.25.1
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [PATCH] procd: Adding support to detect Pantavisor Container Platform
On Mon, Mar 22, 2021 at 11:53:35AM +, Daniel Golle wrote: > On Mon, Mar 22, 2021 at 05:00:06PM +0530, Gaurav Pathak wrote: > > On Mon, Mar 22, 2021 at 10:42:25AM +, Daniel Golle wrote: > > > On Mon, Mar 22, 2021 at 03:38:25PM +0530, Gaurav Pathak wrote: > > > > > I assume that if this is a custom downstream version then the > > > > change is > > > > > not applicable for merge into upstream owrt. please explain > > > > what "custom > > > > > version" means. > > > > > > > > Actually, we don't use a custom version of lxc, we use the upstream > > > > stable lxc. > > > > The reason for this patch is that the hardcoded mount of /dev prevents > > > > our way of usage of openwrt in containers. > > > > > > In that case I believe the best is to revert the patch which applies a > > > Pantavisor-specific hack to detect if running inside a container and > > > switch to a method which works for all users of LXC equally (like it > > > is has already been done for Docker, see container.h in procd sources). > > > > > We tried to use the existing implementation that is in is_container() > > without any modification, > > but the key difference is that we use a container to run a full system > > container rather than just a "normal" app container, > > the current logic is correct when we use openwrt as an app container in our > > lxc based pantavisor, > > but it will do too much for the containers on our system that are suppose > > to run like the "main OS", like our pv-root plaforms. > > The logic in container.h is made for exactly that (ie. full-system > container rather than App container). If you are using unmodified LXC > this should work without problems as LXC sets an environment variabel > (container=lxc) and we do detect the presence of that environment > variable in container.h. > > Hence the easiest way would be you just use that existing mechanism > (ie. just go with LXC defaults which do set that env variable) as that > would not require any Pantavisor-specific hacks in our codebase. I agree, but the thing is, we have a custom "init" called pantavisor, which is responsible for spawning different containers. We treat containers running at root level different than containers running at application level (fully privileged and unprivileged). We provide control to the platform inside container running at root level to become host OS (as main OS, OpenWRT in our case) but want the LXC to do the mounting and not the Platform itself. So, pantavisor (init) ignores "container=lxc" environment for the root (fully privileged) container but passes that environment to the containers running at application level. ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [PATCH] procd: Adding support to detect Pantavisor Container Platform
On Mon, Mar 22, 2021 at 10:42:25AM +, Daniel Golle wrote: > On Mon, Mar 22, 2021 at 03:38:25PM +0530, Gaurav Pathak wrote: > > Hi John, > > > > I missed your message, seems like it didn't land in inbox or spam folder of > > my e-mail. > > > > > as it runs a custom modified version > > > of LXC > > > > > I assume that if this is a custom downstream version then the change > > is > > > not applicable for merge into upstream owrt. please explain what > > "custom > > > version" means. > > > > > John > > > > Actually, we don't use a custom version of lxc, we use the upstream stable > > lxc. > > The reason for this patch is that the hardcoded mount of /dev prevents our > > way of usage of openwrt in containers. > > In that case I believe the best is to revert the patch which applies a > Pantavisor-specific hack to detect if running inside a container and > switch to a method which works for all users of LXC equally (like it > is has already been done for Docker, see container.h in procd sources). > > ___ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/mailman/listinfo/openwrt-devel We tried to use the existing implementation that is in is_container() without any modification, but the key difference is that we use a container to run a full system container rather than just a "normal" app container, the current logic is correct when we use openwrt as an app container in our lxc based pantavisor, but it will do too much for the containers on our system that are suppose to run like the "main OS", like our pv-root plaforms. ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[PATCH] procd: Adding support to detect Pantavisor Container Platform
Hi John, I missed your message, seems like it didn't land in inbox or spam folder of my e-mail. > as it runs a custom modified version > of LXC > I assume that if this is a custom downstream version then the change is > not applicable for merge into upstream owrt. please explain what "custom > version" means. > John Actually, we don't use a custom version of lxc, we use the upstream stable lxc. The reason for this patch is that the hardcoded mount of /dev prevents our way of usage of openwrt in containers. - Gaurav ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[PATCH v1] procd: Adding support to detect Pantavisor Container Platform
Modified container.h to detect the pantavisor container platform,
as it runs a custom modified version of LXC. container.h is modified
to check if procd is running in a pantavisor container environment by
detecting the presence of pantavisor directory under /.
Signed-off-by: Gaurav Pathak
---
container.h | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/container.h b/container.h
index 903e3e8..dede696 100644
--- a/container.h
+++ b/container.h
@@ -21,7 +21,8 @@
static inline bool is_container() {
struct stat s;
int r = stat("/.dockerenv", &s);
- return !!getenv("container") || r == 0;
+ int pv_r = stat("/pantavisor", &s);
+ return !!getenv("container") || r == 0 || pv_r == 0;
}
#endif
--
2.25.1
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[no subject]
I have merged the detection of /pantavisor into the is_container() function. ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[PATCH] procd: Adding support to detect Pantavisor Container Platform
Added a new file pv_platform.h having function is_pantavisor() to detect
the pantavisor container platform, as it runs a custom modified version
of LXC, so detecting LXC using is_container() is not returning expected
result.
pv_platform.h is derived from container.h to check if procd is running
in a pantavisor container environment.
Signed-off-by: Gaurav Pathak
---
initd/early.c | 5 -
initd/zram.c| 3 ++-
plug/coldplug.c | 3 ++-
pv_platform.h | 37 +
state.c | 3 ++-
5 files changed, 47 insertions(+), 4 deletions(-)
create mode 100644 pv_platform.h
diff --git a/initd/early.c b/initd/early.c
index 7b281b2..a564861 100644
--- a/initd/early.c
+++ b/initd/early.c
@@ -26,6 +26,7 @@
#include "init.h"
#include "../libc-compat.h"
#include "../container.h"
+#include "../pv_platform.h"
static void
early_dev(void)
@@ -61,7 +62,9 @@ early_mounts(void)
mount("proc", "/proc", "proc", MS_NOATIME | MS_NODEV |
MS_NOEXEC | MS_NOSUID, 0);
mount("sysfs", "/sys", "sysfs", MS_NOATIME | MS_NODEV |
MS_NOEXEC | MS_NOSUID, 0);
mount("cgroup", "/sys/fs/cgroup", "cgroup", MS_NODEV |
MS_NOEXEC | MS_NOSUID, 0);
- mount("tmpfs", "/dev", "tmpfs", MS_NOATIME | MS_NOSUID,
"mode=0755,size=512K");
+ if (!is_pantavisor()) {
+ mount("tmpfs", "/dev", "tmpfs", MS_NOATIME | MS_NOSUID,
"mode=0755,size=512K");
+ }
ignore(symlink("/tmp/shm", "/dev/shm"));
mkdir("/dev/pts", 0755);
mount("devpts", "/dev/pts", "devpts", MS_NOATIME | MS_NOEXEC |
MS_NOSUID, "mode=600");
diff --git a/initd/zram.c b/initd/zram.c
index 380fe0e..21bb3a5 100644
--- a/initd/zram.c
+++ b/initd/zram.c
@@ -13,6 +13,7 @@
#include "../log.h"
#include "../container.h"
+#include "../pv_platform.h"
#include "init.h"
@@ -117,7 +118,7 @@ mount_zram_on_tmp(void)
waitpid(pid, NULL, 0);
}
- if (!is_container()) {
+ if (!is_container() && !is_pantavisor()) {
ret = mount("/dev/zram0", "/tmp", "ext4", MS_NOSUID | MS_NODEV
| MS_NOATIME, "errors=continue,noquota");
if (ret < 0) {
ERROR("Can't mount /dev/zram0 on /tmp: %m\n");
diff --git a/plug/coldplug.c b/plug/coldplug.c
index b185083..37edba4 100644
--- a/plug/coldplug.c
+++ b/plug/coldplug.c
@@ -24,6 +24,7 @@
#include "hotplug.h"
#include "../container.h"
+#include "../pv_platform.h"
static struct uloop_process udevtrigger;
@@ -45,7 +46,7 @@ void procd_coldplug(void)
char *argv[] = { "udevtrigger", NULL };
unsigned int oldumask = umask(0);
- if (!is_container()) {
+ if (!is_container() && !is_pantavisor()) {
umount2("/dev/pts", MNT_DETACH);
umount2("/dev/", MNT_DETACH);
mount("tmpfs", "/dev", "tmpfs", MS_NOSUID,
"mode=0755,size=512K");
diff --git a/pv_platform.h b/pv_platform.h
new file mode 100644
index 000..4045875
--- /dev/null
+++ b/pv_platform.h
@@ -0,0 +1,37 @@
+/*
+* Copyright (c) 2017 Pantacor Ltd.
+*
+* Permission is hereby granted, free of charge, to any person obtaining a copy
+* of this software and associated documentation files (the "Software"), to deal
+* in the Software without restriction, including without limitation the rights
+* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+* copies of the Software, and to permit persons to whom the Software is
+* furnished to do so, subject to the following conditions:
+*
+* The above copyright notice and this permission notice shall be included in
all
+* copies or substantial portions of the Software.
+*
+* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+* SOFTWARE.
+*/
+
+#ifndef __PV_PLATFORM_H
+#define __PV_PLATFORM_H
+
+#include
+#include
+#include
+
+static inline bool is_pantavisor() {
+ struct stat s;
+ int pv_r = stat("/pantavisor", &s);
+ return pv_r == 0;
+}
+
+#endif
