|
Packit |
6c4009 |
/* Entering namespaces for test case isolation.
|
|
Packit |
6c4009 |
Copyright (C) 2016-2018 Free Software Foundation, Inc.
|
|
Packit |
6c4009 |
This file is part of the GNU C Library.
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
The GNU C Library is free software; you can redistribute it and/or
|
|
Packit |
6c4009 |
modify it under the terms of the GNU Lesser General Public
|
|
Packit |
6c4009 |
License as published by the Free Software Foundation; either
|
|
Packit |
6c4009 |
version 2.1 of the License, or (at your option) any later version.
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
The GNU C Library is distributed in the hope that it will be useful,
|
|
Packit |
6c4009 |
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Packit |
6c4009 |
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Packit |
6c4009 |
Lesser General Public License for more details.
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
You should have received a copy of the GNU Lesser General Public
|
|
Packit |
6c4009 |
License along with the GNU C Library; if not, see
|
|
Packit |
6c4009 |
<http://www.gnu.org/licenses/>. */
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
#ifndef SUPPORT_NAMESPACE_H
|
|
Packit |
6c4009 |
#define SUPPORT_NAMESPACE_H
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
#include <stdbool.h>
|
|
Packit |
6c4009 |
#include <sys/cdefs.h>
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
__BEGIN_DECLS
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* Attempts to become root (or acquire root-like privileges), possibly
|
|
Packit |
6c4009 |
with the help of user namespaces. Return true if (restricted) root
|
|
Packit |
6c4009 |
privileges could be attained in some way. Print diagnostics to
|
|
Packit |
6c4009 |
standard output.
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
Note that this function generally has to be called before a process
|
|
Packit |
6c4009 |
becomes multi-threaded, otherwise it may fail with insufficient
|
|
Packit |
6c4009 |
privileges on systems which would support this operation for
|
|
Packit |
6c4009 |
single-threaded processes. */
|
|
Packit |
6c4009 |
bool support_become_root (void);
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* Return true if this process can perform a chroot operation. In
|
|
Packit |
6c4009 |
general, this is only possible if support_become_root has been
|
|
Packit |
6c4009 |
called. Note that the actual test is performed in a subprocess,
|
|
Packit |
6c4009 |
after fork, so that the file system root of the original process is
|
|
Packit |
6c4009 |
not changed. */
|
|
Packit |
6c4009 |
bool support_can_chroot (void);
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* Enter a network namespace (and a UTS namespace if possible) and
|
|
Packit |
6c4009 |
configure the loopback interface. Return true if a network
|
|
Packit |
6c4009 |
namespace could be created. Print diagnostics to standard output.
|
|
Packit |
6c4009 |
If a network namespace could be created, but networking in it could
|
|
Packit |
6c4009 |
not be configured, terminate the process. It is recommended to
|
|
Packit |
6c4009 |
call support_become_root before this function so that the process
|
|
Packit |
6c4009 |
has sufficient privileges. */
|
|
Packit |
6c4009 |
bool support_enter_network_namespace (void);
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* Enter a mount namespace and mark / as private (not shared). If
|
|
Packit |
6c4009 |
this function returns true, mount operations in this process will
|
|
Packit |
6c4009 |
not affect the host system afterwards. */
|
|
Packit |
6c4009 |
bool support_enter_mount_namespace (void);
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* Return true if support_enter_network_namespace managed to enter a
|
|
Packit |
6c4009 |
UTS namespace. */
|
|
Packit |
6c4009 |
bool support_in_uts_namespace (void);
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* Invoke CALLBACK (CLOSURE) in a subprocess created using fork.
|
|
Packit |
6c4009 |
Terminate the calling process if the subprocess exits with a
|
|
Packit |
6c4009 |
non-zero exit status. */
|
|
Packit |
6c4009 |
void support_isolate_in_subprocess (void (*callback) (void *), void *closure);
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* Describe the setup of a chroot environment, for
|
|
Packit |
6c4009 |
support_chroot_create below. */
|
|
Packit |
6c4009 |
struct support_chroot_configuration
|
|
Packit |
6c4009 |
{
|
|
Packit |
6c4009 |
/* File contents. The files are not created if the field is
|
|
Packit |
6c4009 |
NULL. */
|
|
Packit |
6c4009 |
const char *resolv_conf; /* /etc/resolv.conf. */
|
|
Packit |
6c4009 |
const char *hosts; /* /etc/hosts. */
|
|
Packit |
6c4009 |
const char *host_conf; /* /etc/host.conf. */
|
|
Packit |
6c4009 |
};
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* The result of the creation of a chroot. */
|
|
Packit |
6c4009 |
struct support_chroot
|
|
Packit |
6c4009 |
{
|
|
Packit |
6c4009 |
/* Path information. All these paths are relative to the parent
|
|
Packit |
6c4009 |
chroot. */
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* Path to the chroot directory. */
|
|
Packit |
6c4009 |
char *path_chroot;
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* Paths to files in the chroot. These are absolute and outside of
|
|
Packit |
6c4009 |
the chroot. */
|
|
Packit |
6c4009 |
char *path_resolv_conf; /* /etc/resolv.conf. */
|
|
Packit |
6c4009 |
char *path_hosts; /* /etc/hosts. */
|
|
Packit |
6c4009 |
char *path_host_conf; /* /etc/host.conf. */
|
|
Packit |
6c4009 |
};
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* Create a chroot environment. The returned data should be freed
|
|
Packit |
6c4009 |
using support_chroot_free below. The files will be deleted when
|
|
Packit |
6c4009 |
the process exits. This function does not enter the chroot. */
|
|
Packit |
6c4009 |
struct support_chroot *support_chroot_create
|
|
Packit |
6c4009 |
(struct support_chroot_configuration);
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* Deallocate the chroot information created by
|
|
Packit |
6c4009 |
support_chroot_create. */
|
|
Packit |
6c4009 |
void support_chroot_free (struct support_chroot *);
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
__END_DECLS
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
#endif
|