diff options
| author | Lennart Poettering <lennart@poettering.net> | 2017-02-10 19:44:09 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2017-02-17 10:22:28 +0100 |
| commit | 3401419bb8215612cf8db33d930a64a54b19dcb3 (patch) | |
| tree | 46bf341034214d5c25d4c211e61831e6b5d488b2 /src/machine/machinectl.c | |
| parent | f73e6ee687213d8f78a93a9519901d0fe314c228 (diff) | |
| download | systemd-3401419bb8215612cf8db33d930a64a54b19dcb3.tar.gz | |
machined: expose "UID shift" concept for containers
UID/GID mapping with userns can be arbitrarily complex. Let's break this
down to a single admin-friendly parameter: let's expose the UID/GID
shift of a container via a new bus call for each container, and let's
show this as part of "machinectl status" if it is not 0.
This should work for pretty much all real-life full OS container setups
(i.e. the stuff machined is suppose to be useful for). For everything
else we generate a clean error, clarifying that we can't expose the
mapping.
Diffstat (limited to 'src/machine/machinectl.c')
| -rw-r--r-- | src/machine/machinectl.c | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/src/machine/machinectl.c b/src/machine/machinectl.c index fe4f1b7726..99be391e56 100644 --- a/src/machine/machinectl.c +++ b/src/machine/machinectl.c @@ -611,6 +611,37 @@ static int print_os_release(sd_bus *bus, const char *method, const char *name, c return 0; } +static int print_uid_shift(sd_bus *bus, const char *name) { + _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; + _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL; + uint32_t shift; + int r; + + assert(bus); + assert(name); + + r = sd_bus_call_method(bus, + "org.freedesktop.machine1", + "/org/freedesktop/machine1", + "org.freedesktop.machine1.Manager", + "GetMachineUIDShift", + &error, + &reply, + "s", name); + if (r < 0) + return log_debug_errno(r, "Failed to query UID/GID shift: %s", bus_error_message(&error, r)); + + r = sd_bus_message_read(reply, "u", &shift); + if (r < 0) + return r; + + if (shift == 0) /* Don't show trivial mappings */ + return 0; + + printf(" UID Shift: %" PRIu32 "\n", shift); + return 0; +} + typedef struct MachineStatusInfo { char *name; sd_id128_t id; @@ -714,6 +745,8 @@ static void print_machine_status_info(sd_bus *bus, MachineStatusInfo *i) { print_os_release(bus, "GetMachineOSRelease", i->name, "\t OS: "); + print_uid_shift(bus, i->name); + if (i->unit) { printf("\t Unit: %s\n", i->unit); show_unit_cgroup(bus, i->unit, i->leader); |