aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/lxc/attach.c35
-rw-r--r--src/lxc/attach.h1
-rw-r--r--src/lxc/lxc_attach.c4
-rw-r--r--src/lxc/namespace.c47
-rw-r--r--src/lxc/namespace.h1
5 files changed, 38 insertions, 50 deletions
diff --git a/src/lxc/attach.c b/src/lxc/attach.c
index 254b185..33da411 100644
--- a/src/lxc/attach.c
+++ b/src/lxc/attach.c
@@ -226,6 +226,41 @@ int lxc_attach_proc_to_cgroups(pid_t pid, struct lxc_proc_context_info *ctx)
return 0;
}
+int lxc_attach_to_ns(pid_t pid)
+{
+ char path[MAXPATHLEN];
+ char *ns[] = { "pid", "mnt", "net", "ipc", "uts" };
+ const int size = sizeof(ns) / sizeof(char *);
+ int fd[size];
+ int i;
+
+ snprintf(path, MAXPATHLEN, "/proc/%d/ns", pid);
+ if (access(path, X_OK)) {
+ ERROR("Does this kernel version support 'attach' ?");
+ return -1;
+ }
+
+ for (i = 0; i < size; i++) {
+ snprintf(path, MAXPATHLEN, "/proc/%d/ns/%s", pid, ns[i]);
+ fd[i] = open(path, O_RDONLY);
+ if (fd[i] < 0) {
+ SYSERROR("failed to open '%s'", path);
+ return -1;
+ }
+ }
+
+ for (i = 0; i < size; i++) {
+ if (setns(fd[i], 0)) {
+ SYSERROR("failed to set namespace '%s'", ns[i]);
+ return -1;
+ }
+
+ close(fd[i]);
+ }
+
+ return 0;
+}
+
int lxc_attach_drop_privs(struct lxc_proc_context_info *ctx)
{
int last_cap = lxc_caps_last_cap();
diff --git a/src/lxc/attach.h b/src/lxc/attach.h
index 7e67455..d2b7533 100644
--- a/src/lxc/attach.h
+++ b/src/lxc/attach.h
@@ -42,6 +42,7 @@ extern struct lxc_proc_context_info *lxc_proc_get_context_info(pid_t pid);
extern void lxc_proc_free_context_info(struct lxc_proc_context_info *info);
extern int lxc_attach_proc_to_cgroups(pid_t pid, struct lxc_proc_context_info *ctx);
+extern int lxc_attach_to_ns(pid_t other_pid);
extern int lxc_attach_drop_privs(struct lxc_proc_context_info *ctx);
#endif
diff --git a/src/lxc/lxc_attach.c b/src/lxc/lxc_attach.c
index ed3d5a4..c8643d1 100644
--- a/src/lxc/lxc_attach.c
+++ b/src/lxc/lxc_attach.c
@@ -30,9 +30,9 @@
#include <sys/types.h>
#include <sys/wait.h>
+#include "attach.h"
#include "commands.h"
#include "arguments.h"
-#include "namespace.h"
#include "caps.h"
#include "log.h"
@@ -85,7 +85,7 @@ int main(int argc, char *argv[], char *envp[])
curdir = get_current_dir_name();
- ret = lxc_attach(pid);
+ ret = lxc_attach_to_ns(pid);
if (ret < 0) {
ERROR("failed to enter the namespace");
return -1;
diff --git a/src/lxc/namespace.c b/src/lxc/namespace.c
index 6512685..3e6fc3a 100644
--- a/src/lxc/namespace.c
+++ b/src/lxc/namespace.c
@@ -34,8 +34,6 @@
#include "namespace.h"
#include "log.h"
-#include "setns.h"
-
lxc_log_define(lxc_namespace, lxc);
struct clone_arg {
@@ -43,16 +41,6 @@ struct clone_arg {
void *arg;
};
-int setns(int fd, int nstype)
-{
-#ifndef __NR_setns
- errno = ENOSYS;
- return -1;
-#else
- return syscall(__NR_setns, fd, nstype);
-#endif
-}
-
static int do_clone(void *arg)
{
struct clone_arg *clone_arg = arg;
@@ -81,38 +69,3 @@ pid_t lxc_clone(int (*fn)(void *), void *arg, int flags)
return ret;
}
-
-int lxc_attach(pid_t pid)
-{
- char path[MAXPATHLEN];
- char *ns[] = { "pid", "mnt", "net", "ipc", "uts" };
- const int size = sizeof(ns) / sizeof(char *);
- int fd[size];
- int i;
-
- sprintf(path, "/proc/%d/ns", pid);
- if (access(path, X_OK)) {
- ERROR("Does this kernel version support 'attach' ?");
- return -1;
- }
-
- for (i = 0; i < size; i++) {
- sprintf(path, "/proc/%d/ns/%s", pid, ns[i]);
- fd[i] = open(path, O_RDONLY);
- if (fd[i] < 0) {
- SYSERROR("failed to open '%s'", path);
- return -1;
- }
- }
-
- for (i = 0; i < size; i++) {
- if (setns(fd[i], 0)) {
- SYSERROR("failed to set namespace '%s'", ns[i]);
- return -1;
- }
-
- close(fd[i]);
- }
-
- return 0;
-}
diff --git a/src/lxc/namespace.h b/src/lxc/namespace.h
index 9c6b7ec..5442dd3 100644
--- a/src/lxc/namespace.h
+++ b/src/lxc/namespace.h
@@ -49,6 +49,5 @@
#endif
extern pid_t lxc_clone(int (*fn)(void *), void *arg, int flags);
-extern int lxc_attach(pid_t pid);
#endif