Print this page
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/cmd/zoneadm/zoneadm.c
+++ new/usr/src/cmd/zoneadm/zoneadm.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
|
↓ open down ↓ |
14 lines elided |
↑ open up ↑ |
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21
22 22 /*
23 23 * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
24 24 * Copyright 2014 Nexenta Systems, Inc. All rights reserved.
25 - * Copyright 2015, Joyent Inc. All rights reserved.
26 25 * Copyright (c) 2015 by Delphix. All rights reserved.
26 + * Copyright 2015, Joyent Inc. All rights reserved.
27 27 */
28 28
29 29 /*
30 30 * zoneadm is a command interpreter for zone administration. It is all in
31 31 * C (i.e., no lex/yacc), and all the argument passing is argc/argv based.
32 32 * main() calls parse_and_run() which calls cmd_match(), then invokes the
33 33 * appropriate command's handler function. The rest of the program is the
34 34 * handler functions and their helper functions.
35 35 *
36 36 * Some of the helper functions are used largely to simplify I18N: reducing
37 37 * the need for translation notes. This is particularly true of many of
38 38 * the zerror() calls: doing e.g. zerror(gettext("%s failed"), "foo") rather
39 39 * than zerror(gettext("foo failed")) with a translation note indicating
40 40 * that "foo" need not be translated.
41 41 */
42 42
43 43 #include <stdio.h>
44 44 #include <errno.h>
45 45 #include <unistd.h>
46 46 #include <signal.h>
47 47 #include <stdarg.h>
48 48 #include <ctype.h>
49 49 #include <stdlib.h>
50 50 #include <string.h>
51 51 #include <wait.h>
52 52 #include <zone.h>
53 53 #include <priv.h>
54 54 #include <locale.h>
55 55 #include <libintl.h>
56 56 #include <libzonecfg.h>
57 57 #include <bsm/adt.h>
58 58 #include <sys/brand.h>
59 59 #include <sys/param.h>
60 60 #include <sys/types.h>
61 61 #include <sys/stat.h>
62 62 #include <sys/statvfs.h>
63 63 #include <assert.h>
64 64 #include <sys/sockio.h>
65 65 #include <sys/mntent.h>
66 66 #include <limits.h>
67 67 #include <dirent.h>
68 68 #include <uuid/uuid.h>
69 69 #include <fcntl.h>
70 70 #include <door.h>
71 71 #include <macros.h>
72 72 #include <libgen.h>
73 73 #include <fnmatch.h>
74 74 #include <sys/modctl.h>
75 75 #include <libbrand.h>
76 76 #include <libscf.h>
77 77 #include <procfs.h>
78 78 #include <strings.h>
79 79 #include <pool.h>
80 80 #include <sys/pool.h>
81 81 #include <sys/priocntl.h>
82 82 #include <sys/fsspriocntl.h>
83 83 #include <libdladm.h>
84 84 #include <libdllink.h>
85 85 #include <pwd.h>
86 86 #include <auth_list.h>
87 87 #include <auth_attr.h>
88 88 #include <secdb.h>
89 89
90 90 #include "zoneadm.h"
91 91
92 92 #define MAXARGS 8
93 93 #define SOURCE_ZONE (CMD_MAX + 1)
94 94
95 95 /* Reflects kernel zone entries */
96 96 typedef struct zone_entry {
97 97 zoneid_t zid;
98 98 char zname[ZONENAME_MAX];
99 99 char *zstate_str;
|
↓ open down ↓ |
63 lines elided |
↑ open up ↑ |
100 100 zone_state_t zstate_num;
101 101 char zbrand[MAXNAMELEN];
102 102 char zroot[MAXPATHLEN];
103 103 char zuuid[UUID_PRINTABLE_STRING_LENGTH];
104 104 zone_iptype_t ziptype;
105 105 zoneid_t zdid;
106 106 } zone_entry_t;
107 107
108 108 #define CLUSTER_BRAND_NAME "cluster"
109 109
110 +static zone_entry_t *zents;
111 +static size_t nzents;
112 +
110 113 #define LOOPBACK_IF "lo0"
111 114 #define SOCKET_AF(af) (((af) == AF_UNSPEC) ? AF_INET : (af))
112 115
113 116 struct net_if {
114 117 char *name;
115 118 int af;
116 119 };
117 120
118 121 /* 0755 is the default directory mode. */
119 122 #define DEFAULT_DIR_MODE \
120 123 (S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH)
121 124
122 125 struct cmd {
123 126 uint_t cmd_num; /* command number */
124 127 char *cmd_name; /* command name */
125 128 char *short_usage; /* short form help */
126 129 int (*handler)(int argc, char *argv[]); /* function to call */
127 130
128 131 };
129 132
130 133 #define SHELP_HELP "help"
131 134 #define SHELP_BOOT "boot [-- boot_arguments]"
132 135 #define SHELP_HALT "halt"
133 136 #define SHELP_READY "ready"
134 137 #define SHELP_SHUTDOWN "shutdown [-r [-- boot_arguments]]"
135 138 #define SHELP_REBOOT "reboot [-- boot_arguments]"
136 139 #define SHELP_LIST "list [-cipv]"
137 140 #define SHELP_VERIFY "verify"
138 141 #define SHELP_INSTALL "install [brand-specific args]"
139 142 #define SHELP_UNINSTALL "uninstall [-F] [brand-specific args]"
140 143 #define SHELP_CLONE "clone [-m method] [-s <ZFS snapshot>] "\
141 144 "[brand-specific args] zonename"
142 145 #define SHELP_MOVE "move zonepath"
143 146 #define SHELP_DETACH "detach [-n] [brand-specific args]"
144 147 #define SHELP_ATTACH "attach [-F] [-n <path>] [brand-specific args]"
145 148 #define SHELP_MARK "mark incomplete"
146 149
147 150 #define EXEC_PREFIX "exec "
148 151 #define EXEC_LEN (strlen(EXEC_PREFIX))
149 152 #define RMCOMMAND "/usr/bin/rm -rf"
150 153
151 154 static int cleanup_zonepath(char *, boolean_t);
152 155
153 156
154 157 static int help_func(int argc, char *argv[]);
155 158 static int ready_func(int argc, char *argv[]);
156 159 static int boot_func(int argc, char *argv[]);
157 160 static int shutdown_func(int argc, char *argv[]);
158 161 static int halt_func(int argc, char *argv[]);
159 162 static int reboot_func(int argc, char *argv[]);
160 163 static int list_func(int argc, char *argv[]);
161 164 static int verify_func(int argc, char *argv[]);
162 165 static int install_func(int argc, char *argv[]);
163 166 static int uninstall_func(int argc, char *argv[]);
164 167 static int mount_func(int argc, char *argv[]);
165 168 static int unmount_func(int argc, char *argv[]);
166 169 static int clone_func(int argc, char *argv[]);
167 170 static int move_func(int argc, char *argv[]);
168 171 static int detach_func(int argc, char *argv[]);
169 172 static int attach_func(int argc, char *argv[]);
170 173 static int mark_func(int argc, char *argv[]);
171 174 static int apply_func(int argc, char *argv[]);
172 175 static int sysboot_func(int argc, char *argv[]);
173 176 static int sanity_check(char *zone, int cmd_num, boolean_t running,
174 177 boolean_t unsafe_when_running, boolean_t force);
175 178 static int cmd_match(char *cmd);
176 179 static int verify_details(int, char *argv[]);
177 180 static int verify_brand(zone_dochandle_t, int, char *argv[]);
178 181 static int invoke_brand_handler(int, char *argv[]);
179 182
180 183 static struct cmd cmdtab[] = {
181 184 { CMD_HELP, "help", SHELP_HELP, help_func },
182 185 { CMD_BOOT, "boot", SHELP_BOOT, boot_func },
183 186 { CMD_HALT, "halt", SHELP_HALT, halt_func },
184 187 { CMD_READY, "ready", SHELP_READY, ready_func },
185 188 { CMD_SHUTDOWN, "shutdown", SHELP_SHUTDOWN, shutdown_func },
186 189 { CMD_REBOOT, "reboot", SHELP_REBOOT, reboot_func },
187 190 { CMD_LIST, "list", SHELP_LIST, list_func },
188 191 { CMD_VERIFY, "verify", SHELP_VERIFY, verify_func },
189 192 { CMD_INSTALL, "install", SHELP_INSTALL, install_func },
190 193 { CMD_UNINSTALL, "uninstall", SHELP_UNINSTALL,
191 194 uninstall_func },
192 195 /* mount and unmount are private commands for admin/install */
193 196 { CMD_MOUNT, "mount", NULL, mount_func },
194 197 { CMD_UNMOUNT, "unmount", NULL, unmount_func },
195 198 { CMD_CLONE, "clone", SHELP_CLONE, clone_func },
196 199 { CMD_MOVE, "move", SHELP_MOVE, move_func },
197 200 { CMD_DETACH, "detach", SHELP_DETACH, detach_func },
198 201 { CMD_ATTACH, "attach", SHELP_ATTACH, attach_func },
199 202 { CMD_MARK, "mark", SHELP_MARK, mark_func },
200 203 { CMD_APPLY, "apply", NULL, apply_func },
201 204 { CMD_SYSBOOT, "sysboot", NULL, sysboot_func }
202 205 };
203 206
204 207 /* global variables */
205 208
206 209 /* set early in main(), never modified thereafter, used all over the place */
207 210 static char *execname;
208 211 static char target_brand[MAXNAMELEN];
209 212 static char default_brand[MAXPATHLEN];
210 213 static char *locale;
211 214 char *target_zone;
212 215 static char *target_uuid;
213 216 char *username;
214 217
215 218 char *
216 219 cmd_to_str(int cmd_num)
217 220 {
218 221 assert(cmd_num >= CMD_MIN && cmd_num <= CMD_MAX);
219 222 return (cmdtab[cmd_num].cmd_name);
220 223 }
221 224
222 225 /* This is a separate function because of gettext() wrapping. */
223 226 static char *
224 227 long_help(int cmd_num)
225 228 {
226 229 assert(cmd_num >= CMD_MIN && cmd_num <= CMD_MAX);
227 230 switch (cmd_num) {
228 231 case CMD_HELP:
229 232 return (gettext("Print usage message."));
230 233 case CMD_BOOT:
231 234 return (gettext("Activates (boots) specified zone. See "
232 235 "zoneadm(1m) for valid boot\n\targuments."));
233 236 case CMD_HALT:
234 237 return (gettext("Halts specified zone, bypassing shutdown "
235 238 "scripts and removing runtime\n\tresources of the zone."));
236 239 case CMD_READY:
237 240 return (gettext("Prepares a zone for running applications but "
238 241 "does not start any user\n\tprocesses in the zone."));
239 242 case CMD_SHUTDOWN:
240 243 return (gettext("Gracefully shutdown the zone or reboot if "
241 244 "the '-r' option is specified.\n\t"
242 245 "See zoneadm(1m) for valid boot arguments."));
243 246 case CMD_REBOOT:
244 247 return (gettext("Restarts the zone (equivalent to a halt / "
245 248 "boot sequence).\n\tFails if the zone is not active. "
246 249 "See zoneadm(1m) for valid boot\n\targuments."));
247 250 case CMD_LIST:
248 251 return (gettext("Lists the current zones, or a "
249 252 "specific zone if indicated. By default,\n\tall "
250 253 "running zones are listed, though this can be "
251 254 "expanded to all\n\tinstalled zones with the -i "
252 255 "option or all configured zones with the\n\t-c "
253 256 "option. When used with the general -z <zone> and/or -u "
254 257 "<uuid-match>\n\toptions, lists only the specified "
255 258 "matching zone, but lists it\n\tregardless of its state, "
256 259 "and the -i and -c options are disallowed. The\n\t-v "
257 260 "option can be used to display verbose information: zone "
258 261 "name, id,\n\tcurrent state, root directory and options. "
259 262 "The -p option can be used\n\tto request machine-parsable "
260 263 "output. The -v and -p options are mutually\n\texclusive."
261 264 " If neither -v nor -p is used, just the zone name is "
262 265 "listed."));
263 266 case CMD_VERIFY:
264 267 return (gettext("Check to make sure the configuration "
265 268 "can safely be instantiated\n\ton the machine: "
266 269 "physical network interfaces exist, etc."));
267 270 case CMD_INSTALL:
268 271 return (gettext("Install the configuration on to the system. "
269 272 "All arguments are passed to the brand installation "
270 273 "function;\n\tsee brands(5) for more information."));
271 274 case CMD_UNINSTALL:
272 275 return (gettext("Uninstall the configuration from the system. "
273 276 "The -F flag can be used\n\tto force the action. All "
274 277 "other arguments are passed to the brand\n\tuninstall "
275 278 "function; see brands(5) for more information."));
276 279 case CMD_CLONE:
277 280 return (gettext("Clone the installation of another zone. "
278 281 "The -m option can be used to\n\tspecify 'copy' which "
279 282 "forces a copy of the source zone. The -s option\n\t"
280 283 "can be used to specify the name of a ZFS snapshot "
281 284 "that was taken from\n\ta previous clone command. The "
282 285 "snapshot will be used as the source\n\tinstead of "
283 286 "creating a new ZFS snapshot. All other arguments are "
284 287 "passed\n\tto the brand clone function; see "
285 288 "brands(5) for more information."));
286 289 case CMD_MOVE:
287 290 return (gettext("Move the zone to a new zonepath."));
288 291 case CMD_DETACH:
289 292 return (gettext("Detach the zone from the system. The zone "
290 293 "state is changed to\n\t'configured' (but the files under "
291 294 "the zonepath are untouched).\n\tThe zone can subsequently "
292 295 "be attached, or can be moved to another\n\tsystem and "
293 296 "attached there. The -n option can be used to specify\n\t"
294 297 "'no-execute' mode. When -n is used, the information "
295 298 "needed to attach\n\tthe zone is sent to standard output "
296 299 "but the zone is not actually\n\tdetached. All other "
297 300 "arguments are passed to the brand detach function;\n\tsee "
298 301 "brands(5) for more information."));
299 302 case CMD_ATTACH:
300 303 return (gettext("Attach the zone to the system. The zone "
301 304 "state must be 'configured'\n\tprior to attach; upon "
302 305 "successful completion, the zone state will be\n\t"
303 306 "'installed'. The system software on the current "
304 307 "system must be\n\tcompatible with the software on the "
305 308 "zone's original system.\n\tSpecify -F "
306 309 "to force the attach and skip software compatibility "
307 310 "tests.\n\tThe -n option can be used to specify "
308 311 "'no-execute' mode. When -n is\n\tused, the information "
309 312 "needed to attach the zone is read from the\n\tspecified "
310 313 "path and the configuration is only validated. The path "
311 314 "can\n\tbe '-' to specify standard input. The -F and -n "
312 315 "options are mutually\n\texclusive. All other arguments "
313 316 "are passed to the brand attach\n\tfunction; see "
314 317 "brands(5) for more information."));
315 318 case CMD_MARK:
316 319 return (gettext("Set the state of the zone. This can be used "
317 320 "to force the zone\n\tstate to 'incomplete' "
318 321 "administratively if some activity has rendered\n\tthe "
319 322 "zone permanently unusable. The only valid state that "
320 323 "may be\n\tspecified is 'incomplete'."));
321 324 default:
322 325 return ("");
323 326 }
324 327 /* NOTREACHED */
325 328 return (NULL);
326 329 }
327 330
328 331 /*
329 332 * Called with explicit B_TRUE when help is explicitly requested, B_FALSE for
330 333 * unexpected errors.
331 334 */
332 335
333 336 static int
334 337 usage(boolean_t explicit)
335 338 {
336 339 int i;
337 340 FILE *fd = explicit ? stdout : stderr;
338 341
339 342 (void) fprintf(fd, "%s:\t%s help\n", gettext("usage"), execname);
340 343 (void) fprintf(fd, "\t%s [-z <zone>] [-u <uuid-match>] list\n",
341 344 execname);
342 345 (void) fprintf(fd, "\t%s {-z <zone>|-u <uuid-match>} <%s>\n", execname,
343 346 gettext("subcommand"));
344 347 (void) fprintf(fd, "\n%s:\n\n", gettext("Subcommands"));
345 348 for (i = CMD_MIN; i <= CMD_MAX; i++) {
346 349 if (cmdtab[i].short_usage == NULL)
347 350 continue;
348 351 (void) fprintf(fd, "%s\n", cmdtab[i].short_usage);
349 352 if (explicit)
350 353 (void) fprintf(fd, "\t%s\n\n", long_help(i));
351 354 }
352 355 if (!explicit)
353 356 (void) fputs("\n", fd);
354 357 return (Z_USAGE);
355 358 }
356 359
357 360 static void
358 361 sub_usage(char *short_usage, int cmd_num)
359 362 {
360 363 (void) fprintf(stderr, "%s:\t%s\n", gettext("usage"), short_usage);
361 364 (void) fprintf(stderr, "\t%s\n", long_help(cmd_num));
362 365 }
363 366
364 367 /*
365 368 * zperror() is like perror(3c) except that this also prints the executable
366 369 * name at the start of the message, and takes a boolean indicating whether
367 370 * to call libc'c strerror() or that from libzonecfg.
368 371 */
369 372
370 373 void
371 374 zperror(const char *str, boolean_t zonecfg_error)
372 375 {
373 376 (void) fprintf(stderr, "%s: %s: %s\n", execname, str,
374 377 zonecfg_error ? zonecfg_strerror(errno) : strerror(errno));
375 378 }
376 379
377 380 /*
378 381 * zperror2() is very similar to zperror() above, except it also prints a
379 382 * supplied zone name after the executable.
380 383 *
381 384 * All current consumers of this function want libzonecfg's strerror() rather
382 385 * than libc's; if this ever changes, this function can be made more generic
383 386 * like zperror() above.
384 387 */
385 388
386 389 void
387 390 zperror2(const char *zone, const char *str)
388 391 {
389 392 (void) fprintf(stderr, "%s: %s: %s: %s\n", execname, zone, str,
390 393 zonecfg_strerror(errno));
391 394 }
392 395
393 396 /* PRINTFLIKE1 */
394 397 void
395 398 zerror(const char *fmt, ...)
396 399 {
397 400 va_list alist;
|
↓ open down ↓ |
278 lines elided |
↑ open up ↑ |
398 401
399 402 va_start(alist, fmt);
400 403 (void) fprintf(stderr, "%s: ", execname);
401 404 if (target_zone != NULL)
402 405 (void) fprintf(stderr, "zone '%s': ", target_zone);
403 406 (void) vfprintf(stderr, fmt, alist);
404 407 (void) fprintf(stderr, "\n");
405 408 va_end(alist);
406 409 }
407 410
411 +static void *
412 +safe_calloc(size_t nelem, size_t elsize)
413 +{
414 + void *r = calloc(nelem, elsize);
415 +
416 + if (r == NULL) {
417 + zerror(gettext("failed to allocate %lu bytes: %s"),
418 + (ulong_t)nelem * elsize, strerror(errno));
419 + exit(Z_ERR);
420 + }
421 + return (r);
422 +}
423 +
408 424 static void
409 425 zone_print(zone_entry_t *zent, boolean_t verbose, boolean_t parsable)
410 426 {
411 427 static boolean_t firsttime = B_TRUE;
412 428 char *ip_type_str;
413 429
414 430 /* Skip a zone that shutdown while we were collecting data. */
415 431 if (zent->zname[0] == '\0')
416 432 return;
417 433
418 434 if (zent->ziptype == ZS_EXCLUSIVE)
419 435 ip_type_str = "excl";
420 436 else
421 437 ip_type_str = "shared";
422 438
423 439 assert(!(verbose && parsable));
424 440 if (firsttime && verbose) {
425 441 firsttime = B_FALSE;
426 442 (void) printf("%*s %-16s %-10s %-30s %-8s %-6s\n",
427 443 ZONEID_WIDTH, "ID", "NAME", "STATUS", "PATH", "BRAND",
428 444 "IP");
429 445 }
430 446 if (!verbose) {
431 447 char *cp, *clim;
432 448 char zdid[80];
433 449
434 450 if (!parsable) {
435 451 (void) printf("%s\n", zent->zname);
436 452 return;
437 453 }
438 454 if (zent->zid == ZONE_ID_UNDEFINED)
439 455 (void) printf("-");
440 456 else
441 457 (void) printf("%lu", zent->zid);
442 458 (void) printf(":%s:%s:", zent->zname, zent->zstate_str);
443 459 cp = zent->zroot;
444 460 while ((clim = strchr(cp, ':')) != NULL) {
445 461 (void) printf("%.*s\\:", clim - cp, cp);
446 462 cp = clim + 1;
447 463 }
448 464 if (zent->zdid == -1)
449 465 zdid[0] = '\0';
450 466 else
451 467 (void) snprintf(zdid, sizeof (zdid), "%d", zent->zdid);
452 468 (void) printf("%s:%s:%s:%s:%s\n", cp, zent->zuuid, zent->zbrand,
453 469 ip_type_str, zdid);
454 470 return;
455 471 }
456 472 if (zent->zstate_str != NULL) {
457 473 if (zent->zid == ZONE_ID_UNDEFINED)
458 474 (void) printf("%*s", ZONEID_WIDTH, "-");
459 475 else
460 476 (void) printf("%*lu", ZONEID_WIDTH, zent->zid);
461 477 (void) printf(" %-16s %-10s %-30s %-8s %-6s\n", zent->zname,
462 478 zent->zstate_str, zent->zroot, zent->zbrand, ip_type_str);
463 479 }
464 480 }
465 481
466 482 static int
467 483 lookup_zone_info(const char *zone_name, zoneid_t zid, zone_entry_t *zent)
468 484 {
|
↓ open down ↓ |
51 lines elided |
↑ open up ↑ |
469 485 char root[MAXPATHLEN], *cp;
470 486 int err;
471 487 uuid_t uuid;
472 488 zone_dochandle_t handle;
473 489
474 490 (void) strlcpy(zent->zname, zone_name, sizeof (zent->zname));
475 491 (void) strlcpy(zent->zroot, "???", sizeof (zent->zroot));
476 492 (void) strlcpy(zent->zbrand, "???", sizeof (zent->zbrand));
477 493 zent->zstate_str = "???";
478 494
479 - if (strcmp(zone_name, GLOBAL_ZONENAME) == 0)
480 - zid = zent->zdid = GLOBAL_ZONEID;
481 -
482 495 zent->zid = zid;
483 496
484 497 if (zonecfg_get_uuid(zone_name, uuid) == Z_OK &&
485 498 !uuid_is_null(uuid))
486 499 uuid_unparse(uuid, zent->zuuid);
487 500 else
488 501 zent->zuuid[0] = '\0';
489 502
490 503 /*
491 504 * For labeled zones which query the zone path of lower-level
492 505 * zones, the path needs to be adjusted to drop the final
493 506 * "/root" component. This adjusted path is then useful
494 507 * for reading down any exported directories from the
495 508 * lower-level zone.
496 509 */
497 510 if (is_system_labeled() && zent->zid != ZONE_ID_UNDEFINED) {
498 511 if (zone_getattr(zent->zid, ZONE_ATTR_ROOT, zent->zroot,
499 512 sizeof (zent->zroot)) == -1) {
500 513 zperror2(zent->zname,
501 514 gettext("could not get zone path."));
502 515 return (Z_ERR);
503 516 }
504 517 cp = zent->zroot + strlen(zent->zroot) - 5;
505 518 if (cp > zent->zroot && strcmp(cp, "/root") == 0)
506 519 *cp = 0;
507 520 } else {
508 521 if ((err = zone_get_zonepath(zent->zname, root,
509 522 sizeof (root))) != Z_OK) {
510 523 errno = err;
511 524 zperror2(zent->zname,
512 525 gettext("could not get zone path."));
513 526 return (Z_ERR);
514 527 }
515 528 (void) strlcpy(zent->zroot, root, sizeof (zent->zroot));
|
↓ open down ↓ |
24 lines elided |
↑ open up ↑ |
516 529 }
517 530
518 531 if ((err = zone_get_state(zent->zname, &zent->zstate_num)) != Z_OK) {
519 532 errno = err;
520 533 zperror2(zent->zname, gettext("could not get state"));
521 534 return (Z_ERR);
522 535 }
523 536 zent->zstate_str = zone_state_str(zent->zstate_num);
524 537
525 538 /*
526 - * A zone's brand might only be available in the .xml file describing
527 - * it, which is only visible to the global zone. This causes
539 + * A zone's brand is only available in the .xml file describing it,
540 + * which is only visible to the global zone. This causes
528 541 * zone_get_brand() to fail when called from within a non-global
529 542 * zone. Fortunately we only do this on labeled systems, where we
530 543 * know all zones are native.
531 544 */
532 545 if (getzoneid() != GLOBAL_ZONEID) {
533 546 assert(is_system_labeled() != 0);
534 547 (void) strlcpy(zent->zbrand, default_brand,
535 548 sizeof (zent->zbrand));
536 549 } else if (zone_get_brand(zent->zname, zent->zbrand,
537 550 sizeof (zent->zbrand)) != Z_OK) {
538 551 zperror2(zent->zname, gettext("could not get brand name"));
539 552 return (Z_ERR);
540 553 }
541 554
542 555 /*
543 556 * Get ip type of the zone.
544 557 * Note for global zone, ZS_SHARED is set always.
545 558 */
546 559 if (zid == GLOBAL_ZONEID) {
547 560 zent->ziptype = ZS_SHARED;
548 561 return (Z_OK);
549 562 }
550 563
551 564 if ((handle = zonecfg_init_handle()) == NULL) {
552 565 zperror2(zent->zname, gettext("could not init handle"));
553 566 return (Z_ERR);
554 567 }
555 568 if ((err = zonecfg_get_handle(zent->zname, handle)) != Z_OK) {
556 569 zperror2(zent->zname, gettext("could not get handle"));
557 570 zonecfg_fini_handle(handle);
558 571 return (Z_ERR);
559 572 }
560 573
561 574 if ((err = zonecfg_get_iptype(handle, &zent->ziptype)) != Z_OK) {
562 575 zperror2(zent->zname, gettext("could not get ip-type"));
563 576 zonecfg_fini_handle(handle);
564 577 return (Z_ERR);
565 578 }
566 579
567 580 /*
568 581 * There is a race condition where the zone could boot while
569 582 * we're walking the index file. In this case the zone state
570 583 * could be seen as running from the call above, but the zoneid
571 584 * would be undefined.
572 585 *
573 586 * There is also a race condition where the zone could shutdown after
574 587 * we got its running state above. This is also not an error and
575 588 * we fall back to getting the ziptype from the zone configuration.
576 589 */
577 590 if (zent->zstate_num == ZONE_STATE_RUNNING &&
578 591 zid != ZONE_ID_UNDEFINED) {
579 592 ushort_t flags;
580 593
581 594 if (zone_getattr(zid, ZONE_ATTR_FLAGS, &flags,
582 595 sizeof (flags)) >= 0) {
583 596 if (flags & ZF_NET_EXCL)
584 597 zent->ziptype = ZS_EXCLUSIVE;
585 598 else
586 599 zent->ziptype = ZS_SHARED;
|
↓ open down ↓ |
49 lines elided |
↑ open up ↑ |
587 600 }
588 601 }
589 602
590 603 zent->zdid = zonecfg_get_did(handle);
591 604
592 605 zonecfg_fini_handle(handle);
593 606
594 607 return (Z_OK);
595 608 }
596 609
610 +/*
611 + * fetch_zents() calls zone_list(2) to find out how many zones are running
612 + * (which is stored in the global nzents), then calls zone_list(2) again
613 + * to fetch the list of running zones (stored in the global zents). This
614 + * function may be called multiple times, so if zents is already set, we
615 + * return immediately to save work.
616 + *
617 + * Note that the data about running zones can change while this function
618 + * is running, so its possible that the list of zones will have empty slots
619 + * at the end.
620 + */
621 +
597 622 static int
598 -zone_print_list(zone_state_t min_state, boolean_t verbose, boolean_t parsable)
623 +fetch_zents(void)
599 624 {
600 - zone_entry_t zent;
601 - FILE *cookie;
602 - struct zoneent *ze;
625 + zoneid_t *zids = NULL;
626 + uint_t nzents_saved;
627 + int i, retv;
628 + FILE *fp;
629 + boolean_t inaltroot;
630 + zone_entry_t *zentp;
631 + const char *altroot;
603 632
604 - /*
605 - * Get the full list of zones from the configuration.
606 - */
607 - cookie = setzoneent();
608 - while ((ze = getzoneent_private(cookie)) != NULL) {
609 - char *name = ze->zone_name;
610 - zoneid_t zid;
633 + if (nzents > 0)
634 + return (Z_OK);
611 635
612 - zid = getzoneidbyname(name);
636 + if (zone_list(NULL, &nzents) != 0) {
637 + zperror(gettext("failed to get zoneid list"), B_FALSE);
638 + return (Z_ERR);
639 + }
613 640
614 - if (ze->zone_brand[0] == '\0') {
615 - /* old, incomplete index entry */
616 - if (lookup_zone_info(name, zid, &zent) != Z_OK) {
617 - free(ze);
641 +again:
642 + if (nzents == 0)
643 + return (Z_OK);
644 +
645 + zids = safe_calloc(nzents, sizeof (zoneid_t));
646 + nzents_saved = nzents;
647 +
648 + if (zone_list(zids, &nzents) != 0) {
649 + zperror(gettext("failed to get zone list"), B_FALSE);
650 + free(zids);
651 + return (Z_ERR);
652 + }
653 + if (nzents != nzents_saved) {
654 + /* list changed, try again */
655 + free(zids);
656 + goto again;
657 + }
658 +
659 + zents = safe_calloc(nzents, sizeof (zone_entry_t));
660 +
661 + inaltroot = zonecfg_in_alt_root();
662 + if (inaltroot) {
663 + fp = zonecfg_open_scratch("", B_FALSE);
664 + altroot = zonecfg_get_root();
665 + } else {
666 + fp = NULL;
667 + }
668 + zentp = zents;
669 + retv = Z_OK;
670 + for (i = 0; i < nzents; i++) {
671 + char name[ZONENAME_MAX];
672 + char altname[ZONENAME_MAX];
673 + char rev_altroot[MAXPATHLEN];
674 +
675 + if (getzonenamebyid(zids[i], name, sizeof (name)) < 0) {
676 + /*
677 + * There is a race condition where the zone may have
678 + * shutdown since we retrieved the number of running
679 + * zones above. This is not an error, there will be
680 + * an empty slot at the end of the list.
681 + */
682 + continue;
683 + }
684 + if (zonecfg_is_scratch(name)) {
685 + /* Ignore scratch zones by default */
686 + if (!inaltroot)
618 687 continue;
688 + if (fp == NULL ||
689 + zonecfg_reverse_scratch(fp, name, altname,
690 + sizeof (altname), rev_altroot,
691 + sizeof (rev_altroot)) == -1) {
692 + zerror(gettext("could not resolve scratch "
693 + "zone %s"), name);
694 + retv = Z_ERR;
695 + continue;
619 696 }
697 + /* Ignore zones in other alternate roots */
698 + if (strcmp(rev_altroot, altroot) != 0)
699 + continue;
700 + (void) strcpy(name, altname);
620 701 } else {
621 - /* new, full index entry */
622 - (void) strlcpy(zent.zname, name, sizeof (zent.zname));
623 - (void) strlcpy(zent.zroot, ze->zone_path,
624 - sizeof (zent.zroot));
625 - uuid_unparse(ze->zone_uuid, zent.zuuid);
626 - (void) strlcpy(zent.zbrand, ze->zone_brand,
627 - sizeof (zent.zbrand));
628 - zent.ziptype = ze->zone_iptype;
629 - zent.zdid = ze->zone_did;
630 - zent.zid = zid;
702 + /* Ignore non-scratch when in an alternate root */
703 + if (inaltroot && strcmp(name, GLOBAL_ZONENAME) != 0)
704 + continue;
705 + }
706 + if (lookup_zone_info(name, zids[i], zentp) != Z_OK) {
707 + /*
708 + * There is a race condition where the zone may have
709 + * shutdown since we retrieved the number of running
710 + * zones above. This is not an error, there will be
711 + * an empty slot at the end of the list.
712 + */
713 + continue;
714 + }
715 + zentp++;
716 + }
717 + nzents = zentp - zents;
718 + if (fp != NULL)
719 + zonecfg_close_scratch(fp);
631 720
632 - if (zid != -1) {
633 - int err;
721 + free(zids);
722 + return (retv);
723 +}
634 724
635 - err = zone_get_state(name,
636 - (zone_state_t *)&ze->zone_state);
637 - if (err != Z_OK) {
638 - errno = err;
639 - zperror2(name, gettext("could not get "
640 - "state"));
641 - free(ze);
642 - continue;
643 - }
644 - }
725 +static int
726 +zone_print_list(zone_state_t min_state, boolean_t verbose, boolean_t parsable)
727 +{
728 + int i;
729 + zone_entry_t zent;
730 + FILE *cookie;
731 + char *name;
645 732
646 - zent.zstate_num = ze->zone_state;
647 - zent.zstate_str = zone_state_str(zent.zstate_num);
733 + /*
734 + * First get the list of running zones from the kernel and print them.
735 + * If that is all we need, then return.
736 + */
737 + if ((i = fetch_zents()) != Z_OK) {
738 + /*
739 + * No need for error messages; fetch_zents() has already taken
740 + * care of this.
741 + */
742 + return (i);
743 + }
744 + for (i = 0; i < nzents; i++)
745 + zone_print(&zents[i], verbose, parsable);
746 + if (min_state >= ZONE_STATE_RUNNING)
747 + return (Z_OK);
748 + /*
749 + * Next, get the full list of zones from the configuration, skipping
750 + * any we have already printed.
751 + */
752 + cookie = setzoneent();
753 + while ((name = getzoneent(cookie)) != NULL) {
754 + for (i = 0; i < nzents; i++) {
755 + if (strcmp(zents[i].zname, name) == 0)
756 + break;
648 757 }
649 -
758 + if (i < nzents) {
759 + free(name);
760 + continue;
761 + }
762 + if (lookup_zone_info(name, ZONE_ID_UNDEFINED, &zent) != Z_OK) {
763 + free(name);
764 + continue;
765 + }
766 + free(name);
650 767 if (zent.zstate_num >= min_state)
651 768 zone_print(&zent, verbose, parsable);
652 -
653 - free(ze);
654 769 }
655 770 endzoneent(cookie);
656 771 return (Z_OK);
657 772 }
658 773
659 774 /*
660 775 * Retrieve a zone entry by name. Returns NULL if no such zone exists.
661 776 */
662 777 static zone_entry_t *
663 778 lookup_running_zone(const char *name)
664 779 {
665 780 zoneid_t zid;
666 781 zone_entry_t *zent;
667 782
668 783 if ((zid = getzoneidbyname(name)) == -1)
669 784 return (NULL);
670 785
671 786 if ((zent = malloc(sizeof (zone_entry_t))) == NULL)
672 787 return (NULL);
673 788
674 789 if (lookup_zone_info(name, zid, zent) != Z_OK) {
675 790 free(zent);
676 791 return (NULL);
677 792 }
678 793 return (zent);
679 794 }
680 795
681 796 /*
682 797 * Check a bit in a mode_t: if on is B_TRUE, that bit should be on; if
683 798 * B_FALSE, it should be off. Return B_TRUE if the mode is bad (incorrect).
684 799 */
685 800 static boolean_t
686 801 bad_mode_bit(mode_t mode, mode_t bit, boolean_t on, char *file)
687 802 {
688 803 char *str;
689 804
690 805 assert(bit == S_IRUSR || bit == S_IWUSR || bit == S_IXUSR ||
691 806 bit == S_IRGRP || bit == S_IWGRP || bit == S_IXGRP ||
692 807 bit == S_IROTH || bit == S_IWOTH || bit == S_IXOTH);
693 808 /*
694 809 * TRANSLATION_NOTE
695 810 * The strings below will be used as part of a larger message,
696 811 * either:
697 812 * (file name) must be (owner|group|world) (read|writ|execut)able
698 813 * or
699 814 * (file name) must not be (owner|group|world) (read|writ|execut)able
700 815 */
701 816 switch (bit) {
702 817 case S_IRUSR:
703 818 str = gettext("owner readable");
704 819 break;
705 820 case S_IWUSR:
706 821 str = gettext("owner writable");
707 822 break;
708 823 case S_IXUSR:
709 824 str = gettext("owner executable");
710 825 break;
711 826 case S_IRGRP:
712 827 str = gettext("group readable");
713 828 break;
714 829 case S_IWGRP:
715 830 str = gettext("group writable");
716 831 break;
717 832 case S_IXGRP:
718 833 str = gettext("group executable");
719 834 break;
720 835 case S_IROTH:
721 836 str = gettext("world readable");
722 837 break;
723 838 case S_IWOTH:
724 839 str = gettext("world writable");
725 840 break;
726 841 case S_IXOTH:
727 842 str = gettext("world executable");
728 843 break;
729 844 }
730 845 if ((mode & bit) == (on ? 0 : bit)) {
731 846 /*
732 847 * TRANSLATION_NOTE
733 848 * The first parameter below is a file name; the second
734 849 * is one of the "(owner|group|world) (read|writ|execut)able"
735 850 * strings from above.
736 851 */
737 852 /*
738 853 * The code below could be simplified but not in a way
739 854 * that would easily translate to non-English locales.
740 855 */
741 856 if (on) {
742 857 (void) fprintf(stderr, gettext("%s must be %s.\n"),
743 858 file, str);
744 859 } else {
745 860 (void) fprintf(stderr, gettext("%s must not be %s.\n"),
746 861 file, str);
747 862 }
748 863 return (B_TRUE);
749 864 }
750 865 return (B_FALSE);
751 866 }
752 867
753 868 /*
754 869 * We want to make sure that no zone has its zone path as a child node
755 870 * (in the directory sense) of any other. We do that by comparing this
756 871 * zone's path to the path of all other (non-global) zones. The comparison
757 872 * in each case is simple: add '/' to the end of the path, then do a
758 873 * strncmp() of the two paths, using the length of the shorter one.
759 874 */
760 875
761 876 static int
762 877 crosscheck_zonepaths(char *path)
763 878 {
764 879 char rpath[MAXPATHLEN]; /* resolved path */
765 880 char path_copy[MAXPATHLEN]; /* copy of original path */
766 881 char rpath_copy[MAXPATHLEN]; /* copy of original rpath */
767 882 struct zoneent *ze;
768 883 int res, err;
769 884 FILE *cookie;
770 885
771 886 cookie = setzoneent();
772 887 while ((ze = getzoneent_private(cookie)) != NULL) {
773 888 /* Skip zones which are not installed. */
774 889 if (ze->zone_state < ZONE_STATE_INSTALLED) {
775 890 free(ze);
776 891 continue;
777 892 }
778 893 /* Skip the global zone and the current target zone. */
779 894 if (strcmp(ze->zone_name, GLOBAL_ZONENAME) == 0 ||
780 895 strcmp(ze->zone_name, target_zone) == 0) {
781 896 free(ze);
782 897 continue;
783 898 }
784 899 if (strlen(ze->zone_path) == 0) {
785 900 /* old index file without path, fall back */
786 901 if ((err = zone_get_zonepath(ze->zone_name,
787 902 ze->zone_path, sizeof (ze->zone_path))) != Z_OK) {
788 903 errno = err;
789 904 zperror2(ze->zone_name,
790 905 gettext("could not get zone path"));
791 906 free(ze);
792 907 continue;
793 908 }
794 909 }
795 910 (void) snprintf(path_copy, sizeof (path_copy), "%s%s",
796 911 zonecfg_get_root(), ze->zone_path);
797 912 res = resolvepath(path_copy, rpath, sizeof (rpath));
798 913 if (res == -1) {
799 914 if (errno != ENOENT) {
800 915 zperror(path_copy, B_FALSE);
801 916 free(ze);
802 917 return (Z_ERR);
803 918 }
804 919 (void) printf(gettext("WARNING: zone %s is installed, "
805 920 "but its %s %s does not exist.\n"), ze->zone_name,
806 921 "zonepath", path_copy);
807 922 free(ze);
808 923 continue;
809 924 }
810 925 rpath[res] = '\0';
811 926 (void) snprintf(path_copy, sizeof (path_copy), "%s/", path);
812 927 (void) snprintf(rpath_copy, sizeof (rpath_copy), "%s/", rpath);
813 928 if (strncmp(path_copy, rpath_copy,
814 929 min(strlen(path_copy), strlen(rpath_copy))) == 0) {
815 930 /*
816 931 * TRANSLATION_NOTE
817 932 * zonepath is a literal that should not be translated.
818 933 */
819 934 (void) fprintf(stderr, gettext("%s zonepath (%s) and "
820 935 "%s zonepath (%s) overlap.\n"),
821 936 target_zone, path, ze->zone_name, rpath);
822 937 free(ze);
823 938 return (Z_ERR);
824 939 }
825 940 free(ze);
826 941 }
827 942 endzoneent(cookie);
828 943 return (Z_OK);
829 944 }
830 945
831 946 static int
832 947 validate_zonepath(char *path, int cmd_num)
833 948 {
834 949 int res; /* result of last library/system call */
835 950 boolean_t err = B_FALSE; /* have we run into an error? */
836 951 struct stat stbuf;
837 952 struct statvfs64 vfsbuf;
838 953 char rpath[MAXPATHLEN]; /* resolved path */
839 954 char ppath[MAXPATHLEN]; /* parent path */
840 955 char rppath[MAXPATHLEN]; /* resolved parent path */
841 956 char rootpath[MAXPATHLEN]; /* root path */
842 957 zone_state_t state;
843 958
844 959 if (path[0] != '/') {
845 960 (void) fprintf(stderr,
846 961 gettext("%s is not an absolute path.\n"), path);
847 962 return (Z_ERR);
848 963 }
849 964 if ((res = resolvepath(path, rpath, sizeof (rpath))) == -1) {
850 965 if ((errno != ENOENT) ||
851 966 (cmd_num != CMD_VERIFY && cmd_num != CMD_INSTALL &&
852 967 cmd_num != CMD_CLONE && cmd_num != CMD_MOVE)) {
853 968 zperror(path, B_FALSE);
854 969 return (Z_ERR);
855 970 }
856 971 if (cmd_num == CMD_VERIFY) {
857 972 /*
858 973 * TRANSLATION_NOTE
859 974 * zoneadm is a literal that should not be translated.
860 975 */
861 976 (void) fprintf(stderr, gettext("WARNING: %s does not "
862 977 "exist, so it could not be verified.\nWhen "
863 978 "'zoneadm %s' is run, '%s' will try to create\n%s, "
864 979 "and '%s' will be tried again,\nbut the '%s' may "
865 980 "fail if:\nthe parent directory of %s is group- or "
866 981 "other-writable\nor\n%s overlaps with any other "
867 982 "installed zones.\n"), path,
868 983 cmd_to_str(CMD_INSTALL), cmd_to_str(CMD_INSTALL),
869 984 path, cmd_to_str(CMD_VERIFY),
870 985 cmd_to_str(CMD_VERIFY), path, path);
871 986 return (Z_OK);
872 987 }
873 988 /*
874 989 * The zonepath is supposed to be mode 700 but its
875 990 * parent(s) 755. So use 755 on the mkdirp() then
876 991 * chmod() the zonepath itself to 700.
877 992 */
878 993 if (mkdirp(path, DEFAULT_DIR_MODE) < 0) {
879 994 zperror(path, B_FALSE);
880 995 return (Z_ERR);
881 996 }
882 997 /*
883 998 * If the chmod() fails, report the error, but might
884 999 * as well continue the verify procedure.
885 1000 */
886 1001 if (chmod(path, S_IRWXU) != 0)
887 1002 zperror(path, B_FALSE);
888 1003 /*
889 1004 * Since the mkdir() succeeded, we should not have to
890 1005 * worry about a subsequent ENOENT, thus this should
891 1006 * only recurse once.
892 1007 */
893 1008 return (validate_zonepath(path, cmd_num));
894 1009 }
895 1010 rpath[res] = '\0';
896 1011 if (strcmp(path, rpath) != 0) {
897 1012 errno = Z_RESOLVED_PATH;
898 1013 zperror(path, B_TRUE);
899 1014 return (Z_ERR);
900 1015 }
901 1016 if ((res = stat(rpath, &stbuf)) != 0) {
902 1017 zperror(rpath, B_FALSE);
903 1018 return (Z_ERR);
|
↓ open down ↓ |
240 lines elided |
↑ open up ↑ |
904 1019 }
905 1020 if (!S_ISDIR(stbuf.st_mode)) {
906 1021 (void) fprintf(stderr, gettext("%s is not a directory.\n"),
907 1022 rpath);
908 1023 return (Z_ERR);
909 1024 }
910 1025 if (strcmp(stbuf.st_fstype, MNTTYPE_TMPFS) == 0) {
911 1026 (void) printf(gettext("WARNING: %s is on a temporary "
912 1027 "file system.\n"), rpath);
913 1028 }
914 - if (cmd_num != CMD_BOOT && cmd_num != CMD_REBOOT &&
915 - cmd_num != CMD_READY) {
916 - /* we checked when we installed, no need to check each boot */
917 - if (crosscheck_zonepaths(rpath) != Z_OK)
918 - return (Z_ERR);
919 - }
1029 + if (crosscheck_zonepaths(rpath) != Z_OK)
1030 + return (Z_ERR);
920 1031 /*
921 1032 * Try to collect and report as many minor errors as possible
922 1033 * before returning, so the user can learn everything that needs
923 1034 * to be fixed up front.
924 1035 */
925 1036 if (stbuf.st_uid != 0) {
926 1037 (void) fprintf(stderr, gettext("%s is not owned by root.\n"),
927 1038 rpath);
928 1039 err = B_TRUE;
929 1040
930 1041 /* Try to change owner */
931 1042 if (cmd_num != CMD_VERIFY) {
932 1043 (void) fprintf(stderr, gettext("%s: changing owner "
933 1044 "to root.\n"), rpath);
934 1045 if (chown(rpath, 0, -1) != 0) {
935 1046 zperror(rpath, B_FALSE);
936 1047 return (Z_ERR);
937 1048 } else {
938 1049 err = B_FALSE;
939 1050 }
940 1051 }
941 1052 }
942 1053 err |= bad_mode_bit(stbuf.st_mode, S_IRUSR, B_TRUE, rpath);
943 1054 err |= bad_mode_bit(stbuf.st_mode, S_IWUSR, B_TRUE, rpath);
944 1055 err |= bad_mode_bit(stbuf.st_mode, S_IXUSR, B_TRUE, rpath);
945 1056 err |= bad_mode_bit(stbuf.st_mode, S_IRGRP, B_FALSE, rpath);
946 1057 err |= bad_mode_bit(stbuf.st_mode, S_IWGRP, B_FALSE, rpath);
947 1058 err |= bad_mode_bit(stbuf.st_mode, S_IXGRP, B_FALSE, rpath);
948 1059 err |= bad_mode_bit(stbuf.st_mode, S_IROTH, B_FALSE, rpath);
949 1060 err |= bad_mode_bit(stbuf.st_mode, S_IWOTH, B_FALSE, rpath);
950 1061 err |= bad_mode_bit(stbuf.st_mode, S_IXOTH, B_FALSE, rpath);
951 1062
952 1063 /* If the group perms are wrong, fix them */
953 1064 if (err && (cmd_num != CMD_VERIFY)) {
954 1065 (void) fprintf(stderr, gettext("%s: changing permissions "
955 1066 "to 0700.\n"), rpath);
956 1067 if (chmod(rpath, S_IRWXU) != 0) {
957 1068 zperror(path, B_FALSE);
958 1069 } else {
959 1070 err = B_FALSE;
960 1071 }
961 1072 }
962 1073
963 1074 (void) snprintf(ppath, sizeof (ppath), "%s/..", path);
964 1075 if ((res = resolvepath(ppath, rppath, sizeof (rppath))) == -1) {
965 1076 zperror(ppath, B_FALSE);
966 1077 return (Z_ERR);
967 1078 }
968 1079 rppath[res] = '\0';
969 1080 if ((res = stat(rppath, &stbuf)) != 0) {
970 1081 zperror(rppath, B_FALSE);
971 1082 return (Z_ERR);
972 1083 }
973 1084 /* theoretically impossible */
974 1085 if (!S_ISDIR(stbuf.st_mode)) {
975 1086 (void) fprintf(stderr, gettext("%s is not a directory.\n"),
976 1087 rppath);
977 1088 return (Z_ERR);
978 1089 }
979 1090 if (stbuf.st_uid != 0) {
980 1091 (void) fprintf(stderr, gettext("%s is not owned by root.\n"),
981 1092 rppath);
982 1093 err = B_TRUE;
983 1094 }
984 1095 err |= bad_mode_bit(stbuf.st_mode, S_IRUSR, B_TRUE, rppath);
985 1096 err |= bad_mode_bit(stbuf.st_mode, S_IWUSR, B_TRUE, rppath);
986 1097 err |= bad_mode_bit(stbuf.st_mode, S_IXUSR, B_TRUE, rppath);
987 1098 err |= bad_mode_bit(stbuf.st_mode, S_IWGRP, B_FALSE, rppath);
988 1099 err |= bad_mode_bit(stbuf.st_mode, S_IWOTH, B_FALSE, rppath);
989 1100 if (strcmp(rpath, rppath) == 0) {
990 1101 (void) fprintf(stderr, gettext("%s is its own parent.\n"),
991 1102 rppath);
992 1103 err = B_TRUE;
993 1104 }
994 1105
995 1106 if (statvfs64(rpath, &vfsbuf) != 0) {
996 1107 zperror(rpath, B_FALSE);
997 1108 return (Z_ERR);
998 1109 }
999 1110 if (strcmp(vfsbuf.f_basetype, MNTTYPE_NFS) == 0) {
1000 1111 /*
1001 1112 * TRANSLATION_NOTE
1002 1113 * Zonepath and NFS are literals that should not be translated.
1003 1114 */
1004 1115 (void) fprintf(stderr, gettext("Zonepath %s is on an NFS "
1005 1116 "mounted file system.\n"
1006 1117 "\tA local file system must be used.\n"), rpath);
1007 1118 return (Z_ERR);
1008 1119 }
1009 1120 if (vfsbuf.f_flag & ST_NOSUID) {
1010 1121 /*
1011 1122 * TRANSLATION_NOTE
1012 1123 * Zonepath and nosuid are literals that should not be
1013 1124 * translated.
1014 1125 */
1015 1126 (void) fprintf(stderr, gettext("Zonepath %s is on a nosuid "
1016 1127 "file system.\n"), rpath);
1017 1128 return (Z_ERR);
1018 1129 }
1019 1130
1020 1131 if ((res = zone_get_state(target_zone, &state)) != Z_OK) {
1021 1132 errno = res;
1022 1133 zperror2(target_zone, gettext("could not get state"));
1023 1134 return (Z_ERR);
1024 1135 }
1025 1136 /*
1026 1137 * The existence of the root path is only bad in the configured state,
1027 1138 * as it is *supposed* to be there at the installed and later states.
1028 1139 * However, the root path is expected to be there if the zone is
1029 1140 * detached.
1030 1141 * State/command mismatches are caught earlier in verify_details().
1031 1142 */
1032 1143 if (state == ZONE_STATE_CONFIGURED && cmd_num != CMD_ATTACH) {
1033 1144 if (snprintf(rootpath, sizeof (rootpath), "%s/root", rpath) >=
1034 1145 sizeof (rootpath)) {
1035 1146 /*
1036 1147 * TRANSLATION_NOTE
1037 1148 * Zonepath is a literal that should not be translated.
1038 1149 */
1039 1150 (void) fprintf(stderr,
1040 1151 gettext("Zonepath %s is too long.\n"), rpath);
1041 1152 return (Z_ERR);
1042 1153 }
1043 1154 if ((res = stat(rootpath, &stbuf)) == 0) {
1044 1155 if (zonecfg_detached(rpath)) {
1045 1156 (void) fprintf(stderr,
1046 1157 gettext("Cannot %s detached "
1047 1158 "zone.\nUse attach or remove %s "
1048 1159 "directory.\n"), cmd_to_str(cmd_num),
1049 1160 rpath);
1050 1161 return (Z_ERR);
1051 1162 }
1052 1163
1053 1164 /* Not detached, check if it really looks ok. */
1054 1165
1055 1166 if (!S_ISDIR(stbuf.st_mode)) {
1056 1167 (void) fprintf(stderr, gettext("%s is not a "
1057 1168 "directory.\n"), rootpath);
1058 1169 return (Z_ERR);
1059 1170 }
1060 1171
1061 1172 if (stbuf.st_uid != 0) {
1062 1173 (void) fprintf(stderr, gettext("%s is not "
1063 1174 "owned by root.\n"), rootpath);
1064 1175 return (Z_ERR);
1065 1176 }
1066 1177
1067 1178 if ((stbuf.st_mode & 0777) != 0755) {
1068 1179 (void) fprintf(stderr, gettext("%s mode is not "
1069 1180 "0755.\n"), rootpath);
1070 1181 return (Z_ERR);
1071 1182 }
1072 1183 }
1073 1184 }
1074 1185
1075 1186 return (err ? Z_ERR : Z_OK);
1076 1187 }
1077 1188
1078 1189 static int
1079 1190 invoke_brand_handler(int cmd_num, char *argv[])
1080 1191 {
1081 1192 zone_dochandle_t handle;
1082 1193 int err;
1083 1194
1084 1195 if ((handle = zonecfg_init_handle()) == NULL) {
1085 1196 zperror(cmd_to_str(cmd_num), B_TRUE);
1086 1197 return (Z_ERR);
1087 1198 }
1088 1199 if ((err = zonecfg_get_handle(target_zone, handle)) != Z_OK) {
1089 1200 errno = err;
1090 1201 zperror(cmd_to_str(cmd_num), B_TRUE);
1091 1202 zonecfg_fini_handle(handle);
1092 1203 return (Z_ERR);
1093 1204 }
1094 1205 if (verify_brand(handle, cmd_num, argv) != Z_OK) {
1095 1206 zonecfg_fini_handle(handle);
|
↓ open down ↓ |
166 lines elided |
↑ open up ↑ |
1096 1207 return (Z_ERR);
1097 1208 }
1098 1209 zonecfg_fini_handle(handle);
1099 1210 return (Z_OK);
1100 1211 }
1101 1212
1102 1213 static int
1103 1214 ready_func(int argc, char *argv[])
1104 1215 {
1105 1216 zone_cmd_arg_t zarg;
1106 - boolean_t debug = B_FALSE;
1107 1217 int arg;
1108 1218
1109 1219 if (zonecfg_in_alt_root()) {
1110 1220 zerror(gettext("cannot ready zone in alternate root"));
1111 1221 return (Z_ERR);
1112 1222 }
1113 1223
1114 1224 optind = 0;
1115 - if ((arg = getopt(argc, argv, "?X")) != EOF) {
1225 + if ((arg = getopt(argc, argv, "?")) != EOF) {
1116 1226 switch (arg) {
1117 1227 case '?':
1118 1228 sub_usage(SHELP_READY, CMD_READY);
1119 1229 return (optopt == '?' ? Z_OK : Z_USAGE);
1120 - case 'X':
1121 - debug = B_TRUE;
1122 - break;
1123 1230 default:
1124 1231 sub_usage(SHELP_READY, CMD_READY);
1125 1232 return (Z_USAGE);
1126 1233 }
1127 1234 }
1128 1235 if (argc > optind) {
1129 1236 sub_usage(SHELP_READY, CMD_READY);
1130 1237 return (Z_USAGE);
1131 1238 }
1132 1239 if (sanity_check(target_zone, CMD_READY, B_FALSE, B_FALSE, B_FALSE)
1133 1240 != Z_OK)
1134 1241 return (Z_ERR);
1135 1242 if (verify_details(CMD_READY, argv) != Z_OK)
1136 1243 return (Z_ERR);
1137 1244
1138 1245 zarg.cmd = Z_READY;
1139 - zarg.debug = debug;
1140 1246 if (zonecfg_call_zoneadmd(target_zone, &zarg, locale, B_TRUE) != 0) {
1141 1247 zerror(gettext("call to %s failed"), "zoneadmd");
1142 1248 return (Z_ERR);
1143 1249 }
1144 1250 return (Z_OK);
1145 1251 }
1146 1252
1147 1253 static int
1148 1254 boot_func(int argc, char *argv[])
1149 1255 {
1150 1256 zone_cmd_arg_t zarg;
1151 1257 boolean_t force = B_FALSE;
1152 - boolean_t debug = B_FALSE;
1153 1258 int arg;
1154 1259
1155 1260 if (zonecfg_in_alt_root()) {
1156 1261 zerror(gettext("cannot boot zone in alternate root"));
1157 1262 return (Z_ERR);
1158 1263 }
1159 1264
1160 1265 zarg.bootbuf[0] = '\0';
1161 1266
1162 1267 /*
1163 1268 * The following getopt processes arguments to zone boot; that
1164 1269 * is to say, the [here] portion of the argument string:
1165 1270 *
1166 1271 * zoneadm -z myzone boot [here] -- -v -m verbose
1167 1272 *
1168 1273 * Where [here] can either be nothing, -? (in which case we bail
|
↓ open down ↓ |
6 lines elided |
↑ open up ↑ |
1169 1274 * and print usage), -f (a private option to indicate that the
1170 1275 * boot operation should be 'forced'), or -s. Support for -s is
1171 1276 * vestigal and obsolete, but is retained because it was a
1172 1277 * documented interface and there are known consumers including
1173 1278 * admin/install; the proper way to specify boot arguments like -s
1174 1279 * is:
1175 1280 *
1176 1281 * zoneadm -z myzone boot -- -s -v -m verbose.
1177 1282 */
1178 1283 optind = 0;
1179 - while ((arg = getopt(argc, argv, "?fsX")) != EOF) {
1284 + while ((arg = getopt(argc, argv, "?fs")) != EOF) {
1180 1285 switch (arg) {
1181 1286 case '?':
1182 1287 sub_usage(SHELP_BOOT, CMD_BOOT);
1183 1288 return (optopt == '?' ? Z_OK : Z_USAGE);
1184 1289 case 's':
1185 1290 (void) strlcpy(zarg.bootbuf, "-s",
1186 1291 sizeof (zarg.bootbuf));
1187 1292 break;
1188 1293 case 'f':
1189 1294 force = B_TRUE;
1190 1295 break;
1191 - case 'X':
1192 - debug = B_TRUE;
1193 - break;
1194 1296 default:
1195 1297 sub_usage(SHELP_BOOT, CMD_BOOT);
1196 1298 return (Z_USAGE);
1197 1299 }
1198 1300 }
1199 1301
1200 1302 for (; optind < argc; optind++) {
1201 1303 if (strlcat(zarg.bootbuf, argv[optind],
1202 1304 sizeof (zarg.bootbuf)) >= sizeof (zarg.bootbuf)) {
1203 1305 zerror(gettext("Boot argument list too long"));
1204 1306 return (Z_ERR);
1205 1307 }
1206 1308 if (optind < argc - 1)
1207 1309 if (strlcat(zarg.bootbuf, " ", sizeof (zarg.bootbuf)) >=
1208 1310 sizeof (zarg.bootbuf)) {
|
↓ open down ↓ |
5 lines elided |
↑ open up ↑ |
1209 1311 zerror(gettext("Boot argument list too long"));
1210 1312 return (Z_ERR);
1211 1313 }
1212 1314 }
1213 1315 if (sanity_check(target_zone, CMD_BOOT, B_FALSE, B_FALSE, force)
1214 1316 != Z_OK)
1215 1317 return (Z_ERR);
1216 1318 if (verify_details(CMD_BOOT, argv) != Z_OK)
1217 1319 return (Z_ERR);
1218 1320 zarg.cmd = force ? Z_FORCEBOOT : Z_BOOT;
1219 - zarg.debug = debug;
1220 1321 if (zonecfg_call_zoneadmd(target_zone, &zarg, locale, B_TRUE) != 0) {
1221 1322 zerror(gettext("call to %s failed"), "zoneadmd");
1222 1323 return (Z_ERR);
1223 1324 }
1224 1325
1225 1326 return (Z_OK);
1226 1327 }
1227 1328
1228 1329 static void
1229 1330 fake_up_local_zone(zoneid_t zid, zone_entry_t *zeptr)
1230 1331 {
1231 1332 ssize_t result;
1232 1333 uuid_t uuid;
1233 1334 FILE *fp;
1234 1335 ushort_t flags;
1235 1336
1236 1337 (void) memset(zeptr, 0, sizeof (*zeptr));
1237 1338
1238 1339 zeptr->zid = zid;
1239 1340
1240 1341 /*
1241 1342 * Since we're looking up our own (non-global) zone name,
1242 1343 * we can be assured that it will succeed.
1243 1344 */
1244 1345 result = getzonenamebyid(zid, zeptr->zname, sizeof (zeptr->zname));
1245 1346 assert(result >= 0);
1246 1347 if (zonecfg_is_scratch(zeptr->zname) &&
1247 1348 (fp = zonecfg_open_scratch("", B_FALSE)) != NULL) {
1248 1349 (void) zonecfg_reverse_scratch(fp, zeptr->zname, zeptr->zname,
1249 1350 sizeof (zeptr->zname), NULL, 0);
1250 1351 zonecfg_close_scratch(fp);
1251 1352 }
1252 1353
1253 1354 if (is_system_labeled()) {
1254 1355 (void) zone_getattr(zid, ZONE_ATTR_ROOT, zeptr->zroot,
1255 1356 sizeof (zeptr->zroot));
1256 1357 (void) strlcpy(zeptr->zbrand, NATIVE_BRAND_NAME,
1257 1358 sizeof (zeptr->zbrand));
1258 1359 } else {
1259 1360 (void) strlcpy(zeptr->zroot, "/", sizeof (zeptr->zroot));
1260 1361 (void) zone_getattr(zid, ZONE_ATTR_BRAND, zeptr->zbrand,
1261 1362 sizeof (zeptr->zbrand));
1262 1363 }
1263 1364
1264 1365 zeptr->zstate_str = "running";
1265 1366 if (zonecfg_get_uuid(zeptr->zname, uuid) == Z_OK &&
1266 1367 !uuid_is_null(uuid))
1267 1368 uuid_unparse(uuid, zeptr->zuuid);
1268 1369
1269 1370 if (zone_getattr(zid, ZONE_ATTR_FLAGS, &flags, sizeof (flags)) < 0) {
1270 1371 zperror2(zeptr->zname, gettext("could not get zone flags"));
1271 1372 exit(Z_ERR);
1272 1373 }
1273 1374 if (flags & ZF_NET_EXCL)
1274 1375 zeptr->ziptype = ZS_EXCLUSIVE;
1275 1376 else
1276 1377 zeptr->ziptype = ZS_SHARED;
1277 1378 }
1278 1379
1279 1380 static int
1280 1381 list_func(int argc, char *argv[])
1281 1382 {
1282 1383 zone_entry_t *zentp, zent;
1283 1384 int arg, retv;
1284 1385 boolean_t output = B_FALSE, verbose = B_FALSE, parsable = B_FALSE;
1285 1386 zone_state_t min_state = ZONE_STATE_RUNNING;
1286 1387 zoneid_t zone_id = getzoneid();
1287 1388
1288 1389 if (target_zone == NULL) {
1289 1390 /* all zones: default view to running but allow override */
1290 1391 optind = 0;
1291 1392 while ((arg = getopt(argc, argv, "?cipv")) != EOF) {
1292 1393 switch (arg) {
1293 1394 case '?':
1294 1395 sub_usage(SHELP_LIST, CMD_LIST);
1295 1396 return (optopt == '?' ? Z_OK : Z_USAGE);
1296 1397 /*
1297 1398 * The 'i' and 'c' options are not mutually
1298 1399 * exclusive so if 'c' is given, then min_state
1299 1400 * is set to 0 (ZONE_STATE_CONFIGURED) which is
1300 1401 * the lowest possible state. If 'i' is given,
1301 1402 * then min_state is set to be the lowest state
1302 1403 * so far.
1303 1404 */
1304 1405 case 'c':
1305 1406 min_state = ZONE_STATE_CONFIGURED;
1306 1407 break;
1307 1408 case 'i':
1308 1409 min_state = min(ZONE_STATE_INSTALLED,
1309 1410 min_state);
1310 1411
1311 1412 break;
1312 1413 case 'p':
1313 1414 parsable = B_TRUE;
1314 1415 break;
1315 1416 case 'v':
1316 1417 verbose = B_TRUE;
1317 1418 break;
1318 1419 default:
1319 1420 sub_usage(SHELP_LIST, CMD_LIST);
1320 1421 return (Z_USAGE);
1321 1422 }
1322 1423 }
1323 1424 if (parsable && verbose) {
1324 1425 zerror(gettext("%s -p and -v are mutually exclusive."),
1325 1426 cmd_to_str(CMD_LIST));
1326 1427 return (Z_ERR);
1327 1428 }
1328 1429 if (zone_id == GLOBAL_ZONEID || is_system_labeled()) {
1329 1430 retv = zone_print_list(min_state, verbose, parsable);
1330 1431 } else {
1331 1432 fake_up_local_zone(zone_id, &zent);
1332 1433 retv = Z_OK;
1333 1434 zone_print(&zent, verbose, parsable);
1334 1435 }
1335 1436 return (retv);
1336 1437 }
1337 1438
1338 1439 /*
1339 1440 * Specific target zone: disallow -i/-c suboptions.
1340 1441 */
1341 1442 optind = 0;
1342 1443 while ((arg = getopt(argc, argv, "?pv")) != EOF) {
1343 1444 switch (arg) {
1344 1445 case '?':
1345 1446 sub_usage(SHELP_LIST, CMD_LIST);
1346 1447 return (optopt == '?' ? Z_OK : Z_USAGE);
1347 1448 case 'p':
1348 1449 parsable = B_TRUE;
1349 1450 break;
1350 1451 case 'v':
1351 1452 verbose = B_TRUE;
1352 1453 break;
1353 1454 default:
1354 1455 sub_usage(SHELP_LIST, CMD_LIST);
1355 1456 return (Z_USAGE);
1356 1457 }
1357 1458 }
1358 1459 if (parsable && verbose) {
1359 1460 zerror(gettext("%s -p and -v are mutually exclusive."),
1360 1461 cmd_to_str(CMD_LIST));
1361 1462 return (Z_ERR);
1362 1463 }
1363 1464 if (argc > optind) {
1364 1465 sub_usage(SHELP_LIST, CMD_LIST);
1365 1466 return (Z_USAGE);
1366 1467 }
1367 1468 if (zone_id != GLOBAL_ZONEID && !is_system_labeled()) {
1368 1469 fake_up_local_zone(zone_id, &zent);
1369 1470 /*
1370 1471 * main() will issue a Z_NO_ZONE error if it cannot get an
1371 1472 * id for target_zone, which in a non-global zone should
1372 1473 * happen for any zone name except `zonename`. Thus we
1373 1474 * assert() that here but don't otherwise check.
1374 1475 */
1375 1476 assert(strcmp(zent.zname, target_zone) == 0);
1376 1477 zone_print(&zent, verbose, parsable);
1377 1478 output = B_TRUE;
1378 1479 } else if ((zentp = lookup_running_zone(target_zone)) != NULL) {
1379 1480 zone_print(zentp, verbose, parsable);
1380 1481 output = B_TRUE;
1381 1482 } else if (lookup_zone_info(target_zone, ZONE_ID_UNDEFINED,
1382 1483 &zent) == Z_OK) {
1383 1484 zone_print(&zent, verbose, parsable);
1384 1485 output = B_TRUE;
1385 1486 }
1386 1487
1387 1488 /*
1388 1489 * Invoke brand-specific handler. Note that we do this
1389 1490 * only if we're in the global zone, and target_zone is specified
1390 1491 * and it is not the global zone.
1391 1492 */
1392 1493 if (zone_id == GLOBAL_ZONEID && target_zone != NULL &&
1393 1494 strcmp(target_zone, GLOBAL_ZONENAME) != 0)
1394 1495 if (invoke_brand_handler(CMD_LIST, argv) != Z_OK)
1395 1496 return (Z_ERR);
1396 1497
1397 1498 return (output ? Z_OK : Z_ERR);
1398 1499 }
1399 1500
1400 1501 int
1401 1502 do_subproc(char *cmdbuf)
1402 1503 {
1403 1504 void (*saveint)(int);
1404 1505 void (*saveterm)(int);
1405 1506 void (*savequit)(int);
1406 1507 void (*savehup)(int);
1407 1508 int pid, child, status;
1408 1509
1409 1510 if ((child = vfork()) == 0) {
1410 1511 (void) execl("/bin/sh", "sh", "-c", cmdbuf, (char *)NULL);
1411 1512 }
1412 1513
1413 1514 if (child == -1)
1414 1515 return (-1);
1415 1516
1416 1517 saveint = sigset(SIGINT, SIG_IGN);
1417 1518 saveterm = sigset(SIGTERM, SIG_IGN);
1418 1519 savequit = sigset(SIGQUIT, SIG_IGN);
1419 1520 savehup = sigset(SIGHUP, SIG_IGN);
1420 1521
1421 1522 while ((pid = waitpid(child, &status, 0)) != child && pid != -1)
1422 1523 ;
1423 1524
1424 1525 (void) sigset(SIGINT, saveint);
1425 1526 (void) sigset(SIGTERM, saveterm);
1426 1527 (void) sigset(SIGQUIT, savequit);
1427 1528 (void) sigset(SIGHUP, savehup);
1428 1529
1429 1530 return (pid == -1 ? -1 : status);
1430 1531 }
1431 1532
1432 1533 int
1433 1534 subproc_status(const char *cmd, int status, boolean_t verbose_failure)
1434 1535 {
1435 1536 if (WIFEXITED(status)) {
1436 1537 int exit_code = WEXITSTATUS(status);
1437 1538
1438 1539 if ((verbose_failure) && (exit_code != ZONE_SUBPROC_OK))
1439 1540 zerror(gettext("'%s' failed with exit code %d."), cmd,
1440 1541 exit_code);
1441 1542
1442 1543 return (exit_code);
1443 1544 } else if (WIFSIGNALED(status)) {
1444 1545 int signal = WTERMSIG(status);
1445 1546 char sigstr[SIG2STR_MAX];
1446 1547
1447 1548 if (sig2str(signal, sigstr) == 0) {
1448 1549 zerror(gettext("'%s' terminated by signal SIG%s."), cmd,
1449 1550 sigstr);
1450 1551 } else {
1451 1552 zerror(gettext("'%s' terminated by an unknown signal."),
1452 1553 cmd);
1453 1554 }
1454 1555 } else {
1455 1556 zerror(gettext("'%s' failed for unknown reasons."), cmd);
1456 1557 }
1457 1558
1458 1559 /*
1459 1560 * Assume a subprocess that died due to a signal or an unknown error
1460 1561 * should be considered an exit code of ZONE_SUBPROC_FATAL, as the
1461 1562 * user will likely need to do some manual cleanup.
1462 1563 */
1463 1564 return (ZONE_SUBPROC_FATAL);
1464 1565 }
1465 1566
1466 1567 static int
1467 1568 auth_check(char *user, char *zone, int cmd_num)
1468 1569 {
1469 1570 char authname[MAXAUTHS];
1470 1571
1471 1572 switch (cmd_num) {
1472 1573 case CMD_LIST:
1473 1574 case CMD_HELP:
1474 1575 return (Z_OK);
1475 1576 case SOURCE_ZONE:
1476 1577 (void) strlcpy(authname, ZONE_CLONEFROM_AUTH, MAXAUTHS);
1477 1578 break;
1478 1579 case CMD_BOOT:
1479 1580 case CMD_HALT:
1480 1581 case CMD_READY:
1481 1582 case CMD_SHUTDOWN:
1482 1583 case CMD_REBOOT:
1483 1584 case CMD_SYSBOOT:
1484 1585 case CMD_VERIFY:
1485 1586 case CMD_INSTALL:
1486 1587 case CMD_UNINSTALL:
1487 1588 case CMD_MOUNT:
1488 1589 case CMD_UNMOUNT:
1489 1590 case CMD_CLONE:
1490 1591 case CMD_MOVE:
1491 1592 case CMD_DETACH:
1492 1593 case CMD_ATTACH:
1493 1594 case CMD_MARK:
1494 1595 case CMD_APPLY:
1495 1596 default:
1496 1597 (void) strlcpy(authname, ZONE_MANAGE_AUTH, MAXAUTHS);
1497 1598 break;
1498 1599 }
1499 1600 (void) strlcat(authname, KV_OBJECT, MAXAUTHS);
1500 1601 (void) strlcat(authname, zone, MAXAUTHS);
1501 1602 if (chkauthattr(authname, user) == 0) {
1502 1603 return (Z_ERR);
1503 1604 } else {
1504 1605 /*
1505 1606 * Some subcommands, e.g. install, run subcommands,
1506 1607 * e.g. sysidcfg, that require a real uid of root,
1507 1608 * so switch to root, here.
1508 1609 */
1509 1610 if (setuid(0) == -1) {
1510 1611 zperror(gettext("insufficient privilege"), B_TRUE);
1511 1612 return (Z_ERR);
1512 1613 }
1513 1614 return (Z_OK);
1514 1615 }
1515 1616 }
1516 1617
1517 1618 /*
1518 1619 * Various sanity checks; make sure:
|
↓ open down ↓ |
289 lines elided |
↑ open up ↑ |
1519 1620 * 1. We're in the global zone.
1520 1621 * 2. The calling user has sufficient privilege.
1521 1622 * 3. The target zone is neither the global zone nor anything starting with
1522 1623 * "SUNW".
1523 1624 * 4a. If we're looking for a 'not running' (i.e., configured or installed)
1524 1625 * zone, the name service knows about it.
1525 1626 * 4b. For some operations which expect a zone not to be running, that it is
1526 1627 * not already running (or ready).
1527 1628 */
1528 1629 static int
1529 -sanity_check(char *zone, int cmd_num, boolean_t need_running,
1630 +sanity_check(char *zone, int cmd_num, boolean_t running,
1530 1631 boolean_t unsafe_when_running, boolean_t force)
1531 1632 {
1532 - boolean_t is_running = B_FALSE;
1633 + zone_entry_t *zent;
1533 1634 priv_set_t *privset;
1534 1635 zone_state_t state, min_state;
1535 1636 char kernzone[ZONENAME_MAX];
1536 1637 FILE *fp;
1537 1638
1538 1639 if (getzoneid() != GLOBAL_ZONEID) {
1539 1640 switch (cmd_num) {
1540 1641 case CMD_HALT:
1541 1642 zerror(gettext("use %s to %s this zone."), "halt(1M)",
1542 1643 cmd_to_str(cmd_num));
1543 1644 break;
1544 1645 case CMD_SHUTDOWN:
1545 1646 zerror(gettext("use %s to %s this zone."),
1546 1647 "shutdown(1M)", cmd_to_str(cmd_num));
1547 1648 break;
1548 1649 case CMD_REBOOT:
1549 1650 zerror(gettext("use %s to %s this zone."),
1550 1651 "reboot(1M)", cmd_to_str(cmd_num));
1551 1652 break;
1552 1653 default:
1553 1654 zerror(gettext("must be in the global zone to %s a "
1554 1655 "zone."), cmd_to_str(cmd_num));
1555 1656 break;
1556 1657 }
1557 1658 return (Z_ERR);
1558 1659 }
1559 1660
1560 1661 if ((privset = priv_allocset()) == NULL) {
1561 1662 zerror(gettext("%s failed"), "priv_allocset");
1562 1663 return (Z_ERR);
1563 1664 }
1564 1665
1565 1666 if (getppriv(PRIV_EFFECTIVE, privset) != 0) {
1566 1667 zerror(gettext("%s failed"), "getppriv");
1567 1668 priv_freeset(privset);
1568 1669 return (Z_ERR);
1569 1670 }
1570 1671
1571 1672 if (priv_isfullset(privset) == B_FALSE) {
1572 1673 zerror(gettext("only a privileged user may %s a zone."),
1573 1674 cmd_to_str(cmd_num));
1574 1675 priv_freeset(privset);
1575 1676 return (Z_ERR);
1576 1677 }
1577 1678 priv_freeset(privset);
1578 1679
1579 1680 if (zone == NULL) {
1580 1681 zerror(gettext("no zone specified"));
1581 1682 return (Z_ERR);
1582 1683 }
1583 1684
1584 1685 if (auth_check(username, zone, cmd_num) == Z_ERR) {
1585 1686 zerror(gettext("User %s is not authorized to %s this zone."),
1586 1687 username, cmd_to_str(cmd_num));
1587 1688 return (Z_ERR);
1588 1689 }
1589 1690
1590 1691 if (strcmp(zone, GLOBAL_ZONENAME) == 0) {
1591 1692 zerror(gettext("%s operation is invalid for the global zone."),
1592 1693 cmd_to_str(cmd_num));
|
↓ open down ↓ |
50 lines elided |
↑ open up ↑ |
1593 1694 return (Z_ERR);
1594 1695 }
1595 1696
1596 1697 if (strncmp(zone, "SUNW", 4) == 0) {
1597 1698 zerror(gettext("%s operation is invalid for zones starting "
1598 1699 "with SUNW."), cmd_to_str(cmd_num));
1599 1700 return (Z_ERR);
1600 1701 }
1601 1702
1602 1703 if (!zonecfg_in_alt_root()) {
1603 - /* Avoid the xml read overhead of lookup_running_zone */
1604 - if (getzoneidbyname(zone) != -1)
1605 - is_running = B_TRUE;
1606 -
1607 - } else if ((fp = zonecfg_open_scratch("", B_FALSE)) != NULL) {
1608 - if (zonecfg_find_scratch(fp, zone, zonecfg_get_root(), kernzone,
1609 - sizeof (kernzone)) == 0 && getzoneidbyname(kernzone) != -1)
1610 - is_running = B_TRUE;
1611 -
1704 + zent = lookup_running_zone(zone);
1705 + } else if ((fp = zonecfg_open_scratch("", B_FALSE)) == NULL) {
1706 + zent = NULL;
1707 + } else {
1708 + if (zonecfg_find_scratch(fp, zone, zonecfg_get_root(),
1709 + kernzone, sizeof (kernzone)) == 0)
1710 + zent = lookup_running_zone(kernzone);
1711 + else
1712 + zent = NULL;
1612 1713 zonecfg_close_scratch(fp);
1613 1714 }
1614 1715
1615 1716 /*
1616 1717 * Look up from the kernel for 'running' zones.
1617 1718 */
1618 - if (need_running && !force) {
1619 - if (!is_running) {
1719 + if (running && !force) {
1720 + if (zent == NULL) {
1620 1721 zerror(gettext("not running"));
1621 1722 return (Z_ERR);
1622 1723 }
1623 1724 } else {
1624 1725 int err;
1625 1726
1626 - err = zone_get_state(zone, &state);
1627 -
1628 - if (unsafe_when_running && is_running) {
1727 + if (unsafe_when_running && zent != NULL) {
1629 1728 /* check whether the zone is ready or running */
1630 - char *zstate_str;
1631 -
1632 - if (err != Z_OK) {
1729 + if ((err = zone_get_state(zent->zname,
1730 + &zent->zstate_num)) != Z_OK) {
1633 1731 errno = err;
1634 - zperror2(zone, gettext("could not get state"));
1732 + zperror2(zent->zname,
1733 + gettext("could not get state"));
1635 1734 /* can't tell, so hedge */
1636 - zstate_str = "ready/running";
1735 + zent->zstate_str = "ready/running";
1637 1736 } else {
1638 - zstate_str = zone_state_str(state);
1737 + zent->zstate_str =
1738 + zone_state_str(zent->zstate_num);
1639 1739 }
1640 1740 zerror(gettext("%s operation is invalid for %s zones."),
1641 - cmd_to_str(cmd_num), zstate_str);
1741 + cmd_to_str(cmd_num), zent->zstate_str);
1642 1742 return (Z_ERR);
1643 1743 }
1644 -
1645 - if (err != Z_OK) {
1744 + if ((err = zone_get_state(zone, &state)) != Z_OK) {
1646 1745 errno = err;
1647 1746 zperror2(zone, gettext("could not get state"));
1648 1747 return (Z_ERR);
1649 1748 }
1650 -
1651 1749 switch (cmd_num) {
1652 1750 case CMD_UNINSTALL:
1653 1751 if (state == ZONE_STATE_CONFIGURED) {
1654 1752 zerror(gettext("is already in state '%s'."),
1655 1753 zone_state_str(ZONE_STATE_CONFIGURED));
1656 1754 return (Z_ERR);
1657 1755 }
1658 1756 break;
1659 1757 case CMD_ATTACH:
1660 1758 if (state == ZONE_STATE_INSTALLED) {
1661 1759 zerror(gettext("is already %s."),
1662 1760 zone_state_str(ZONE_STATE_INSTALLED));
1663 1761 return (Z_ERR);
1664 1762 } else if (state == ZONE_STATE_INCOMPLETE && !force) {
1665 1763 zerror(gettext("zone is %s; %s required."),
1666 1764 zone_state_str(ZONE_STATE_INCOMPLETE),
1667 1765 cmd_to_str(CMD_UNINSTALL));
1668 1766 return (Z_ERR);
1669 1767 }
1670 1768 break;
1671 1769 case CMD_CLONE:
1672 1770 case CMD_INSTALL:
1673 1771 if (state == ZONE_STATE_INSTALLED) {
1674 1772 zerror(gettext("is already %s."),
1675 1773 zone_state_str(ZONE_STATE_INSTALLED));
1676 1774 return (Z_ERR);
1677 1775 } else if (state == ZONE_STATE_INCOMPLETE) {
1678 1776 zerror(gettext("zone is %s; %s required."),
1679 1777 zone_state_str(ZONE_STATE_INCOMPLETE),
1680 1778 cmd_to_str(CMD_UNINSTALL));
1681 1779 return (Z_ERR);
1682 1780 }
1683 1781 break;
1684 1782 case CMD_DETACH:
1685 1783 case CMD_MOVE:
1686 1784 case CMD_READY:
1687 1785 case CMD_BOOT:
1688 1786 case CMD_MOUNT:
1689 1787 case CMD_MARK:
1690 1788 if ((cmd_num == CMD_BOOT || cmd_num == CMD_MOUNT) &&
1691 1789 force)
1692 1790 min_state = ZONE_STATE_INCOMPLETE;
1693 1791 else if (cmd_num == CMD_MARK)
1694 1792 min_state = ZONE_STATE_CONFIGURED;
1695 1793 else
1696 1794 min_state = ZONE_STATE_INSTALLED;
1697 1795
1698 1796 if (state < min_state) {
1699 1797 zerror(gettext("must be %s before %s."),
1700 1798 zone_state_str(min_state),
1701 1799 cmd_to_str(cmd_num));
1702 1800 return (Z_ERR);
1703 1801 }
1704 1802 break;
1705 1803 case CMD_VERIFY:
1706 1804 if (state == ZONE_STATE_INCOMPLETE) {
1707 1805 zerror(gettext("zone is %s; %s required."),
1708 1806 zone_state_str(ZONE_STATE_INCOMPLETE),
1709 1807 cmd_to_str(CMD_UNINSTALL));
1710 1808 return (Z_ERR);
1711 1809 }
1712 1810 break;
1713 1811 case CMD_UNMOUNT:
1714 1812 if (state != ZONE_STATE_MOUNTED) {
1715 1813 zerror(gettext("must be %s before %s."),
1716 1814 zone_state_str(ZONE_STATE_MOUNTED),
1717 1815 cmd_to_str(cmd_num));
1718 1816 return (Z_ERR);
1719 1817 }
1720 1818 break;
1721 1819 case CMD_SYSBOOT:
1722 1820 if (state != ZONE_STATE_INSTALLED) {
1723 1821 zerror(gettext("%s operation is invalid for %s "
1724 1822 "zones."), cmd_to_str(cmd_num),
1725 1823 zone_state_str(state));
1726 1824 return (Z_ERR);
1727 1825 }
|
↓ open down ↓ |
67 lines elided |
↑ open up ↑ |
1728 1826 break;
1729 1827 }
1730 1828 }
1731 1829 return (Z_OK);
1732 1830 }
1733 1831
1734 1832 static int
1735 1833 halt_func(int argc, char *argv[])
1736 1834 {
1737 1835 zone_cmd_arg_t zarg;
1738 - boolean_t debug = B_FALSE;
1739 1836 int arg;
1740 1837
1741 1838 if (zonecfg_in_alt_root()) {
1742 1839 zerror(gettext("cannot halt zone in alternate root"));
1743 1840 return (Z_ERR);
1744 1841 }
1745 1842
1746 1843 optind = 0;
1747 - if ((arg = getopt(argc, argv, "?X")) != EOF) {
1844 + if ((arg = getopt(argc, argv, "?")) != EOF) {
1748 1845 switch (arg) {
1749 1846 case '?':
1750 1847 sub_usage(SHELP_HALT, CMD_HALT);
1751 1848 return (optopt == '?' ? Z_OK : Z_USAGE);
1752 - case 'X':
1753 - debug = B_TRUE;
1754 - break;
1755 1849 default:
1756 1850 sub_usage(SHELP_HALT, CMD_HALT);
1757 1851 return (Z_USAGE);
1758 1852 }
1759 1853 }
1760 1854 if (argc > optind) {
1761 1855 sub_usage(SHELP_HALT, CMD_HALT);
1762 1856 return (Z_USAGE);
1763 1857 }
1764 1858 /*
1765 1859 * zoneadmd should be the one to decide whether or not to proceed,
1766 1860 * so even though it seems that the fourth parameter below should
1767 1861 * perhaps be B_TRUE, it really shouldn't be.
1768 1862 */
1769 1863 if (sanity_check(target_zone, CMD_HALT, B_FALSE, B_FALSE, B_FALSE)
|
↓ open down ↓ |
5 lines elided |
↑ open up ↑ |
1770 1864 != Z_OK)
1771 1865 return (Z_ERR);
1772 1866
1773 1867 /*
1774 1868 * Invoke brand-specific handler.
1775 1869 */
1776 1870 if (invoke_brand_handler(CMD_HALT, argv) != Z_OK)
1777 1871 return (Z_ERR);
1778 1872
1779 1873 zarg.cmd = Z_HALT;
1780 - zarg.debug = debug;
1781 1874 return ((zonecfg_call_zoneadmd(target_zone, &zarg, locale,
1782 1875 B_TRUE) == 0) ? Z_OK : Z_ERR);
1783 1876 }
1784 1877
1785 1878 static int
1786 1879 shutdown_func(int argc, char *argv[])
1787 1880 {
1788 1881 zone_cmd_arg_t zarg;
1789 1882 int arg;
1790 1883 boolean_t reboot = B_FALSE;
1791 1884
1792 1885 zarg.cmd = Z_SHUTDOWN;
1793 1886
1794 1887 if (zonecfg_in_alt_root()) {
1795 1888 zerror(gettext("cannot shut down zone in alternate root"));
1796 1889 return (Z_ERR);
1797 1890 }
1798 1891
1799 1892 optind = 0;
1800 1893 while ((arg = getopt(argc, argv, "?r")) != EOF) {
1801 1894 switch (arg) {
1802 1895 case '?':
1803 1896 sub_usage(SHELP_SHUTDOWN, CMD_SHUTDOWN);
1804 1897 return (optopt == '?' ? Z_OK : Z_USAGE);
1805 1898 case 'r':
1806 1899 reboot = B_TRUE;
1807 1900 break;
1808 1901 default:
1809 1902 sub_usage(SHELP_SHUTDOWN, CMD_SHUTDOWN);
1810 1903 return (Z_USAGE);
1811 1904 }
1812 1905 }
1813 1906
1814 1907 zarg.bootbuf[0] = '\0';
1815 1908 for (; optind < argc; optind++) {
1816 1909 if (strlcat(zarg.bootbuf, argv[optind],
1817 1910 sizeof (zarg.bootbuf)) >= sizeof (zarg.bootbuf)) {
1818 1911 zerror(gettext("Boot argument list too long"));
1819 1912 return (Z_ERR);
1820 1913 }
1821 1914 if (optind < argc - 1)
1822 1915 if (strlcat(zarg.bootbuf, " ", sizeof (zarg.bootbuf)) >=
1823 1916 sizeof (zarg.bootbuf)) {
1824 1917 zerror(gettext("Boot argument list too long"));
1825 1918 return (Z_ERR);
1826 1919 }
1827 1920 }
1828 1921
1829 1922 /*
1830 1923 * zoneadmd should be the one to decide whether or not to proceed,
1831 1924 * so even though it seems that the third parameter below should
1832 1925 * perhaps be B_TRUE, it really shouldn't be.
1833 1926 */
1834 1927 if (sanity_check(target_zone, CMD_SHUTDOWN, B_TRUE, B_FALSE, B_FALSE)
1835 1928 != Z_OK)
1836 1929 return (Z_ERR);
1837 1930
1838 1931 if (zonecfg_call_zoneadmd(target_zone, &zarg, locale, B_TRUE) != Z_OK)
1839 1932 return (Z_ERR);
1840 1933
1841 1934 if (reboot) {
1842 1935 if (sanity_check(target_zone, CMD_BOOT, B_FALSE, B_FALSE,
1843 1936 B_FALSE) != Z_OK)
1844 1937 return (Z_ERR);
1845 1938
1846 1939 zarg.cmd = Z_BOOT;
1847 1940 if (zonecfg_call_zoneadmd(target_zone, &zarg, locale,
|
↓ open down ↓ |
57 lines elided |
↑ open up ↑ |
1848 1941 B_TRUE) != Z_OK)
1849 1942 return (Z_ERR);
1850 1943 }
1851 1944 return (Z_OK);
1852 1945 }
1853 1946
1854 1947 static int
1855 1948 reboot_func(int argc, char *argv[])
1856 1949 {
1857 1950 zone_cmd_arg_t zarg;
1858 - boolean_t debug = B_FALSE;
1859 1951 int arg;
1860 1952
1861 1953 if (zonecfg_in_alt_root()) {
1862 1954 zerror(gettext("cannot reboot zone in alternate root"));
1863 1955 return (Z_ERR);
1864 1956 }
1865 1957
1866 1958 optind = 0;
1867 - if ((arg = getopt(argc, argv, "?X")) != EOF) {
1959 + if ((arg = getopt(argc, argv, "?")) != EOF) {
1868 1960 switch (arg) {
1869 1961 case '?':
1870 1962 sub_usage(SHELP_REBOOT, CMD_REBOOT);
1871 1963 return (optopt == '?' ? Z_OK : Z_USAGE);
1872 - case 'X':
1873 - debug = B_TRUE;
1874 - break;
1875 1964 default:
1876 1965 sub_usage(SHELP_REBOOT, CMD_REBOOT);
1877 1966 return (Z_USAGE);
1878 1967 }
1879 1968 }
1880 1969
1881 1970 zarg.bootbuf[0] = '\0';
1882 1971 for (; optind < argc; optind++) {
1883 1972 if (strlcat(zarg.bootbuf, argv[optind],
1884 1973 sizeof (zarg.bootbuf)) >= sizeof (zarg.bootbuf)) {
1885 1974 zerror(gettext("Boot argument list too long"));
1886 1975 return (Z_ERR);
1887 1976 }
1888 1977 if (optind < argc - 1)
1889 1978 if (strlcat(zarg.bootbuf, " ", sizeof (zarg.bootbuf)) >=
1890 1979 sizeof (zarg.bootbuf)) {
1891 1980 zerror(gettext("Boot argument list too long"));
1892 1981 return (Z_ERR);
1893 1982 }
1894 1983 }
1895 1984
1896 1985
1897 1986 /*
1898 1987 * zoneadmd should be the one to decide whether or not to proceed,
|
↓ open down ↓ |
14 lines elided |
↑ open up ↑ |
1899 1988 * so even though it seems that the fourth parameter below should
1900 1989 * perhaps be B_TRUE, it really shouldn't be.
1901 1990 */
1902 1991 if (sanity_check(target_zone, CMD_REBOOT, B_TRUE, B_FALSE, B_FALSE)
1903 1992 != Z_OK)
1904 1993 return (Z_ERR);
1905 1994 if (verify_details(CMD_REBOOT, argv) != Z_OK)
1906 1995 return (Z_ERR);
1907 1996
1908 1997 zarg.cmd = Z_REBOOT;
1909 - zarg.debug = debug;
1910 1998 return ((zonecfg_call_zoneadmd(target_zone, &zarg, locale, B_TRUE) == 0)
1911 1999 ? Z_OK : Z_ERR);
1912 2000 }
1913 2001
1914 2002 static int
1915 2003 get_hook(brand_handle_t bh, char *cmd, size_t len, int (*bp)(brand_handle_t,
1916 2004 const char *, const char *, char *, size_t), char *zonename, char *zonepath)
1917 2005 {
1918 2006 if (strlcpy(cmd, EXEC_PREFIX, len) >= len)
1919 2007 return (Z_ERR);
1920 2008
1921 2009 if (bp(bh, zonename, zonepath, cmd + EXEC_LEN, len - EXEC_LEN) != 0)
1922 2010 return (Z_ERR);
1923 2011
1924 2012 if (strlen(cmd) <= EXEC_LEN)
1925 2013 cmd[0] = '\0';
1926 2014
1927 2015 return (Z_OK);
1928 2016 }
1929 2017
1930 2018 static int
1931 2019 verify_brand(zone_dochandle_t handle, int cmd_num, char *argv[])
1932 2020 {
1933 2021 char cmdbuf[MAXPATHLEN];
1934 2022 int err;
1935 2023 char zonepath[MAXPATHLEN];
1936 2024 brand_handle_t bh = NULL;
1937 2025 int status, i;
1938 2026
1939 2027 /*
1940 2028 * Fetch the verify command from the brand configuration.
1941 2029 * "exec" the command so that the returned status is that of
1942 2030 * the command and not the shell.
1943 2031 */
1944 2032 if (handle == NULL) {
1945 2033 (void) strlcpy(zonepath, "-", sizeof (zonepath));
1946 2034 } else if ((err = zonecfg_get_zonepath(handle, zonepath,
1947 2035 sizeof (zonepath))) != Z_OK) {
1948 2036 errno = err;
1949 2037 zperror(cmd_to_str(cmd_num), B_TRUE);
1950 2038 return (Z_ERR);
1951 2039 }
1952 2040 if ((bh = brand_open(target_brand)) == NULL) {
1953 2041 zerror(gettext("missing or invalid brand"));
1954 2042 return (Z_ERR);
1955 2043 }
1956 2044
1957 2045 /*
1958 2046 * If the brand has its own verification routine, execute it now.
1959 2047 * The verification routine validates the intended zoneadm
1960 2048 * operation for the specific brand. The zoneadm subcommand and
1961 2049 * all its arguments are passed to the routine.
1962 2050 */
1963 2051 err = get_hook(bh, cmdbuf, sizeof (cmdbuf), brand_get_verify_adm,
1964 2052 target_zone, zonepath);
1965 2053 brand_close(bh);
1966 2054 if (err != Z_OK)
1967 2055 return (Z_BRAND_ERROR);
1968 2056 if (cmdbuf[0] == '\0')
1969 2057 return (Z_OK);
1970 2058
1971 2059 if (strlcat(cmdbuf, cmd_to_str(cmd_num),
1972 2060 sizeof (cmdbuf)) >= sizeof (cmdbuf))
1973 2061 return (Z_ERR);
1974 2062
1975 2063 /* Build the argv string */
1976 2064 i = 0;
1977 2065 while (argv[i] != NULL) {
1978 2066 if ((strlcat(cmdbuf, " ",
1979 2067 sizeof (cmdbuf)) >= sizeof (cmdbuf)) ||
1980 2068 (strlcat(cmdbuf, argv[i++],
1981 2069 sizeof (cmdbuf)) >= sizeof (cmdbuf)))
1982 2070 return (Z_ERR);
1983 2071 }
1984 2072
1985 2073 status = do_subproc(cmdbuf);
1986 2074 err = subproc_status(gettext("brand-specific verification"),
1987 2075 status, B_FALSE);
1988 2076
1989 2077 return ((err == ZONE_SUBPROC_OK) ? Z_OK : Z_BRAND_ERROR);
1990 2078 }
1991 2079
1992 2080 static int
1993 2081 verify_rctls(zone_dochandle_t handle)
1994 2082 {
1995 2083 struct zone_rctltab rctltab;
1996 2084 size_t rbs = rctlblk_size();
1997 2085 rctlblk_t *rctlblk;
1998 2086 int error = Z_INVAL;
1999 2087
2000 2088 if ((rctlblk = malloc(rbs)) == NULL) {
2001 2089 zerror(gettext("failed to allocate %lu bytes: %s"), rbs,
2002 2090 strerror(errno));
2003 2091 return (Z_NOMEM);
2004 2092 }
2005 2093
2006 2094 if (zonecfg_setrctlent(handle) != Z_OK) {
2007 2095 zerror(gettext("zonecfg_setrctlent failed"));
2008 2096 free(rctlblk);
2009 2097 return (error);
2010 2098 }
2011 2099
2012 2100 rctltab.zone_rctl_valptr = NULL;
2013 2101 while (zonecfg_getrctlent(handle, &rctltab) == Z_OK) {
2014 2102 struct zone_rctlvaltab *rctlval;
2015 2103 const char *name = rctltab.zone_rctl_name;
2016 2104
2017 2105 if (!zonecfg_is_rctl(name)) {
2018 2106 zerror(gettext("WARNING: Ignoring unrecognized rctl "
2019 2107 "'%s'."), name);
2020 2108 zonecfg_free_rctl_value_list(rctltab.zone_rctl_valptr);
2021 2109 rctltab.zone_rctl_valptr = NULL;
2022 2110 continue;
2023 2111 }
2024 2112
2025 2113 for (rctlval = rctltab.zone_rctl_valptr; rctlval != NULL;
2026 2114 rctlval = rctlval->zone_rctlval_next) {
2027 2115 if (zonecfg_construct_rctlblk(rctlval, rctlblk)
2028 2116 != Z_OK) {
2029 2117 zerror(gettext("invalid rctl value: "
2030 2118 "(priv=%s,limit=%s,action%s)"),
2031 2119 rctlval->zone_rctlval_priv,
2032 2120 rctlval->zone_rctlval_limit,
2033 2121 rctlval->zone_rctlval_action);
2034 2122 goto out;
2035 2123 }
2036 2124 if (!zonecfg_valid_rctl(name, rctlblk)) {
2037 2125 zerror(gettext("(priv=%s,limit=%s,action=%s) "
2038 2126 "is not a valid value for rctl '%s'"),
2039 2127 rctlval->zone_rctlval_priv,
2040 2128 rctlval->zone_rctlval_limit,
2041 2129 rctlval->zone_rctlval_action,
2042 2130 name);
2043 2131 goto out;
2044 2132 }
2045 2133 }
2046 2134 zonecfg_free_rctl_value_list(rctltab.zone_rctl_valptr);
2047 2135 }
2048 2136 rctltab.zone_rctl_valptr = NULL;
2049 2137 error = Z_OK;
2050 2138 out:
2051 2139 zonecfg_free_rctl_value_list(rctltab.zone_rctl_valptr);
2052 2140 (void) zonecfg_endrctlent(handle);
2053 2141 free(rctlblk);
2054 2142 return (error);
2055 2143 }
2056 2144
2057 2145 static int
2058 2146 verify_pool(zone_dochandle_t handle)
2059 2147 {
2060 2148 char poolname[MAXPATHLEN];
2061 2149 pool_conf_t *poolconf;
2062 2150 pool_t *pool;
2063 2151 int status;
2064 2152 int error;
2065 2153
2066 2154 /*
2067 2155 * This ends up being very similar to the check done in zoneadmd.
2068 2156 */
2069 2157 error = zonecfg_get_pool(handle, poolname, sizeof (poolname));
2070 2158 if (error == Z_NO_ENTRY || (error == Z_OK && strlen(poolname) == 0)) {
2071 2159 /*
2072 2160 * No pool specified.
2073 2161 */
2074 2162 return (0);
2075 2163 }
2076 2164 if (error != Z_OK) {
2077 2165 zperror(gettext("Unable to retrieve pool name from "
2078 2166 "configuration"), B_TRUE);
2079 2167 return (error);
2080 2168 }
2081 2169 /*
2082 2170 * Don't do anything if pools aren't enabled.
2083 2171 */
2084 2172 if (pool_get_status(&status) != PO_SUCCESS || status != POOL_ENABLED) {
2085 2173 zerror(gettext("WARNING: pools facility not active; "
2086 2174 "zone will not be bound to pool '%s'."), poolname);
2087 2175 return (Z_OK);
2088 2176 }
2089 2177 /*
2090 2178 * Try to provide a sane error message if the requested pool doesn't
2091 2179 * exist. It isn't clear that pools-related failures should
2092 2180 * necessarily translate to a failure to verify the zone configuration,
2093 2181 * hence they are not considered errors.
2094 2182 */
2095 2183 if ((poolconf = pool_conf_alloc()) == NULL) {
2096 2184 zerror(gettext("WARNING: pool_conf_alloc failed; "
2097 2185 "using default pool"));
2098 2186 return (Z_OK);
2099 2187 }
2100 2188 if (pool_conf_open(poolconf, pool_dynamic_location(), PO_RDONLY) !=
2101 2189 PO_SUCCESS) {
2102 2190 zerror(gettext("WARNING: pool_conf_open failed; "
2103 2191 "using default pool"));
2104 2192 pool_conf_free(poolconf);
2105 2193 return (Z_OK);
2106 2194 }
2107 2195 pool = pool_get_pool(poolconf, poolname);
2108 2196 (void) pool_conf_close(poolconf);
2109 2197 pool_conf_free(poolconf);
2110 2198 if (pool == NULL) {
2111 2199 zerror(gettext("WARNING: pool '%s' not found. "
2112 2200 "using default pool"), poolname);
2113 2201 }
2114 2202
2115 2203 return (Z_OK);
2116 2204 }
2117 2205
2118 2206 /*
2119 2207 * Verify that the special device/file system exists and is valid.
2120 2208 */
2121 2209 static int
2122 2210 verify_fs_special(struct zone_fstab *fstab)
2123 2211 {
2124 2212 struct stat64 st;
2125 2213
2126 2214 /*
|
↓ open down ↓ |
207 lines elided |
↑ open up ↑ |
2127 2215 * This validation is really intended for standard zone administration.
2128 2216 * If we are in a mini-root or some other upgrade situation where
2129 2217 * we are using the scratch zone, just by-pass this.
2130 2218 */
2131 2219 if (zonecfg_in_alt_root())
2132 2220 return (Z_OK);
2133 2221
2134 2222 if (strcmp(fstab->zone_fs_type, MNTTYPE_ZFS) == 0)
2135 2223 return (verify_fs_zfs(fstab));
2136 2224
2137 - if (strcmp(fstab->zone_fs_type, MNTTYPE_HYPRLOFS) == 0 &&
2138 - strcmp(fstab->zone_fs_special, "swap") == 0)
2139 - return (Z_OK);
2140 -
2141 2225 if (stat64(fstab->zone_fs_special, &st) != 0) {
2142 2226 (void) fprintf(stderr, gettext("could not verify fs "
2143 2227 "%s: could not access %s: %s\n"), fstab->zone_fs_dir,
2144 2228 fstab->zone_fs_special, strerror(errno));
2145 2229 return (Z_ERR);
2146 2230 }
2147 2231
2148 2232 if (strcmp(st.st_fstype, MNTTYPE_NFS) == 0) {
2149 2233 /*
2150 2234 * TRANSLATION_NOTE
2151 2235 * fs and NFS are literals that should
2152 2236 * not be translated.
2153 2237 */
2154 2238 (void) fprintf(stderr, gettext("cannot verify "
2155 2239 "fs %s: NFS mounted file system.\n"
2156 2240 "\tA local file system must be used.\n"),
2157 2241 fstab->zone_fs_special);
2158 2242 return (Z_ERR);
2159 2243 }
2160 2244
2161 2245 return (Z_OK);
2162 2246 }
2163 2247
2164 2248 static int
2165 2249 isregfile(const char *path)
2166 2250 {
2167 2251 struct stat64 st;
2168 2252
2169 2253 if (stat64(path, &st) == -1)
2170 2254 return (-1);
2171 2255
2172 2256 return (S_ISREG(st.st_mode));
2173 2257 }
2174 2258
2175 2259 static int
2176 2260 verify_filesystems(zone_dochandle_t handle)
2177 2261 {
2178 2262 int return_code = Z_OK;
2179 2263 struct zone_fstab fstab;
2180 2264 char cmdbuf[MAXPATHLEN];
2181 2265 struct stat st;
2182 2266
2183 2267 /*
2184 2268 * Since the actual mount point is not known until the dependent mounts
2185 2269 * are performed, we don't attempt any path validation here: that will
2186 2270 * happen later when zoneadmd actually does the mounts.
2187 2271 */
2188 2272 if (zonecfg_setfsent(handle) != Z_OK) {
2189 2273 (void) fprintf(stderr, gettext("could not verify file systems: "
2190 2274 "unable to enumerate mounts\n"));
2191 2275 return (Z_ERR);
2192 2276 }
2193 2277 while (zonecfg_getfsent(handle, &fstab) == Z_OK) {
2194 2278 if (!zonecfg_valid_fs_type(fstab.zone_fs_type)) {
2195 2279 (void) fprintf(stderr, gettext("cannot verify fs %s: "
2196 2280 "type %s is not allowed.\n"), fstab.zone_fs_dir,
2197 2281 fstab.zone_fs_type);
2198 2282 return_code = Z_ERR;
2199 2283 goto next_fs;
2200 2284 }
2201 2285 /*
2202 2286 * Verify /usr/lib/fs/<fstype>/mount exists.
2203 2287 */
2204 2288 if (snprintf(cmdbuf, sizeof (cmdbuf), "/usr/lib/fs/%s/mount",
2205 2289 fstab.zone_fs_type) > sizeof (cmdbuf)) {
2206 2290 (void) fprintf(stderr, gettext("cannot verify fs %s: "
2207 2291 "type %s is too long.\n"), fstab.zone_fs_dir,
2208 2292 fstab.zone_fs_type);
2209 2293 return_code = Z_ERR;
2210 2294 goto next_fs;
2211 2295 }
2212 2296 if (stat(cmdbuf, &st) != 0) {
2213 2297 (void) fprintf(stderr, gettext("could not verify fs "
2214 2298 "%s: could not access %s: %s\n"), fstab.zone_fs_dir,
2215 2299 cmdbuf, strerror(errno));
2216 2300 return_code = Z_ERR;
2217 2301 goto next_fs;
2218 2302 }
2219 2303 if (!S_ISREG(st.st_mode)) {
2220 2304 (void) fprintf(stderr, gettext("could not verify fs "
2221 2305 "%s: %s is not a regular file\n"),
2222 2306 fstab.zone_fs_dir, cmdbuf);
2223 2307 return_code = Z_ERR;
2224 2308 goto next_fs;
2225 2309 }
2226 2310 /*
2227 2311 * If zone_fs_raw is set, verify that there's an fsck
2228 2312 * binary for it. If zone_fs_raw is not set, and it's
2229 2313 * not a regular file (lofi mount), and there's an fsck
2230 2314 * binary for it, complain.
2231 2315 */
2232 2316 if (snprintf(cmdbuf, sizeof (cmdbuf), "/usr/lib/fs/%s/fsck",
2233 2317 fstab.zone_fs_type) > sizeof (cmdbuf)) {
2234 2318 (void) fprintf(stderr, gettext("cannot verify fs %s: "
2235 2319 "type %s is too long.\n"), fstab.zone_fs_dir,
2236 2320 fstab.zone_fs_type);
2237 2321 return_code = Z_ERR;
2238 2322 goto next_fs;
2239 2323 }
2240 2324 if (fstab.zone_fs_raw[0] != '\0' &&
2241 2325 (stat(cmdbuf, &st) != 0 || !S_ISREG(st.st_mode))) {
2242 2326 (void) fprintf(stderr, gettext("cannot verify fs %s: "
2243 2327 "'raw' device specified but "
2244 2328 "no fsck executable exists for %s\n"),
2245 2329 fstab.zone_fs_dir, fstab.zone_fs_type);
2246 2330 return_code = Z_ERR;
2247 2331 goto next_fs;
2248 2332 } else if (fstab.zone_fs_raw[0] == '\0' &&
2249 2333 stat(cmdbuf, &st) == 0 &&
2250 2334 isregfile(fstab.zone_fs_special) != 1) {
2251 2335 (void) fprintf(stderr, gettext("could not verify fs "
2252 2336 "%s: must specify 'raw' device for %s "
2253 2337 "file systems\n"),
2254 2338 fstab.zone_fs_dir, fstab.zone_fs_type);
2255 2339 return_code = Z_ERR;
2256 2340 goto next_fs;
2257 2341 }
2258 2342
2259 2343 /* Verify fs_special. */
2260 2344 if ((return_code = verify_fs_special(&fstab)) != Z_OK)
2261 2345 goto next_fs;
2262 2346
2263 2347 /* Verify fs_raw. */
2264 2348 if (fstab.zone_fs_raw[0] != '\0' &&
2265 2349 stat(fstab.zone_fs_raw, &st) != 0) {
2266 2350 /*
2267 2351 * TRANSLATION_NOTE
2268 2352 * fs is a literal that should not be translated.
2269 2353 */
2270 2354 (void) fprintf(stderr, gettext("could not verify fs "
2271 2355 "%s: could not access %s: %s\n"), fstab.zone_fs_dir,
2272 2356 fstab.zone_fs_raw, strerror(errno));
2273 2357 return_code = Z_ERR;
2274 2358 goto next_fs;
2275 2359 }
2276 2360 next_fs:
2277 2361 zonecfg_free_fs_option_list(fstab.zone_fs_options);
2278 2362 }
2279 2363 (void) zonecfg_endfsent(handle);
2280 2364
2281 2365 return (return_code);
2282 2366 }
2283 2367
2284 2368 static int
2285 2369 verify_limitpriv(zone_dochandle_t handle)
2286 2370 {
2287 2371 char *privname = NULL;
2288 2372 int err;
2289 2373 priv_set_t *privs;
2290 2374
2291 2375 if ((privs = priv_allocset()) == NULL) {
2292 2376 zperror(gettext("failed to allocate privilege set"), B_FALSE);
2293 2377 return (Z_NOMEM);
2294 2378 }
2295 2379 err = zonecfg_get_privset(handle, privs, &privname);
2296 2380 switch (err) {
2297 2381 case Z_OK:
2298 2382 break;
2299 2383 case Z_PRIV_PROHIBITED:
2300 2384 (void) fprintf(stderr, gettext("privilege \"%s\" is not "
2301 2385 "permitted within the zone's privilege set\n"), privname);
2302 2386 break;
2303 2387 case Z_PRIV_REQUIRED:
2304 2388 (void) fprintf(stderr, gettext("required privilege \"%s\" is "
2305 2389 "missing from the zone's privilege set\n"), privname);
2306 2390 break;
2307 2391 case Z_PRIV_UNKNOWN:
2308 2392 (void) fprintf(stderr, gettext("unknown privilege \"%s\" "
2309 2393 "specified in the zone's privilege set\n"), privname);
2310 2394 break;
2311 2395 default:
2312 2396 zperror(
2313 2397 gettext("failed to determine the zone's privilege set"),
2314 2398 B_TRUE);
2315 2399 break;
2316 2400 }
2317 2401 free(privname);
2318 2402 priv_freeset(privs);
2319 2403 return (err);
2320 2404 }
2321 2405
2322 2406 static void
2323 2407 free_local_netifs(int if_cnt, struct net_if **if_list)
2324 2408 {
2325 2409 int i;
2326 2410
2327 2411 for (i = 0; i < if_cnt; i++) {
2328 2412 free(if_list[i]->name);
2329 2413 free(if_list[i]);
2330 2414 }
2331 2415 free(if_list);
2332 2416 }
2333 2417
2334 2418 /*
2335 2419 * Get a list of the network interfaces, along with their address families,
2336 2420 * that are plumbed in the global zone. See if_tcp(7p) for a description
2337 2421 * of the ioctls used here.
2338 2422 */
2339 2423 static int
2340 2424 get_local_netifs(int *if_cnt, struct net_if ***if_list)
2341 2425 {
2342 2426 int s;
2343 2427 int i;
2344 2428 int res = Z_OK;
2345 2429 int space_needed;
2346 2430 int cnt = 0;
2347 2431 struct lifnum if_num;
2348 2432 struct lifconf if_conf;
2349 2433 struct lifreq *if_reqp;
2350 2434 char *if_buf;
2351 2435 struct net_if **local_ifs = NULL;
2352 2436
2353 2437 *if_cnt = 0;
2354 2438 *if_list = NULL;
2355 2439
2356 2440 if ((s = socket(SOCKET_AF(AF_INET), SOCK_DGRAM, 0)) < 0)
2357 2441 return (Z_ERR);
2358 2442
2359 2443 /*
2360 2444 * Come back here in the unlikely event that the number of interfaces
2361 2445 * increases between the time we get the count and the time we do the
2362 2446 * SIOCGLIFCONF ioctl.
2363 2447 */
2364 2448 retry:
2365 2449 /* Get the number of interfaces. */
2366 2450 if_num.lifn_family = AF_UNSPEC;
2367 2451 if_num.lifn_flags = LIFC_NOXMIT;
2368 2452 if (ioctl(s, SIOCGLIFNUM, &if_num) < 0) {
2369 2453 (void) close(s);
2370 2454 return (Z_ERR);
2371 2455 }
2372 2456
2373 2457 /* Get the interface configuration list. */
2374 2458 space_needed = if_num.lifn_count * sizeof (struct lifreq);
2375 2459 if ((if_buf = malloc(space_needed)) == NULL) {
2376 2460 (void) close(s);
2377 2461 return (Z_ERR);
2378 2462 }
2379 2463 if_conf.lifc_family = AF_UNSPEC;
2380 2464 if_conf.lifc_flags = LIFC_NOXMIT;
2381 2465 if_conf.lifc_len = space_needed;
2382 2466 if_conf.lifc_buf = if_buf;
2383 2467 if (ioctl(s, SIOCGLIFCONF, &if_conf) < 0) {
2384 2468 free(if_buf);
2385 2469 /*
2386 2470 * SIOCGLIFCONF returns EINVAL if the buffer we passed in is
2387 2471 * too small. In this case go back and get the new if cnt.
2388 2472 */
2389 2473 if (errno == EINVAL)
2390 2474 goto retry;
2391 2475
2392 2476 (void) close(s);
2393 2477 return (Z_ERR);
2394 2478 }
2395 2479 (void) close(s);
2396 2480
2397 2481 /* Get the name and address family for each interface. */
2398 2482 if_reqp = if_conf.lifc_req;
2399 2483 for (i = 0; i < (if_conf.lifc_len / sizeof (struct lifreq)); i++) {
2400 2484 struct net_if **p;
2401 2485 struct lifreq req;
2402 2486
2403 2487 if (strcmp(LOOPBACK_IF, if_reqp->lifr_name) == 0) {
2404 2488 if_reqp++;
2405 2489 continue;
2406 2490 }
2407 2491
2408 2492 if ((s = socket(SOCKET_AF(if_reqp->lifr_addr.ss_family),
2409 2493 SOCK_DGRAM, 0)) == -1) {
2410 2494 res = Z_ERR;
2411 2495 break;
2412 2496 }
2413 2497
2414 2498 (void) strncpy(req.lifr_name, if_reqp->lifr_name,
2415 2499 sizeof (req.lifr_name));
2416 2500 if (ioctl(s, SIOCGLIFADDR, &req) < 0) {
2417 2501 (void) close(s);
2418 2502 if_reqp++;
2419 2503 continue;
2420 2504 }
2421 2505
2422 2506 if ((p = (struct net_if **)realloc(local_ifs,
2423 2507 sizeof (struct net_if *) * (cnt + 1))) == NULL) {
2424 2508 res = Z_ERR;
2425 2509 break;
2426 2510 }
2427 2511 local_ifs = p;
2428 2512
2429 2513 if ((local_ifs[cnt] = malloc(sizeof (struct net_if))) == NULL) {
2430 2514 res = Z_ERR;
2431 2515 break;
2432 2516 }
2433 2517
2434 2518 if ((local_ifs[cnt]->name = strdup(if_reqp->lifr_name))
2435 2519 == NULL) {
2436 2520 free(local_ifs[cnt]);
2437 2521 res = Z_ERR;
2438 2522 break;
2439 2523 }
2440 2524 local_ifs[cnt]->af = req.lifr_addr.ss_family;
2441 2525 cnt++;
2442 2526
2443 2527 (void) close(s);
2444 2528 if_reqp++;
2445 2529 }
2446 2530
2447 2531 free(if_buf);
2448 2532
2449 2533 if (res != Z_OK) {
2450 2534 free_local_netifs(cnt, local_ifs);
2451 2535 } else {
2452 2536 *if_cnt = cnt;
2453 2537 *if_list = local_ifs;
2454 2538 }
2455 2539
2456 2540 return (res);
2457 2541 }
2458 2542
2459 2543 static char *
2460 2544 af2str(int af)
2461 2545 {
2462 2546 switch (af) {
2463 2547 case AF_INET:
2464 2548 return ("IPv4");
2465 2549 case AF_INET6:
2466 2550 return ("IPv6");
2467 2551 default:
2468 2552 return ("Unknown");
2469 2553 }
2470 2554 }
2471 2555
2472 2556 /*
2473 2557 * Cross check the network interface name and address family with the
2474 2558 * interfaces that are set up in the global zone so that we can print the
2475 2559 * appropriate error message.
2476 2560 */
2477 2561 static void
2478 2562 print_net_err(char *phys, char *addr, int af, char *msg)
2479 2563 {
2480 2564 int i;
2481 2565 int local_if_cnt = 0;
2482 2566 struct net_if **local_ifs = NULL;
2483 2567 boolean_t found_if = B_FALSE;
2484 2568 boolean_t found_af = B_FALSE;
2485 2569
2486 2570 if (get_local_netifs(&local_if_cnt, &local_ifs) != Z_OK) {
2487 2571 (void) fprintf(stderr,
2488 2572 gettext("could not verify %s %s=%s %s=%s\n\t%s\n"),
2489 2573 "net", "address", addr, "physical", phys, msg);
2490 2574 return;
2491 2575 }
2492 2576
2493 2577 for (i = 0; i < local_if_cnt; i++) {
2494 2578 if (strcmp(phys, local_ifs[i]->name) == 0) {
2495 2579 found_if = B_TRUE;
2496 2580 if (af == local_ifs[i]->af) {
2497 2581 found_af = B_TRUE;
2498 2582 break;
2499 2583 }
2500 2584 }
2501 2585 }
2502 2586
2503 2587 free_local_netifs(local_if_cnt, local_ifs);
2504 2588
2505 2589 if (!found_if) {
2506 2590 (void) fprintf(stderr,
2507 2591 gettext("could not verify %s %s=%s\n\t"
2508 2592 "network interface %s is not plumbed in the global zone\n"),
2509 2593 "net", "physical", phys, phys);
2510 2594 return;
2511 2595 }
2512 2596
2513 2597 /*
2514 2598 * Print this error if we were unable to find the address family
2515 2599 * for this interface. If the af variable is not initialized to
2516 2600 * to something meaningful by the caller (not AF_UNSPEC) then we
2517 2601 * also skip this message since it wouldn't be informative.
2518 2602 */
2519 2603 if (!found_af && af != AF_UNSPEC) {
2520 2604 (void) fprintf(stderr,
2521 2605 gettext("could not verify %s %s=%s %s=%s\n\tthe %s address "
2522 2606 "family is not configured on this network interface in "
2523 2607 "the\n\tglobal zone\n"),
2524 2608 "net", "address", addr, "physical", phys, af2str(af));
2525 2609 return;
2526 2610 }
2527 2611
2528 2612 (void) fprintf(stderr,
2529 2613 gettext("could not verify %s %s=%s %s=%s\n\t%s\n"),
2530 2614 "net", "address", addr, "physical", phys, msg);
2531 2615 }
2532 2616
2533 2617 static int
|
↓ open down ↓ |
383 lines elided |
↑ open up ↑ |
2534 2618 verify_handle(int cmd_num, zone_dochandle_t handle, char *argv[])
2535 2619 {
2536 2620 struct zone_nwiftab nwiftab;
2537 2621 int return_code = Z_OK;
2538 2622 int err;
2539 2623 boolean_t in_alt_root;
2540 2624 zone_iptype_t iptype;
2541 2625 dladm_handle_t dh;
2542 2626 dladm_status_t status;
2543 2627 datalink_id_t linkid;
2628 + char errmsg[DLADM_STRSIZE];
2544 2629
2545 2630 in_alt_root = zonecfg_in_alt_root();
2546 2631 if (in_alt_root)
2547 2632 goto no_net;
2548 2633
2549 2634 if ((err = zonecfg_get_iptype(handle, &iptype)) != Z_OK) {
2550 2635 errno = err;
2551 2636 zperror(cmd_to_str(cmd_num), B_TRUE);
2552 2637 zonecfg_fini_handle(handle);
2553 2638 return (Z_ERR);
2554 2639 }
2555 2640 if ((err = zonecfg_setnwifent(handle)) != Z_OK) {
2556 2641 errno = err;
2557 2642 zperror(cmd_to_str(cmd_num), B_TRUE);
2558 2643 zonecfg_fini_handle(handle);
2559 2644 return (Z_ERR);
2560 2645 }
2561 2646 while (zonecfg_getnwifent(handle, &nwiftab) == Z_OK) {
2562 2647 struct lifreq lifr;
2563 2648 sa_family_t af = AF_UNSPEC;
2564 2649 char dl_owner_zname[ZONENAME_MAX];
2565 2650 zoneid_t dl_owner_zid;
2566 2651 zoneid_t target_zid;
2567 2652 int res;
2568 2653
2569 2654 /* skip any loopback interfaces */
2570 2655 if (strcmp(nwiftab.zone_nwif_physical, "lo0") == 0)
2571 2656 continue;
2572 2657 switch (iptype) {
2573 2658 case ZS_SHARED:
2574 2659 if ((res = zonecfg_valid_net_address(
2575 2660 nwiftab.zone_nwif_address, &lifr)) != Z_OK) {
2576 2661 print_net_err(nwiftab.zone_nwif_physical,
2577 2662 nwiftab.zone_nwif_address, af,
2578 2663 zonecfg_strerror(res));
2579 2664 return_code = Z_ERR;
2580 2665 continue;
2581 2666 }
2582 2667 af = lifr.lifr_addr.ss_family;
2583 2668 if (!zonecfg_ifname_exists(af,
2584 2669 nwiftab.zone_nwif_physical)) {
2585 2670 /*
2586 2671 * The interface failed to come up. We continue
2587 2672 * on anyway for the sake of consistency: a
2588 2673 * zone is not shut down if the interface fails
2589 2674 * any time after boot, nor does the global zone
2590 2675 * fail to boot if an interface fails.
2591 2676 */
2592 2677 (void) fprintf(stderr,
2593 2678 gettext("WARNING: skipping network "
2594 2679 "interface '%s' which may not be "
2595 2680 "present/plumbed in the global "
2596 2681 "zone.\n"),
2597 2682 nwiftab.zone_nwif_physical);
2598 2683 }
2599 2684 break;
2600 2685 case ZS_EXCLUSIVE:
2601 2686 /* Warning if it exists for either IPv4 or IPv6 */
2602 2687
2603 2688 if (zonecfg_ifname_exists(AF_INET,
2604 2689 nwiftab.zone_nwif_physical) ||
2605 2690 zonecfg_ifname_exists(AF_INET6,
2606 2691 nwiftab.zone_nwif_physical)) {
2607 2692 (void) fprintf(stderr,
2608 2693 gettext("WARNING: skipping network "
2609 2694 "interface '%s' which is used in the "
2610 2695 "global zone.\n"),
2611 2696 nwiftab.zone_nwif_physical);
2612 2697 break;
2613 2698 }
2614 2699
2615 2700 /*
|
↓ open down ↓ |
62 lines elided |
↑ open up ↑ |
2616 2701 * Verify that the datalink exists and that it isn't
2617 2702 * already assigned to a zone.
2618 2703 */
2619 2704 if ((status = dladm_open(&dh)) == DLADM_STATUS_OK) {
2620 2705 status = dladm_name2info(dh,
2621 2706 nwiftab.zone_nwif_physical, &linkid, NULL,
2622 2707 NULL, NULL);
2623 2708 dladm_close(dh);
2624 2709 }
2625 2710 if (status != DLADM_STATUS_OK) {
2711 + (void) fprintf(stderr,
2712 + gettext("WARNING: skipping network "
2713 + "interface '%s': %s\n"),
2714 + nwiftab.zone_nwif_physical,
2715 + dladm_status2str(status, errmsg));
2626 2716 break;
2627 2717 }
2628 2718 dl_owner_zid = ALL_ZONES;
2629 2719 if (zone_check_datalink(&dl_owner_zid, linkid) != 0)
2630 2720 break;
2631 2721
2632 2722 /*
2633 2723 * If the zone being verified is
2634 2724 * running and owns the interface
2635 2725 */
2636 2726 target_zid = getzoneidbyname(target_zone);
2637 2727 if (target_zid == dl_owner_zid)
2638 2728 break;
2639 2729
2640 2730 /* Zone id match failed, use name to check */
2641 2731 if (getzonenamebyid(dl_owner_zid, dl_owner_zname,
2642 2732 ZONENAME_MAX) < 0) {
2643 2733 /* No name, show ID instead */
2644 2734 (void) snprintf(dl_owner_zname, ZONENAME_MAX,
2645 2735 "<%d>", dl_owner_zid);
2646 2736 } else if (strcmp(dl_owner_zname, target_zone) == 0)
2647 2737 break;
2648 2738
2649 2739 /*
2650 2740 * Note here we only report a warning that
2651 2741 * the interface is already in use by another
2652 2742 * running zone, and the verify process just
2653 2743 * goes on, if the interface is still in use
2654 2744 * when this zone really boots up, zoneadmd
2655 2745 * will find it. If the name of the zone which
2656 2746 * owns this interface cannot be determined,
2657 2747 * then it is not possible to determine if there
2658 2748 * is a conflict so just report it as a warning.
2659 2749 */
2660 2750 (void) fprintf(stderr,
2661 2751 gettext("WARNING: skipping network interface "
2662 2752 "'%s' which is used by the non-global zone "
2663 2753 "'%s'.\n"), nwiftab.zone_nwif_physical,
2664 2754 dl_owner_zname);
2665 2755 break;
2666 2756 }
2667 2757 }
2668 2758 (void) zonecfg_endnwifent(handle);
2669 2759 no_net:
2670 2760
2671 2761 /* verify that lofs has not been excluded from the kernel */
2672 2762 if (!(cmd_num == CMD_DETACH || cmd_num == CMD_ATTACH ||
2673 2763 cmd_num == CMD_MOVE || cmd_num == CMD_CLONE) &&
2674 2764 modctl(MODLOAD, 1, "fs/lofs", NULL) != 0) {
2675 2765 if (errno == ENXIO)
2676 2766 (void) fprintf(stderr, gettext("could not verify "
2677 2767 "lofs(7FS): possibly excluded in /etc/system\n"));
2678 2768 else
2679 2769 (void) fprintf(stderr, gettext("could not verify "
2680 2770 "lofs(7FS): %s\n"), strerror(errno));
2681 2771 return_code = Z_ERR;
2682 2772 }
2683 2773
2684 2774 if (verify_filesystems(handle) != Z_OK)
2685 2775 return_code = Z_ERR;
2686 2776 if (!in_alt_root && verify_rctls(handle) != Z_OK)
2687 2777 return_code = Z_ERR;
2688 2778 if (!in_alt_root && verify_pool(handle) != Z_OK)
2689 2779 return_code = Z_ERR;
2690 2780 if (!in_alt_root && verify_brand(handle, cmd_num, argv) != Z_OK)
2691 2781 return_code = Z_ERR;
2692 2782 if (!in_alt_root && verify_datasets(handle) != Z_OK)
2693 2783 return_code = Z_ERR;
2694 2784
2695 2785 /*
2696 2786 * As the "mount" command is used for patching/upgrading of zones
2697 2787 * or other maintenance processes, the zone's privilege set is not
2698 2788 * checked in this case. Instead, the default, safe set of
2699 2789 * privileges will be used when this zone is created in the
2700 2790 * kernel.
2701 2791 */
2702 2792 if (!in_alt_root && cmd_num != CMD_MOUNT &&
2703 2793 verify_limitpriv(handle) != Z_OK)
2704 2794 return_code = Z_ERR;
2705 2795
2706 2796 return (return_code);
2707 2797 }
2708 2798
2709 2799 /*
2710 2800 * Called when readying or booting a zone. We double check that the zone's
2711 2801 * debug ID is set and is unique. This covers the case of pre-existing zones
2712 2802 * with no ID. Also, its possible that a zone was migrated to this host
|
↓ open down ↓ |
77 lines elided |
↑ open up ↑ |
2713 2803 * and as a result it has a duplicate ID. In this case we preserve the ID
2714 2804 * of the first zone we match on in the index file (since it was there before
2715 2805 * the current zone) and we assign a new unique ID to the current zone.
2716 2806 * Return true if we assigned a new ID, indicating that the zone configuration
2717 2807 * needs to be saved.
2718 2808 */
2719 2809 static boolean_t
2720 2810 verify_fix_did(zone_dochandle_t handle)
2721 2811 {
2722 2812 zoneid_t mydid;
2723 - struct zoneent *ze;
2813 + zone_entry_t zent;
2724 2814 FILE *cookie;
2815 + char *name;
2725 2816 boolean_t fix = B_FALSE;
2726 2817
2727 2818 mydid = zonecfg_get_did(handle);
2728 2819 if (mydid == -1) {
2729 2820 zonecfg_set_did(handle);
2730 2821 return (B_TRUE);
2731 2822 }
2732 2823
2733 2824 /* Get the full list of zones from the configuration. */
2734 2825 cookie = setzoneent();
2735 - while ((ze = getzoneent_private(cookie)) != NULL) {
2736 - char *name;
2737 - zoneid_t did;
2826 + while ((name = getzoneent(cookie)) != NULL) {
2827 + if (strcmp(target_zone, name) == 0) {
2828 + free(name);
2829 + break; /* Once we find our entry, stop. */
2830 + }
2738 2831
2739 - name = ze->zone_name;
2740 - if (strcmp(name, GLOBAL_ZONENAME) == 0 ||
2741 - strcmp(name, target_zone) == 0) {
2742 - free(ze);
2832 + if (strcmp(name, "global") == 0 ||
2833 + lookup_zone_info(name, ZONE_ID_UNDEFINED, &zent) != Z_OK) {
2834 + free(name);
2743 2835 continue;
2744 2836 }
2745 2837
2746 - if (ze->zone_brand[0] == '\0') {
2747 - /* old, incomplete index entry */
2748 - zone_entry_t zent;
2749 -
2750 - if (lookup_zone_info(name, ZONE_ID_UNDEFINED,
2751 - &zent) != Z_OK) {
2752 - free(ze);
2753 - continue;
2754 - }
2755 - did = zent.zdid;
2756 - } else {
2757 - /* new, full index entry */
2758 - did = ze->zone_did;
2759 - }
2760 - free(ze);
2761 -
2762 - if (did == mydid) {
2838 + free(name);
2839 + if (zent.zdid == mydid) {
2763 2840 fix = B_TRUE;
2764 2841 break;
2765 2842 }
2766 2843 }
2767 2844 endzoneent(cookie);
2768 2845
2769 2846 if (fix) {
2770 2847 zonecfg_set_did(handle);
2771 2848 return (B_TRUE);
2772 2849 }
2773 2850
2774 2851 return (B_FALSE);
2775 2852 }
2776 2853
2777 2854 static int
2778 2855 verify_details(int cmd_num, char *argv[])
2779 2856 {
2780 2857 zone_dochandle_t handle;
2781 2858 char zonepath[MAXPATHLEN], checkpath[MAXPATHLEN];
2782 2859 int return_code = Z_OK;
2783 2860 int err;
2784 2861
2785 2862 if ((handle = zonecfg_init_handle()) == NULL) {
2786 2863 zperror(cmd_to_str(cmd_num), B_TRUE);
2787 2864 return (Z_ERR);
2788 2865 }
2789 2866 if ((err = zonecfg_get_handle(target_zone, handle)) != Z_OK) {
2790 2867 errno = err;
2791 2868 zperror(cmd_to_str(cmd_num), B_TRUE);
2792 2869 zonecfg_fini_handle(handle);
2793 2870 return (Z_ERR);
2794 2871 }
2795 2872 if ((err = zonecfg_get_zonepath(handle, zonepath, sizeof (zonepath))) !=
2796 2873 Z_OK) {
2797 2874 errno = err;
2798 2875 zperror(cmd_to_str(cmd_num), B_TRUE);
2799 2876 zonecfg_fini_handle(handle);
2800 2877 return (Z_ERR);
2801 2878 }
2802 2879 /*
2803 2880 * zonecfg_get_zonepath() gets its data from the XML repository.
2804 2881 * Verify this against the index file, which is checked first by
2805 2882 * zone_get_zonepath(). If they don't match, bail out.
2806 2883 */
2807 2884 if ((err = zone_get_zonepath(target_zone, checkpath,
2808 2885 sizeof (checkpath))) != Z_OK) {
2809 2886 errno = err;
2810 2887 zperror2(target_zone, gettext("could not get zone path"));
2811 2888 zonecfg_fini_handle(handle);
2812 2889 return (Z_ERR);
2813 2890 }
2814 2891 if (strcmp(zonepath, checkpath) != 0) {
2815 2892 /*
2816 2893 * TRANSLATION_NOTE
2817 2894 * XML and zonepath are literals that should not be translated.
2818 2895 */
2819 2896 (void) fprintf(stderr, gettext("The XML repository has "
2820 2897 "zonepath '%s',\nbut the index file has zonepath '%s'.\n"
2821 2898 "These must match, so fix the incorrect entry.\n"),
2822 2899 zonepath, checkpath);
2823 2900 zonecfg_fini_handle(handle);
2824 2901 return (Z_ERR);
2825 2902 }
2826 2903 if (cmd_num != CMD_ATTACH &&
2827 2904 validate_zonepath(zonepath, cmd_num) != Z_OK) {
2828 2905 (void) fprintf(stderr, gettext("could not verify zonepath %s "
2829 2906 "because of the above errors.\n"), zonepath);
2830 2907 return_code = Z_ERR;
2831 2908 }
2832 2909
2833 2910 if (verify_handle(cmd_num, handle, argv) != Z_OK)
2834 2911 return_code = Z_ERR;
2835 2912
2836 2913 if (cmd_num == CMD_READY || cmd_num == CMD_BOOT) {
2837 2914 int vcommit = 0, obscommit = 0;
2838 2915
2839 2916 vcommit = verify_fix_did(handle);
2840 2917 obscommit = zonecfg_fix_obsolete(handle);
2841 2918
2842 2919 if (vcommit || obscommit)
2843 2920 if (zonecfg_save(handle) != Z_OK)
2844 2921 (void) fprintf(stderr, gettext("Could not save "
2845 2922 "updated configuration.\n"));
2846 2923 }
2847 2924
2848 2925 zonecfg_fini_handle(handle);
2849 2926 if (return_code == Z_ERR)
2850 2927 (void) fprintf(stderr,
2851 2928 gettext("%s: zone %s failed to verify\n"),
2852 2929 execname, target_zone);
2853 2930 return (return_code);
2854 2931 }
2855 2932
2856 2933 static int
2857 2934 verify_func(int argc, char *argv[])
2858 2935 {
2859 2936 int arg;
2860 2937
2861 2938 optind = 0;
2862 2939 if ((arg = getopt(argc, argv, "?")) != EOF) {
2863 2940 switch (arg) {
2864 2941 case '?':
2865 2942 sub_usage(SHELP_VERIFY, CMD_VERIFY);
2866 2943 return (optopt == '?' ? Z_OK : Z_USAGE);
2867 2944 default:
2868 2945 sub_usage(SHELP_VERIFY, CMD_VERIFY);
2869 2946 return (Z_USAGE);
2870 2947 }
2871 2948 }
2872 2949 if (argc > optind) {
2873 2950 sub_usage(SHELP_VERIFY, CMD_VERIFY);
2874 2951 return (Z_USAGE);
2875 2952 }
2876 2953 if (sanity_check(target_zone, CMD_VERIFY, B_FALSE, B_FALSE, B_FALSE)
2877 2954 != Z_OK)
2878 2955 return (Z_ERR);
2879 2956 return (verify_details(CMD_VERIFY, argv));
2880 2957 }
2881 2958
2882 2959 static int
2883 2960 addoptions(char *buf, char *argv[], size_t len)
2884 2961 {
2885 2962 int i = 0;
2886 2963
2887 2964 if (buf[0] == '\0')
2888 2965 return (Z_OK);
2889 2966
2890 2967 while (argv[i] != NULL) {
2891 2968 if (strlcat(buf, " ", len) >= len ||
2892 2969 strlcat(buf, argv[i++], len) >= len) {
2893 2970 zerror("Command line too long");
2894 2971 return (Z_ERR);
2895 2972 }
2896 2973 }
2897 2974
2898 2975 return (Z_OK);
2899 2976 }
2900 2977
2901 2978 static int
2902 2979 addopt(char *buf, int opt, char *optarg, size_t bufsize)
2903 2980 {
2904 2981 char optstring[4];
2905 2982
2906 2983 if (opt > 0)
2907 2984 (void) sprintf(optstring, " -%c", opt);
2908 2985 else
2909 2986 (void) strcpy(optstring, " ");
2910 2987
2911 2988 if ((strlcat(buf, optstring, bufsize) > bufsize))
2912 2989 return (Z_ERR);
2913 2990
2914 2991 if ((optarg != NULL) && (strlcat(buf, optarg, bufsize) > bufsize))
2915 2992 return (Z_ERR);
2916 2993
2917 2994 return (Z_OK);
2918 2995 }
2919 2996
2920 2997 /* ARGSUSED */
2921 2998 static int
2922 2999 install_func(int argc, char *argv[])
|
↓ open down ↓ |
150 lines elided |
↑ open up ↑ |
2923 3000 {
2924 3001 char cmdbuf[MAXPATHLEN];
2925 3002 char postcmdbuf[MAXPATHLEN];
2926 3003 int lockfd;
2927 3004 int arg, err, subproc_err;
2928 3005 char zonepath[MAXPATHLEN];
2929 3006 brand_handle_t bh = NULL;
2930 3007 int status;
2931 3008 boolean_t do_postinstall = B_FALSE;
2932 3009 boolean_t brand_help = B_FALSE;
2933 - boolean_t do_dataset = B_TRUE;
2934 3010 char opts[128];
2935 3011
2936 3012 if (target_zone == NULL) {
2937 3013 sub_usage(SHELP_INSTALL, CMD_INSTALL);
2938 3014 return (Z_USAGE);
2939 3015 }
2940 3016
2941 3017 if (zonecfg_in_alt_root()) {
2942 3018 zerror(gettext("cannot install zone in alternate root"));
2943 3019 return (Z_ERR);
2944 3020 }
2945 3021
2946 3022 if ((err = zone_get_zonepath(target_zone, zonepath,
2947 3023 sizeof (zonepath))) != Z_OK) {
2948 3024 errno = err;
2949 3025 zperror2(target_zone, gettext("could not get zone path"));
2950 3026 return (Z_ERR);
2951 3027 }
2952 3028
2953 3029 /* Fetch the install command from the brand configuration. */
2954 3030 if ((bh = brand_open(target_brand)) == NULL) {
2955 3031 zerror(gettext("missing or invalid brand"));
2956 3032 return (Z_ERR);
2957 3033 }
2958 3034
2959 3035 if (get_hook(bh, cmdbuf, sizeof (cmdbuf), brand_get_install,
2960 3036 target_zone, zonepath) != Z_OK) {
2961 3037 zerror("invalid brand configuration: missing install resource");
2962 3038 brand_close(bh);
2963 3039 return (Z_ERR);
2964 3040 }
2965 3041
2966 3042 if (get_hook(bh, postcmdbuf, sizeof (postcmdbuf), brand_get_postinstall,
2967 3043 target_zone, zonepath) != Z_OK) {
2968 3044 zerror("invalid brand configuration: missing postinstall "
2969 3045 "resource");
2970 3046 brand_close(bh);
2971 3047 return (Z_ERR);
2972 3048 }
2973 3049
2974 3050 if (postcmdbuf[0] != '\0')
2975 3051 do_postinstall = B_TRUE;
2976 3052
2977 3053 (void) strcpy(opts, "?x:");
2978 3054 /*
2979 3055 * Fetch the list of recognized command-line options from
2980 3056 * the brand configuration file.
2981 3057 */
2982 3058 if (brand_get_installopts(bh, opts + strlen(opts),
2983 3059 sizeof (opts) - strlen(opts)) != 0) {
2984 3060 zerror("invalid brand configuration: missing "
2985 3061 "install options resource");
2986 3062 brand_close(bh);
2987 3063 return (Z_ERR);
2988 3064 }
2989 3065
2990 3066 brand_close(bh);
2991 3067
2992 3068 if (cmdbuf[0] == '\0') {
2993 3069 zerror("Missing brand install command");
2994 3070 return (Z_ERR);
2995 3071 }
2996 3072
2997 3073 /* Check the argv string for args we handle internally */
2998 3074 optind = 0;
|
↓ open down ↓ |
55 lines elided |
↑ open up ↑ |
2999 3075 opterr = 0;
3000 3076 while ((arg = getopt(argc, argv, opts)) != EOF) {
3001 3077 switch (arg) {
3002 3078 case '?':
3003 3079 if (optopt == '?') {
3004 3080 sub_usage(SHELP_INSTALL, CMD_INSTALL);
3005 3081 brand_help = B_TRUE;
3006 3082 }
3007 3083 /* Ignore unknown options - may be brand specific. */
3008 3084 break;
3009 - case 'x':
3010 - if (strcmp(optarg, "nodataset") == 0) {
3011 - do_dataset = B_FALSE;
3012 - continue; /* internal arg, don't pass thru */
3013 - }
3014 - break;
3015 3085 default:
3016 3086 /* Ignore unknown options - may be brand specific. */
3017 3087 break;
3018 3088 }
3019 3089
3020 3090 /*
3021 3091 * Append the option to the command line passed to the
3022 3092 * brand-specific install and postinstall routines.
3023 3093 */
3024 3094 if (addopt(cmdbuf, optopt, optarg, sizeof (cmdbuf)) != Z_OK) {
3025 3095 zerror("Install command line too long");
3026 3096 return (Z_ERR);
3027 3097 }
3028 3098 if (addopt(postcmdbuf, optopt, optarg, sizeof (postcmdbuf))
3029 3099 != Z_OK) {
3030 3100 zerror("Post-Install command line too long");
3031 3101 return (Z_ERR);
3032 3102 }
3033 3103 }
3034 3104
3035 3105 for (; optind < argc; optind++) {
3036 3106 if (addopt(cmdbuf, 0, argv[optind], sizeof (cmdbuf)) != Z_OK) {
3037 3107 zerror("Install command line too long");
3038 3108 return (Z_ERR);
3039 3109 }
3040 3110
3041 3111 if (addopt(postcmdbuf, 0, argv[optind], sizeof (postcmdbuf))
3042 3112 != Z_OK) {
3043 3113 zerror("Post-Install command line too long");
3044 3114 return (Z_ERR);
3045 3115 }
3046 3116 }
3047 3117
3048 3118 if (!brand_help) {
3049 3119 if (sanity_check(target_zone, CMD_INSTALL, B_FALSE, B_TRUE,
3050 3120 B_FALSE) != Z_OK)
3051 3121 return (Z_ERR);
3052 3122 if (verify_details(CMD_INSTALL, argv) != Z_OK)
3053 3123 return (Z_ERR);
3054 3124
3055 3125 if (zonecfg_grab_lock_file(target_zone, &lockfd) != Z_OK) {
3056 3126 zerror(gettext("another %s may have an operation in "
|
↓ open down ↓ |
32 lines elided |
↑ open up ↑ |
3057 3127 "progress."), "zoneadm");
3058 3128 return (Z_ERR);
3059 3129 }
3060 3130 err = zone_set_state(target_zone, ZONE_STATE_INCOMPLETE);
3061 3131 if (err != Z_OK) {
3062 3132 errno = err;
3063 3133 zperror2(target_zone, gettext("could not set state"));
3064 3134 goto done;
3065 3135 }
3066 3136
3067 - if (do_dataset)
3068 - create_zfs_zonepath(zonepath);
3137 + create_zfs_zonepath(zonepath);
3069 3138 }
3070 3139
3071 3140 status = do_subproc(cmdbuf);
3072 3141 if ((subproc_err =
3073 3142 subproc_status(gettext("brand-specific installation"), status,
3074 3143 B_FALSE)) != ZONE_SUBPROC_OK) {
3075 3144 if (subproc_err == ZONE_SUBPROC_USAGE && !brand_help) {
3076 3145 sub_usage(SHELP_INSTALL, CMD_INSTALL);
3077 3146 zonecfg_release_lock_file(target_zone, lockfd);
3078 3147 return (Z_ERR);
3079 3148 }
3080 3149 errno = subproc_err;
3081 3150 err = Z_ERR;
3082 3151 goto done;
3083 3152 }
3084 3153
3085 3154 if (brand_help)
3086 3155 return (Z_OK);
3087 3156
3088 3157 if ((err = zone_set_state(target_zone, ZONE_STATE_INSTALLED)) != Z_OK) {
3089 3158 errno = err;
3090 3159 zperror2(target_zone, gettext("could not set state"));
3091 3160 goto done;
3092 3161 }
3093 3162
3094 3163 if (do_postinstall) {
3095 3164 status = do_subproc(postcmdbuf);
3096 3165
3097 3166 if ((subproc_err =
3098 3167 subproc_status(gettext("brand-specific post-install"),
3099 3168 status, B_FALSE)) != ZONE_SUBPROC_OK) {
3100 3169 errno = subproc_err;
3101 3170 err = Z_ERR;
3102 3171 (void) zone_set_state(target_zone,
3103 3172 ZONE_STATE_INCOMPLETE);
3104 3173 }
3105 3174 }
3106 3175
3107 3176 done:
3108 3177 /*
3109 3178 * If the install script exited with ZONE_SUBPROC_NOTCOMPLETE, try to
3110 3179 * clean up the zone and leave the zone in the CONFIGURED state so that
3111 3180 * another install can be attempted without requiring an uninstall
3112 3181 * first.
3113 3182 */
3114 3183 if (subproc_err == ZONE_SUBPROC_NOTCOMPLETE) {
3115 3184 int temp_err;
3116 3185
3117 3186 if ((temp_err = cleanup_zonepath(zonepath, B_FALSE)) != Z_OK) {
3118 3187 errno = err = temp_err;
3119 3188 zperror2(target_zone,
3120 3189 gettext("cleaning up zonepath failed"));
3121 3190 } else if ((temp_err = zone_set_state(target_zone,
3122 3191 ZONE_STATE_CONFIGURED)) != Z_OK) {
3123 3192 errno = err = temp_err;
3124 3193 zperror2(target_zone, gettext("could not set state"));
3125 3194 }
3126 3195 }
3127 3196
3128 3197 if (!brand_help)
3129 3198 zonecfg_release_lock_file(target_zone, lockfd);
3130 3199 return ((err == Z_OK) ? Z_OK : Z_ERR);
3131 3200 }
3132 3201
3133 3202 static void
3134 3203 warn_dev_match(zone_dochandle_t s_handle, char *source_zone,
3135 3204 zone_dochandle_t t_handle, char *target_zone)
3136 3205 {
3137 3206 int err;
3138 3207 struct zone_devtab s_devtab;
3139 3208 struct zone_devtab t_devtab;
3140 3209
3141 3210 if ((err = zonecfg_setdevent(t_handle)) != Z_OK) {
3142 3211 errno = err;
3143 3212 zperror2(target_zone, gettext("could not enumerate devices"));
3144 3213 return;
3145 3214 }
3146 3215
3147 3216 while (zonecfg_getdevent(t_handle, &t_devtab) == Z_OK) {
3148 3217 if ((err = zonecfg_setdevent(s_handle)) != Z_OK) {
3149 3218 errno = err;
3150 3219 zperror2(source_zone,
3151 3220 gettext("could not enumerate devices"));
3152 3221 (void) zonecfg_enddevent(t_handle);
3153 3222 return;
3154 3223 }
3155 3224
3156 3225 while (zonecfg_getdevent(s_handle, &s_devtab) == Z_OK) {
3157 3226 /*
3158 3227 * Use fnmatch to catch the case where wildcards
3159 3228 * were used in one zone and the other has an
3160 3229 * explicit entry (e.g. /dev/dsk/c0t0d0s6 vs.
3161 3230 * /dev/\*dsk/c0t0d0s6).
3162 3231 */
3163 3232 if (fnmatch(t_devtab.zone_dev_match,
3164 3233 s_devtab.zone_dev_match, FNM_PATHNAME) == 0 ||
3165 3234 fnmatch(s_devtab.zone_dev_match,
3166 3235 t_devtab.zone_dev_match, FNM_PATHNAME) == 0) {
3167 3236 (void) fprintf(stderr,
3168 3237 gettext("WARNING: device '%s' "
3169 3238 "is configured in both zones.\n"),
3170 3239 t_devtab.zone_dev_match);
3171 3240 break;
3172 3241 }
3173 3242 }
3174 3243 (void) zonecfg_enddevent(s_handle);
3175 3244 }
3176 3245
3177 3246 (void) zonecfg_enddevent(t_handle);
3178 3247 }
3179 3248
3180 3249 /*
3181 3250 * Check if the specified mount option (opt) is contained within the
3182 3251 * options string.
3183 3252 */
3184 3253 static boolean_t
3185 3254 opt_match(char *opt, char *options)
3186 3255 {
3187 3256 char *p;
3188 3257 char *lastp;
3189 3258
3190 3259 if ((p = strtok_r(options, ",", &lastp)) != NULL) {
3191 3260 if (strcmp(p, opt) == 0)
3192 3261 return (B_TRUE);
3193 3262 while ((p = strtok_r(NULL, ",", &lastp)) != NULL) {
3194 3263 if (strcmp(p, opt) == 0)
3195 3264 return (B_TRUE);
3196 3265 }
3197 3266 }
3198 3267
3199 3268 return (B_FALSE);
3200 3269 }
3201 3270
3202 3271 #define RW_LOFS "WARNING: read-write lofs file system on '%s' is configured " \
3203 3272 "in both zones.\n"
3204 3273
3205 3274 static void
3206 3275 print_fs_warnings(struct zone_fstab *s_fstab, struct zone_fstab *t_fstab)
3207 3276 {
3208 3277 /*
3209 3278 * It is ok to have shared lofs mounted fs but we want to warn if
3210 3279 * either is rw since this will effect the other zone.
3211 3280 */
3212 3281 if (strcmp(t_fstab->zone_fs_type, "lofs") == 0) {
3213 3282 zone_fsopt_t *optp;
3214 3283
3215 3284 /* The default is rw so no options means rw */
3216 3285 if (t_fstab->zone_fs_options == NULL ||
3217 3286 s_fstab->zone_fs_options == NULL) {
3218 3287 (void) fprintf(stderr, gettext(RW_LOFS),
3219 3288 t_fstab->zone_fs_special);
3220 3289 return;
3221 3290 }
3222 3291
3223 3292 for (optp = s_fstab->zone_fs_options; optp != NULL;
3224 3293 optp = optp->zone_fsopt_next) {
3225 3294 if (opt_match("rw", optp->zone_fsopt_opt)) {
3226 3295 (void) fprintf(stderr, gettext(RW_LOFS),
3227 3296 s_fstab->zone_fs_special);
3228 3297 return;
3229 3298 }
3230 3299 }
3231 3300
3232 3301 for (optp = t_fstab->zone_fs_options; optp != NULL;
3233 3302 optp = optp->zone_fsopt_next) {
3234 3303 if (opt_match("rw", optp->zone_fsopt_opt)) {
3235 3304 (void) fprintf(stderr, gettext(RW_LOFS),
3236 3305 t_fstab->zone_fs_special);
3237 3306 return;
3238 3307 }
3239 3308 }
3240 3309
3241 3310 return;
3242 3311 }
3243 3312
3244 3313 /*
3245 3314 * TRANSLATION_NOTE
3246 3315 * The first variable is the file system type and the second is
3247 3316 * the file system special device. For example,
3248 3317 * WARNING: ufs file system on '/dev/dsk/c0t0d0s0' ...
3249 3318 */
3250 3319 (void) fprintf(stderr, gettext("WARNING: %s file system on '%s' "
3251 3320 "is configured in both zones.\n"), t_fstab->zone_fs_type,
3252 3321 t_fstab->zone_fs_special);
3253 3322 }
3254 3323
3255 3324 static void
3256 3325 warn_fs_match(zone_dochandle_t s_handle, char *source_zone,
3257 3326 zone_dochandle_t t_handle, char *target_zone)
3258 3327 {
3259 3328 int err;
3260 3329 struct zone_fstab s_fstab;
3261 3330 struct zone_fstab t_fstab;
3262 3331
3263 3332 if ((err = zonecfg_setfsent(t_handle)) != Z_OK) {
3264 3333 errno = err;
3265 3334 zperror2(target_zone,
3266 3335 gettext("could not enumerate file systems"));
3267 3336 return;
3268 3337 }
3269 3338
3270 3339 while (zonecfg_getfsent(t_handle, &t_fstab) == Z_OK) {
3271 3340 if ((err = zonecfg_setfsent(s_handle)) != Z_OK) {
3272 3341 errno = err;
3273 3342 zperror2(source_zone,
3274 3343 gettext("could not enumerate file systems"));
3275 3344 (void) zonecfg_endfsent(t_handle);
3276 3345 return;
3277 3346 }
3278 3347
3279 3348 while (zonecfg_getfsent(s_handle, &s_fstab) == Z_OK) {
3280 3349 if (strcmp(t_fstab.zone_fs_special,
3281 3350 s_fstab.zone_fs_special) == 0) {
3282 3351 print_fs_warnings(&s_fstab, &t_fstab);
3283 3352 break;
3284 3353 }
3285 3354 }
3286 3355 (void) zonecfg_endfsent(s_handle);
3287 3356 }
3288 3357
3289 3358 (void) zonecfg_endfsent(t_handle);
3290 3359 }
3291 3360
3292 3361 /*
3293 3362 * We don't catch the case where you used the same IP address but
3294 3363 * it is not an exact string match. For example, 192.9.0.128 vs. 192.09.0.128.
3295 3364 * However, we're not going to worry about that but we will check for
3296 3365 * a possible netmask on one of the addresses (e.g. 10.0.0.1 and 10.0.0.1/24)
3297 3366 * and handle that case as a match.
3298 3367 */
3299 3368 static void
3300 3369 warn_ip_match(zone_dochandle_t s_handle, char *source_zone,
3301 3370 zone_dochandle_t t_handle, char *target_zone)
3302 3371 {
3303 3372 int err;
3304 3373 struct zone_nwiftab s_nwiftab;
3305 3374 struct zone_nwiftab t_nwiftab;
3306 3375
3307 3376 if ((err = zonecfg_setnwifent(t_handle)) != Z_OK) {
3308 3377 errno = err;
3309 3378 zperror2(target_zone,
3310 3379 gettext("could not enumerate network interfaces"));
3311 3380 return;
3312 3381 }
3313 3382
3314 3383 while (zonecfg_getnwifent(t_handle, &t_nwiftab) == Z_OK) {
3315 3384 char *p;
3316 3385
3317 3386 /* remove an (optional) netmask from the address */
3318 3387 if ((p = strchr(t_nwiftab.zone_nwif_address, '/')) != NULL)
3319 3388 *p = '\0';
3320 3389
3321 3390 if ((err = zonecfg_setnwifent(s_handle)) != Z_OK) {
3322 3391 errno = err;
3323 3392 zperror2(source_zone,
3324 3393 gettext("could not enumerate network interfaces"));
3325 3394 (void) zonecfg_endnwifent(t_handle);
3326 3395 return;
3327 3396 }
3328 3397
3329 3398 while (zonecfg_getnwifent(s_handle, &s_nwiftab) == Z_OK) {
3330 3399 /* remove an (optional) netmask from the address */
3331 3400 if ((p = strchr(s_nwiftab.zone_nwif_address, '/'))
3332 3401 != NULL)
3333 3402 *p = '\0';
3334 3403
3335 3404 /* For exclusive-IP zones, address is not specified. */
3336 3405 if (strlen(s_nwiftab.zone_nwif_address) == 0)
3337 3406 continue;
3338 3407
3339 3408 if (strcmp(t_nwiftab.zone_nwif_address,
3340 3409 s_nwiftab.zone_nwif_address) == 0) {
3341 3410 (void) fprintf(stderr,
3342 3411 gettext("WARNING: network address '%s' "
3343 3412 "is configured in both zones.\n"),
3344 3413 t_nwiftab.zone_nwif_address);
3345 3414 break;
3346 3415 }
3347 3416 }
3348 3417 (void) zonecfg_endnwifent(s_handle);
3349 3418 }
3350 3419
3351 3420 (void) zonecfg_endnwifent(t_handle);
3352 3421 }
3353 3422
3354 3423 static void
3355 3424 warn_dataset_match(zone_dochandle_t s_handle, char *source,
3356 3425 zone_dochandle_t t_handle, char *target)
3357 3426 {
3358 3427 int err;
3359 3428 struct zone_dstab s_dstab;
3360 3429 struct zone_dstab t_dstab;
3361 3430
3362 3431 if ((err = zonecfg_setdsent(t_handle)) != Z_OK) {
3363 3432 errno = err;
3364 3433 zperror2(target, gettext("could not enumerate datasets"));
3365 3434 return;
3366 3435 }
3367 3436
3368 3437 while (zonecfg_getdsent(t_handle, &t_dstab) == Z_OK) {
3369 3438 if ((err = zonecfg_setdsent(s_handle)) != Z_OK) {
3370 3439 errno = err;
3371 3440 zperror2(source,
3372 3441 gettext("could not enumerate datasets"));
3373 3442 (void) zonecfg_enddsent(t_handle);
3374 3443 return;
3375 3444 }
3376 3445
3377 3446 while (zonecfg_getdsent(s_handle, &s_dstab) == Z_OK) {
3378 3447 if (strcmp(t_dstab.zone_dataset_name,
3379 3448 s_dstab.zone_dataset_name) == 0) {
3380 3449 target_zone = source;
3381 3450 zerror(gettext("WARNING: dataset '%s' "
3382 3451 "is configured in both zones.\n"),
3383 3452 t_dstab.zone_dataset_name);
3384 3453 break;
3385 3454 }
3386 3455 }
3387 3456 (void) zonecfg_enddsent(s_handle);
3388 3457 }
3389 3458
3390 3459 (void) zonecfg_enddsent(t_handle);
3391 3460 }
3392 3461
3393 3462 /*
3394 3463 * Check that the clone and its source have the same brand type.
3395 3464 */
3396 3465 static int
3397 3466 valid_brand_clone(char *source_zone, char *target_zone)
3398 3467 {
3399 3468 brand_handle_t bh;
3400 3469 char source_brand[MAXNAMELEN];
3401 3470
3402 3471 if ((zone_get_brand(source_zone, source_brand,
3403 3472 sizeof (source_brand))) != Z_OK) {
3404 3473 (void) fprintf(stderr, "%s: zone '%s': %s\n",
3405 3474 execname, source_zone, gettext("missing or invalid brand"));
3406 3475 return (Z_ERR);
3407 3476 }
3408 3477
3409 3478 if (strcmp(source_brand, target_brand) != 0) {
3410 3479 (void) fprintf(stderr,
3411 3480 gettext("%s: Zones '%s' and '%s' have different brand "
3412 3481 "types.\n"), execname, source_zone, target_zone);
3413 3482 return (Z_ERR);
3414 3483 }
3415 3484
3416 3485 if ((bh = brand_open(target_brand)) == NULL) {
3417 3486 zerror(gettext("missing or invalid brand"));
3418 3487 return (Z_ERR);
3419 3488 }
3420 3489 brand_close(bh);
3421 3490 return (Z_OK);
3422 3491 }
3423 3492
3424 3493 static int
3425 3494 validate_clone(char *source_zone, char *target_zone)
3426 3495 {
3427 3496 int err = Z_OK;
3428 3497 zone_dochandle_t s_handle;
3429 3498 zone_dochandle_t t_handle;
3430 3499
3431 3500 if ((t_handle = zonecfg_init_handle()) == NULL) {
3432 3501 zperror(cmd_to_str(CMD_CLONE), B_TRUE);
3433 3502 return (Z_ERR);
3434 3503 }
3435 3504 if ((err = zonecfg_get_handle(target_zone, t_handle)) != Z_OK) {
3436 3505 errno = err;
3437 3506 zperror(cmd_to_str(CMD_CLONE), B_TRUE);
3438 3507 zonecfg_fini_handle(t_handle);
3439 3508 return (Z_ERR);
3440 3509 }
3441 3510
3442 3511 if ((s_handle = zonecfg_init_handle()) == NULL) {
3443 3512 zperror(cmd_to_str(CMD_CLONE), B_TRUE);
3444 3513 zonecfg_fini_handle(t_handle);
3445 3514 return (Z_ERR);
3446 3515 }
3447 3516 if ((err = zonecfg_get_handle(source_zone, s_handle)) != Z_OK) {
3448 3517 errno = err;
3449 3518 zperror(cmd_to_str(CMD_CLONE), B_TRUE);
3450 3519 goto done;
3451 3520 }
3452 3521
3453 3522 /* verify new zone has same brand type */
3454 3523 err = valid_brand_clone(source_zone, target_zone);
3455 3524 if (err != Z_OK)
3456 3525 goto done;
3457 3526
3458 3527 /* warn about imported fs's which are the same */
3459 3528 warn_fs_match(s_handle, source_zone, t_handle, target_zone);
3460 3529
3461 3530 /* warn about imported IP addresses which are the same */
3462 3531 warn_ip_match(s_handle, source_zone, t_handle, target_zone);
3463 3532
3464 3533 /* warn about imported devices which are the same */
3465 3534 warn_dev_match(s_handle, source_zone, t_handle, target_zone);
3466 3535
3467 3536 /* warn about imported datasets which are the same */
3468 3537 warn_dataset_match(s_handle, source_zone, t_handle, target_zone);
3469 3538
3470 3539 done:
3471 3540 zonecfg_fini_handle(t_handle);
3472 3541 zonecfg_fini_handle(s_handle);
3473 3542
3474 3543 return ((err == Z_OK) ? Z_OK : Z_ERR);
3475 3544 }
3476 3545
3477 3546 static int
3478 3547 copy_zone(char *src, char *dst)
3479 3548 {
3480 3549 boolean_t out_null = B_FALSE;
3481 3550 int status;
3482 3551 char *outfile;
3483 3552 char cmdbuf[MAXPATHLEN * 2 + 128];
3484 3553
3485 3554 if ((outfile = tempnam("/var/log", "zone")) == NULL) {
3486 3555 outfile = "/dev/null";
3487 3556 out_null = B_TRUE;
3488 3557 }
3489 3558
3490 3559 /*
3491 3560 * Use find to get the list of files to copy. We need to skip
3492 3561 * files of type "socket" since cpio can't handle those but that
3493 3562 * should be ok since the app will recreate the socket when it runs.
3494 3563 * We also need to filter out anything under the .zfs subdir. Since
3495 3564 * find is running depth-first, we need the extra egrep to filter .zfs.
3496 3565 */
3497 3566 (void) snprintf(cmdbuf, sizeof (cmdbuf),
3498 3567 "cd %s && /usr/bin/find . -type s -prune -o -depth -print | "
3499 3568 "/usr/bin/egrep -v '^\\./\\.zfs$|^\\./\\.zfs/' | "
3500 3569 "/usr/bin/cpio -pdmuP@ %s > %s 2>&1",
3501 3570 src, dst, outfile);
3502 3571
3503 3572 status = do_subproc(cmdbuf);
3504 3573
3505 3574 if (subproc_status("copy", status, B_TRUE) != ZONE_SUBPROC_OK) {
3506 3575 if (!out_null)
3507 3576 (void) fprintf(stderr, gettext("\nThe copy failed.\n"
3508 3577 "More information can be found in %s\n"), outfile);
3509 3578 return (Z_ERR);
3510 3579 }
3511 3580
3512 3581 if (!out_null)
3513 3582 (void) unlink(outfile);
3514 3583
3515 3584 return (Z_OK);
3516 3585 }
3517 3586
3518 3587 /* ARGSUSED */
3519 3588 int
3520 3589 zfm_print(const struct mnttab *p, void *r)
3521 3590 {
3522 3591 zerror(" %s\n", p->mnt_mountp);
3523 3592 return (0);
3524 3593 }
3525 3594
3526 3595 int
3527 3596 clone_copy(char *source_zonepath, char *zonepath)
3528 3597 {
3529 3598 int err;
3530 3599
3531 3600 /* Don't clone the zone if anything is still mounted there */
3532 3601 if (zonecfg_find_mounts(source_zonepath, NULL, NULL)) {
3533 3602 zerror(gettext("These file systems are mounted on "
3534 3603 "subdirectories of %s.\n"), source_zonepath);
3535 3604 (void) zonecfg_find_mounts(source_zonepath, zfm_print, NULL);
3536 3605 return (Z_ERR);
3537 3606 }
3538 3607
3539 3608 /*
3540 3609 * Attempt to create a ZFS fs for the zonepath. As usual, we don't
3541 3610 * care if this works or not since we always have the default behavior
3542 3611 * of a simple directory for the zonepath.
3543 3612 */
3544 3613 create_zfs_zonepath(zonepath);
3545 3614
3546 3615 (void) printf(gettext("Copying %s..."), source_zonepath);
3547 3616 (void) fflush(stdout);
3548 3617
3549 3618 err = copy_zone(source_zonepath, zonepath);
3550 3619
3551 3620 (void) printf("\n");
3552 3621
3553 3622 return (err);
3554 3623 }
3555 3624
3556 3625 static int
3557 3626 clone_func(int argc, char *argv[])
3558 3627 {
3559 3628 char *source_zone = NULL;
3560 3629 int lockfd;
3561 3630 int err, arg;
3562 3631 char zonepath[MAXPATHLEN];
3563 3632 char source_zonepath[MAXPATHLEN];
3564 3633 zone_state_t state;
3565 3634 zone_entry_t *zent;
3566 3635 char *method = NULL;
3567 3636 char *snapshot = NULL;
3568 3637 char cmdbuf[MAXPATHLEN];
3569 3638 char postcmdbuf[MAXPATHLEN];
3570 3639 char presnapbuf[MAXPATHLEN];
3571 3640 char postsnapbuf[MAXPATHLEN];
3572 3641 char validsnapbuf[MAXPATHLEN];
3573 3642 brand_handle_t bh = NULL;
3574 3643 int status;
3575 3644 boolean_t brand_help = B_FALSE;
3576 3645
3577 3646 if (zonecfg_in_alt_root()) {
3578 3647 zerror(gettext("cannot clone zone in alternate root"));
3579 3648 return (Z_ERR);
3580 3649 }
3581 3650
3582 3651 /* Check the argv string for args we handle internally */
3583 3652 optind = 0;
3584 3653 opterr = 0;
3585 3654 while ((arg = getopt(argc, argv, "?m:s:")) != EOF) {
3586 3655 switch (arg) {
3587 3656 case '?':
3588 3657 if (optopt == '?') {
3589 3658 sub_usage(SHELP_CLONE, CMD_CLONE);
3590 3659 brand_help = B_TRUE;
3591 3660 }
3592 3661 /* Ignore unknown options - may be brand specific. */
3593 3662 break;
3594 3663 case 'm':
3595 3664 method = optarg;
3596 3665 break;
3597 3666 case 's':
3598 3667 snapshot = optarg;
3599 3668 break;
3600 3669 default:
3601 3670 /* Ignore unknown options - may be brand specific. */
3602 3671 break;
3603 3672 }
3604 3673 }
3605 3674
3606 3675 if (argc != (optind + 1)) {
3607 3676 sub_usage(SHELP_CLONE, CMD_CLONE);
3608 3677 return (Z_USAGE);
3609 3678 }
3610 3679
3611 3680 source_zone = argv[optind];
3612 3681
3613 3682 if (!brand_help) {
3614 3683 if (sanity_check(target_zone, CMD_CLONE, B_FALSE, B_TRUE,
3615 3684 B_FALSE) != Z_OK)
3616 3685 return (Z_ERR);
3617 3686 if (verify_details(CMD_CLONE, argv) != Z_OK)
3618 3687 return (Z_ERR);
3619 3688
3620 3689 /*
3621 3690 * We also need to do some extra validation on the source zone.
3622 3691 */
3623 3692 if (strcmp(source_zone, GLOBAL_ZONENAME) == 0) {
3624 3693 zerror(gettext("%s operation is invalid for the "
3625 3694 "global zone."), cmd_to_str(CMD_CLONE));
3626 3695 return (Z_ERR);
3627 3696 }
3628 3697
3629 3698 if (strncmp(source_zone, "SUNW", 4) == 0) {
3630 3699 zerror(gettext("%s operation is invalid for zones "
3631 3700 "starting with SUNW."), cmd_to_str(CMD_CLONE));
3632 3701 return (Z_ERR);
3633 3702 }
3634 3703
3635 3704 if (auth_check(username, source_zone, SOURCE_ZONE) == Z_ERR) {
3636 3705 zerror(gettext("%s operation is invalid because "
3637 3706 "user is not authorized to read source zone."),
3638 3707 cmd_to_str(CMD_CLONE));
3639 3708 return (Z_ERR);
3640 3709 }
3641 3710
3642 3711 zent = lookup_running_zone(source_zone);
3643 3712 if (zent != NULL) {
3644 3713 /* check whether the zone is ready or running */
3645 3714 if ((err = zone_get_state(zent->zname,
3646 3715 &zent->zstate_num)) != Z_OK) {
3647 3716 errno = err;
3648 3717 zperror2(zent->zname, gettext("could not get "
3649 3718 "state"));
3650 3719 /* can't tell, so hedge */
3651 3720 zent->zstate_str = "ready/running";
3652 3721 } else {
3653 3722 zent->zstate_str =
3654 3723 zone_state_str(zent->zstate_num);
3655 3724 }
3656 3725 zerror(gettext("%s operation is invalid for %s zones."),
3657 3726 cmd_to_str(CMD_CLONE), zent->zstate_str);
3658 3727 return (Z_ERR);
3659 3728 }
3660 3729
3661 3730 if ((err = zone_get_state(source_zone, &state)) != Z_OK) {
3662 3731 errno = err;
3663 3732 zperror2(source_zone, gettext("could not get state"));
3664 3733 return (Z_ERR);
3665 3734 }
3666 3735 if (state != ZONE_STATE_INSTALLED) {
3667 3736 (void) fprintf(stderr,
3668 3737 gettext("%s: zone %s is %s; %s is required.\n"),
3669 3738 execname, source_zone, zone_state_str(state),
3670 3739 zone_state_str(ZONE_STATE_INSTALLED));
3671 3740 return (Z_ERR);
3672 3741 }
3673 3742
3674 3743 /*
3675 3744 * The source zone checks out ok, continue with the clone.
3676 3745 */
3677 3746
3678 3747 if (validate_clone(source_zone, target_zone) != Z_OK)
3679 3748 return (Z_ERR);
3680 3749
3681 3750 if (zonecfg_grab_lock_file(target_zone, &lockfd) != Z_OK) {
3682 3751 zerror(gettext("another %s may have an operation in "
3683 3752 "progress."), "zoneadm");
3684 3753 return (Z_ERR);
3685 3754 }
3686 3755 }
3687 3756
3688 3757 if ((err = zone_get_zonepath(source_zone, source_zonepath,
3689 3758 sizeof (source_zonepath))) != Z_OK) {
3690 3759 errno = err;
3691 3760 zperror2(source_zone, gettext("could not get zone path"));
3692 3761 goto done;
3693 3762 }
3694 3763
3695 3764 if ((err = zone_get_zonepath(target_zone, zonepath, sizeof (zonepath)))
3696 3765 != Z_OK) {
3697 3766 errno = err;
3698 3767 zperror2(target_zone, gettext("could not get zone path"));
3699 3768 goto done;
3700 3769 }
3701 3770
3702 3771 /*
3703 3772 * Fetch the clone and postclone hooks from the brand configuration.
3704 3773 */
3705 3774 if ((bh = brand_open(target_brand)) == NULL) {
3706 3775 zerror(gettext("missing or invalid brand"));
3707 3776 err = Z_ERR;
3708 3777 goto done;
3709 3778 }
3710 3779
3711 3780 if (get_hook(bh, cmdbuf, sizeof (cmdbuf), brand_get_clone, target_zone,
3712 3781 zonepath) != Z_OK) {
3713 3782 zerror("invalid brand configuration: missing clone resource");
3714 3783 brand_close(bh);
3715 3784 err = Z_ERR;
3716 3785 goto done;
3717 3786 }
3718 3787
3719 3788 if (get_hook(bh, postcmdbuf, sizeof (postcmdbuf), brand_get_postclone,
3720 3789 target_zone, zonepath) != Z_OK) {
3721 3790 zerror("invalid brand configuration: missing postclone "
3722 3791 "resource");
3723 3792 brand_close(bh);
3724 3793 err = Z_ERR;
3725 3794 goto done;
3726 3795 }
3727 3796
3728 3797 if (get_hook(bh, presnapbuf, sizeof (presnapbuf), brand_get_presnap,
3729 3798 source_zone, source_zonepath) != Z_OK) {
3730 3799 zerror("invalid brand configuration: missing presnap "
3731 3800 "resource");
3732 3801 brand_close(bh);
3733 3802 err = Z_ERR;
3734 3803 goto done;
3735 3804 }
3736 3805
3737 3806 if (get_hook(bh, postsnapbuf, sizeof (postsnapbuf), brand_get_postsnap,
3738 3807 source_zone, source_zonepath) != Z_OK) {
3739 3808 zerror("invalid brand configuration: missing postsnap "
3740 3809 "resource");
3741 3810 brand_close(bh);
3742 3811 err = Z_ERR;
3743 3812 goto done;
3744 3813 }
3745 3814
3746 3815 if (get_hook(bh, validsnapbuf, sizeof (validsnapbuf),
3747 3816 brand_get_validatesnap, target_zone, zonepath) != Z_OK) {
3748 3817 zerror("invalid brand configuration: missing validatesnap "
3749 3818 "resource");
3750 3819 brand_close(bh);
3751 3820 err = Z_ERR;
3752 3821 goto done;
3753 3822 }
3754 3823 brand_close(bh);
3755 3824
3756 3825 /* Append all options to clone hook. */
3757 3826 if (addoptions(cmdbuf, argv, sizeof (cmdbuf)) != Z_OK) {
3758 3827 err = Z_ERR;
3759 3828 goto done;
3760 3829 }
3761 3830
3762 3831 /* Append all options to postclone hook. */
3763 3832 if (addoptions(postcmdbuf, argv, sizeof (postcmdbuf)) != Z_OK) {
3764 3833 err = Z_ERR;
3765 3834 goto done;
3766 3835 }
3767 3836
3768 3837 if (!brand_help) {
3769 3838 if ((err = zone_set_state(target_zone, ZONE_STATE_INCOMPLETE))
3770 3839 != Z_OK) {
3771 3840 errno = err;
3772 3841 zperror2(target_zone, gettext("could not set state"));
3773 3842 goto done;
3774 3843 }
3775 3844 }
3776 3845
3777 3846 /*
3778 3847 * The clone hook is optional. If it exists, use the hook for
3779 3848 * cloning, otherwise use the built-in clone support
3780 3849 */
3781 3850 if (cmdbuf[0] != '\0') {
3782 3851 /* Run the clone hook */
3783 3852 status = do_subproc(cmdbuf);
3784 3853 if ((status = subproc_status(gettext("brand-specific clone"),
3785 3854 status, B_FALSE)) != ZONE_SUBPROC_OK) {
3786 3855 if (status == ZONE_SUBPROC_USAGE && !brand_help)
3787 3856 sub_usage(SHELP_CLONE, CMD_CLONE);
3788 3857 err = Z_ERR;
3789 3858 goto done;
3790 3859 }
3791 3860
3792 3861 if (brand_help)
3793 3862 return (Z_OK);
3794 3863
3795 3864 } else {
3796 3865 /* If just help, we're done since there is no brand help. */
3797 3866 if (brand_help)
3798 3867 return (Z_OK);
3799 3868
3800 3869 /* Run the built-in clone support. */
3801 3870
3802 3871 /* The only explicit built-in method is "copy". */
3803 3872 if (method != NULL && strcmp(method, "copy") != 0) {
3804 3873 sub_usage(SHELP_CLONE, CMD_CLONE);
3805 3874 err = Z_USAGE;
3806 3875 goto done;
3807 3876 }
3808 3877
3809 3878 if (snapshot != NULL) {
3810 3879 err = clone_snapshot_zfs(snapshot, zonepath,
3811 3880 validsnapbuf);
3812 3881 } else {
3813 3882 /*
3814 3883 * We always copy the clone unless the source is ZFS
3815 3884 * and a ZFS clone worked. We fallback to copying if
3816 3885 * the ZFS clone fails for some reason.
3817 3886 */
3818 3887 err = Z_ERR;
3819 3888 if (method == NULL && is_zonepath_zfs(source_zonepath))
3820 3889 err = clone_zfs(source_zonepath, zonepath,
3821 3890 presnapbuf, postsnapbuf);
3822 3891
3823 3892 if (err != Z_OK)
3824 3893 err = clone_copy(source_zonepath, zonepath);
3825 3894 }
3826 3895 }
3827 3896
3828 3897 if (err == Z_OK && postcmdbuf[0] != '\0') {
3829 3898 status = do_subproc(postcmdbuf);
3830 3899 if ((err = subproc_status("postclone", status, B_FALSE))
3831 3900 != ZONE_SUBPROC_OK) {
3832 3901 zerror(gettext("post-clone configuration failed."));
3833 3902 err = Z_ERR;
3834 3903 }
3835 3904 }
3836 3905
3837 3906 done:
3838 3907 /*
3839 3908 * If everything went well, we mark the zone as installed.
3840 3909 */
3841 3910 if (err == Z_OK) {
3842 3911 err = zone_set_state(target_zone, ZONE_STATE_INSTALLED);
3843 3912 if (err != Z_OK) {
3844 3913 errno = err;
3845 3914 zperror2(target_zone, gettext("could not set state"));
3846 3915 }
3847 3916 }
3848 3917 if (!brand_help)
3849 3918 zonecfg_release_lock_file(target_zone, lockfd);
3850 3919 return ((err == Z_OK) ? Z_OK : Z_ERR);
3851 3920 }
3852 3921
3853 3922 /*
3854 3923 * Used when removing a zonepath after uninstalling or cleaning up after
3855 3924 * the move subcommand. This handles a zonepath that has non-standard
3856 3925 * contents so that we will only cleanup the stuff we know about and leave
3857 3926 * any user data alone.
3858 3927 *
3859 3928 * If the "all" parameter is true then we should remove the whole zonepath
3860 3929 * even if it has non-standard files/directories in it. This can be used when
3861 3930 * we need to cleanup after moving the zonepath across file systems.
3862 3931 *
3863 3932 * We "exec" the RMCOMMAND so that the returned status is that of RMCOMMAND
3864 3933 * and not the shell.
3865 3934 */
3866 3935 static int
3867 3936 cleanup_zonepath(char *zonepath, boolean_t all)
3868 3937 {
3869 3938 int status;
3870 3939 int i;
3871 3940 boolean_t non_std = B_FALSE;
3872 3941 struct dirent *dp;
3873 3942 DIR *dirp;
3874 3943 /*
3875 3944 * The SUNWattached.xml file is expected since it might
3876 3945 * exist if the zone was force-attached after a
3877 3946 * migration.
3878 3947 */
3879 3948 char *std_entries[] = {"dev", "lastexited", "logs", "lu",
3880 3949 "root", "SUNWattached.xml", NULL};
3881 3950 /* (MAXPATHLEN * 5) is for the 5 std_entries dirs */
3882 3951 char cmdbuf[sizeof (RMCOMMAND) + (MAXPATHLEN * 5) + 64];
3883 3952
3884 3953 /*
3885 3954 * We shouldn't need these checks but lets be paranoid since we
3886 3955 * could blow away the whole system here if we got the wrong zonepath.
3887 3956 */
3888 3957 if (*zonepath == NULL || strcmp(zonepath, "/") == 0) {
3889 3958 (void) fprintf(stderr, "invalid zonepath '%s'\n", zonepath);
3890 3959 return (Z_INVAL);
3891 3960 }
3892 3961
3893 3962 /*
3894 3963 * If the dirpath is already gone (maybe it was manually removed) then
3895 3964 * we just return Z_OK so that the cleanup is successful.
3896 3965 */
3897 3966 if ((dirp = opendir(zonepath)) == NULL)
3898 3967 return (Z_OK);
3899 3968
3900 3969 /*
3901 3970 * Look through the zonepath directory to see if there are any
3902 3971 * non-standard files/dirs. Also skip .zfs since that might be
3903 3972 * there but we'll handle ZFS file systems as a special case.
3904 3973 */
3905 3974 while ((dp = readdir(dirp)) != NULL) {
3906 3975 if (strcmp(dp->d_name, ".") == 0 ||
3907 3976 strcmp(dp->d_name, "..") == 0 ||
3908 3977 strcmp(dp->d_name, ".zfs") == 0)
3909 3978 continue;
3910 3979
3911 3980 for (i = 0; std_entries[i] != NULL; i++)
3912 3981 if (strcmp(dp->d_name, std_entries[i]) == 0)
3913 3982 break;
3914 3983
3915 3984 if (std_entries[i] == NULL)
3916 3985 non_std = B_TRUE;
3917 3986 }
3918 3987 (void) closedir(dirp);
3919 3988
3920 3989 if (!all && non_std) {
3921 3990 /*
3922 3991 * There are extra, non-standard directories/files in the
3923 3992 * zonepath so we don't want to remove the zonepath. We
3924 3993 * just want to remove the standard directories and leave
3925 3994 * the user data alone.
3926 3995 */
3927 3996 (void) snprintf(cmdbuf, sizeof (cmdbuf), "exec " RMCOMMAND);
3928 3997
3929 3998 for (i = 0; std_entries[i] != NULL; i++) {
3930 3999 char tmpbuf[MAXPATHLEN];
3931 4000
3932 4001 if (snprintf(tmpbuf, sizeof (tmpbuf), " %s/%s",
3933 4002 zonepath, std_entries[i]) >= sizeof (tmpbuf) ||
3934 4003 strlcat(cmdbuf, tmpbuf, sizeof (cmdbuf)) >=
3935 4004 sizeof (cmdbuf)) {
3936 4005 (void) fprintf(stderr,
3937 4006 gettext("path is too long\n"));
3938 4007 return (Z_INVAL);
3939 4008 }
3940 4009 }
3941 4010
3942 4011 status = do_subproc(cmdbuf);
3943 4012
3944 4013 (void) fprintf(stderr, gettext("WARNING: Unable to completely "
3945 4014 "remove %s\nbecause it contains additional user data. "
3946 4015 "Only the standard directory\nentries have been "
3947 4016 "removed.\n"),
3948 4017 zonepath);
3949 4018
3950 4019 return ((subproc_status(RMCOMMAND, status, B_TRUE) ==
3951 4020 ZONE_SUBPROC_OK) ? Z_OK : Z_ERR);
3952 4021 }
3953 4022
3954 4023 /*
3955 4024 * There is nothing unexpected in the zonepath, try to get rid of the
3956 4025 * whole zonepath directory.
3957 4026 *
3958 4027 * If the zonepath is its own zfs file system, try to destroy the
3959 4028 * file system. If that fails for some reason (e.g. it has clones)
3960 4029 * then we'll just remove the contents of the zonepath.
3961 4030 */
3962 4031 if (is_zonepath_zfs(zonepath)) {
3963 4032 if (destroy_zfs(zonepath) == Z_OK)
3964 4033 return (Z_OK);
3965 4034 (void) snprintf(cmdbuf, sizeof (cmdbuf), "exec " RMCOMMAND
3966 4035 " %s/*", zonepath);
3967 4036 status = do_subproc(cmdbuf);
3968 4037 return ((subproc_status(RMCOMMAND, status, B_TRUE) ==
3969 4038 ZONE_SUBPROC_OK) ? Z_OK : Z_ERR);
3970 4039 }
3971 4040
3972 4041 (void) snprintf(cmdbuf, sizeof (cmdbuf), "exec " RMCOMMAND " %s",
3973 4042 zonepath);
3974 4043 status = do_subproc(cmdbuf);
3975 4044
3976 4045 return ((subproc_status(RMCOMMAND, status, B_TRUE) == ZONE_SUBPROC_OK)
3977 4046 ? Z_OK : Z_ERR);
3978 4047 }
3979 4048
3980 4049 static int
3981 4050 move_func(int argc, char *argv[])
3982 4051 {
3983 4052 char *new_zonepath = NULL;
3984 4053 int lockfd;
3985 4054 int err, arg;
3986 4055 char zonepath[MAXPATHLEN];
3987 4056 zone_dochandle_t handle;
3988 4057 boolean_t fast;
3989 4058 boolean_t is_zfs = B_FALSE;
3990 4059 boolean_t root_fs_mounted = B_FALSE;
3991 4060 struct dirent *dp;
3992 4061 DIR *dirp;
3993 4062 boolean_t empty = B_TRUE;
3994 4063 boolean_t revert;
3995 4064 struct stat zonepath_buf;
3996 4065 struct stat new_zonepath_buf;
3997 4066 zone_mounts_t mounts;
3998 4067
3999 4068 if (zonecfg_in_alt_root()) {
4000 4069 zerror(gettext("cannot move zone in alternate root"));
4001 4070 return (Z_ERR);
4002 4071 }
4003 4072
4004 4073 optind = 0;
4005 4074 if ((arg = getopt(argc, argv, "?")) != EOF) {
4006 4075 switch (arg) {
4007 4076 case '?':
4008 4077 sub_usage(SHELP_MOVE, CMD_MOVE);
4009 4078 return (optopt == '?' ? Z_OK : Z_USAGE);
4010 4079 default:
4011 4080 sub_usage(SHELP_MOVE, CMD_MOVE);
4012 4081 return (Z_USAGE);
4013 4082 }
4014 4083 }
4015 4084 if (argc != (optind + 1)) {
4016 4085 sub_usage(SHELP_MOVE, CMD_MOVE);
4017 4086 return (Z_USAGE);
4018 4087 }
4019 4088 new_zonepath = argv[optind];
4020 4089 if (sanity_check(target_zone, CMD_MOVE, B_FALSE, B_TRUE, B_FALSE)
4021 4090 != Z_OK)
4022 4091 return (Z_ERR);
4023 4092 if (verify_details(CMD_MOVE, argv) != Z_OK)
4024 4093 return (Z_ERR);
4025 4094
4026 4095 /*
4027 4096 * Check out the new zonepath. This has the side effect of creating
4028 4097 * a directory for the new zonepath. We depend on this later when we
4029 4098 * stat to see if we are doing a cross file system move or not.
4030 4099 */
4031 4100 if (validate_zonepath(new_zonepath, CMD_MOVE) != Z_OK)
4032 4101 return (Z_ERR);
4033 4102
4034 4103 if ((err = zone_get_zonepath(target_zone, zonepath, sizeof (zonepath)))
4035 4104 != Z_OK) {
4036 4105 errno = err;
4037 4106 zperror2(target_zone, gettext("could not get zone path"));
4038 4107 return (Z_ERR);
4039 4108 }
4040 4109
4041 4110 if (stat(zonepath, &zonepath_buf) == -1) {
4042 4111 zperror(gettext("could not stat zone path"), B_FALSE);
4043 4112 return (Z_ERR);
4044 4113 }
4045 4114
4046 4115 if (stat(new_zonepath, &new_zonepath_buf) == -1) {
4047 4116 zperror(gettext("could not stat new zone path"), B_FALSE);
4048 4117 return (Z_ERR);
4049 4118 }
4050 4119
4051 4120 /*
4052 4121 * Check if the destination directory is empty.
4053 4122 */
4054 4123 if ((dirp = opendir(new_zonepath)) == NULL) {
4055 4124 zperror(gettext("could not open new zone path"), B_FALSE);
4056 4125 return (Z_ERR);
4057 4126 }
4058 4127 while ((dp = readdir(dirp)) != (struct dirent *)0) {
4059 4128 if (strcmp(dp->d_name, ".") == 0 ||
4060 4129 strcmp(dp->d_name, "..") == 0)
4061 4130 continue;
4062 4131 empty = B_FALSE;
4063 4132 break;
4064 4133 }
4065 4134 (void) closedir(dirp);
4066 4135
4067 4136 /* Error if there is anything in the destination directory. */
4068 4137 if (!empty) {
4069 4138 (void) fprintf(stderr, gettext("could not move zone to %s: "
4070 4139 "directory not empty\n"), new_zonepath);
4071 4140 return (Z_ERR);
4072 4141 }
4073 4142
4074 4143 /*
4075 4144 * Collect information about mounts within the zone's zonepath.
4076 4145 * Overlay mounts on the zone's root directory are erroneous.
4077 4146 * Bail if we encounter any unexpected mounts.
4078 4147 */
4079 4148 if (zone_mounts_init(&mounts, zonepath) != 0)
4080 4149 return (Z_ERR);
4081 4150 if (mounts.num_root_overlay_mounts != 0) {
4082 4151 zerror(gettext("%d overlay mount(s) detected on %s/root."),
4083 4152 mounts.num_root_overlay_mounts, zonepath);
4084 4153 goto err_and_mounts_destroy;
4085 4154 }
4086 4155 if (mounts.num_unexpected_mounts != 0)
4087 4156 goto err_and_mounts_destroy;
4088 4157
4089 4158 /*
4090 4159 * Check if we are moving in the same file system and can do a fast
4091 4160 * move or if we are crossing file systems and have to copy the data.
4092 4161 */
4093 4162 fast = (zonepath_buf.st_dev == new_zonepath_buf.st_dev);
4094 4163
4095 4164 if ((handle = zonecfg_init_handle()) == NULL) {
4096 4165 zperror(cmd_to_str(CMD_MOVE), B_TRUE);
4097 4166 goto err_and_mounts_destroy;
4098 4167 }
4099 4168
4100 4169 if ((err = zonecfg_get_handle(target_zone, handle)) != Z_OK) {
4101 4170 errno = err;
4102 4171 zperror(cmd_to_str(CMD_MOVE), B_TRUE);
4103 4172 goto err_and_fini_handle;
4104 4173 }
4105 4174
4106 4175 if (zonecfg_grab_lock_file(target_zone, &lockfd) != Z_OK) {
4107 4176 zerror(gettext("another %s may have an operation in progress."),
4108 4177 "zoneadm");
4109 4178 goto err_and_fini_handle;
4110 4179 }
4111 4180
4112 4181 /*
4113 4182 * Unmount the zone's root filesystem before we move the zone's
4114 4183 * zonepath.
4115 4184 */
4116 4185 if (zone_unmount_rootfs(&mounts, zonepath, B_FALSE) != 0)
4117 4186 goto err_and_rele_lockfile;
4118 4187
4119 4188 /*
4120 4189 * We're making some file system changes now so we have to clean up
4121 4190 * the file system before we are done. This will either clean up the
4122 4191 * new zonepath if the zonecfg update failed or it will clean up the
4123 4192 * old zonepath if everything is ok.
4124 4193 */
4125 4194 revert = B_TRUE;
4126 4195
4127 4196 if (is_zonepath_zfs(zonepath) &&
4128 4197 move_zfs(zonepath, new_zonepath) != Z_ERR) {
4129 4198 is_zfs = B_TRUE;
4130 4199
4131 4200 } else if (fast) {
4132 4201 /* same file system, use rename for a quick move */
4133 4202
4134 4203 /*
4135 4204 * Remove the new_zonepath directory that got created above
4136 4205 * during the validation. It gets in the way of the rename.
4137 4206 */
4138 4207 if (rmdir(new_zonepath) != 0) {
4139 4208 zperror(gettext("could not rmdir new zone path"),
4140 4209 B_FALSE);
4141 4210 (void) zone_mount_rootfs(&mounts, zonepath);
4142 4211 goto err_and_rele_lockfile;
4143 4212 }
4144 4213
4145 4214 if (rename(zonepath, new_zonepath) != 0) {
4146 4215 /*
4147 4216 * If this fails we don't need to do all of the
4148 4217 * cleanup that happens for the rest of the code
4149 4218 * so just return from this error.
4150 4219 */
4151 4220 zperror(gettext("could not move zone"), B_FALSE);
4152 4221 (void) zone_mount_rootfs(&mounts, zonepath);
4153 4222 goto err_and_rele_lockfile;
4154 4223 }
4155 4224
4156 4225 } else {
4157 4226 /*
4158 4227 * Attempt to create a ZFS fs for the new zonepath. As usual,
4159 4228 * we don't care if this works or not since we always have the
4160 4229 * default behavior of a simple directory for the zonepath.
4161 4230 */
4162 4231 create_zfs_zonepath(new_zonepath);
4163 4232
4164 4233 (void) printf(gettext(
4165 4234 "Moving across file systems; copying zonepath %s..."),
4166 4235 zonepath);
4167 4236 (void) fflush(stdout);
4168 4237
4169 4238 err = copy_zone(zonepath, new_zonepath);
4170 4239
4171 4240 (void) printf("\n");
4172 4241 if (err != Z_OK)
4173 4242 goto done;
4174 4243 }
4175 4244
4176 4245 /*
4177 4246 * Mount the zone's root filesystem in the new zonepath if there was
4178 4247 * a root mount prior to the move.
4179 4248 */
4180 4249 if (zone_mount_rootfs(&mounts, new_zonepath) != 0) {
4181 4250 err = Z_ERR;
4182 4251 goto done;
4183 4252 }
4184 4253 root_fs_mounted = B_TRUE;
4185 4254
4186 4255 if ((err = zonecfg_set_zonepath(handle, new_zonepath)) != Z_OK) {
4187 4256 errno = err;
4188 4257 zperror(gettext("could not set new zonepath"), B_TRUE);
4189 4258 goto done;
4190 4259 }
4191 4260
4192 4261 if ((err = zonecfg_save(handle)) != Z_OK) {
4193 4262 errno = err;
4194 4263 zperror(gettext("zonecfg save failed"), B_TRUE);
4195 4264 goto done;
4196 4265 }
4197 4266
4198 4267 revert = B_FALSE;
4199 4268
4200 4269 done:
4201 4270 zonecfg_fini_handle(handle);
4202 4271 zonecfg_release_lock_file(target_zone, lockfd);
4203 4272
4204 4273 /*
4205 4274 * Clean up the file system based on how things went. We either
4206 4275 * clean up the new zonepath if the operation failed for some reason
4207 4276 * or we clean up the old zonepath if everything is ok.
4208 4277 */
4209 4278 if (revert) {
4210 4279 /*
4211 4280 * Check for the unlikely scenario in which the zone's
4212 4281 * zonepath and its root file system moved but libzonecfg
4213 4282 * couldn't save the new zonepath to the zone's configuration
4214 4283 * file. The mounted root filesystem must be unmounted before
4215 4284 * zoneadm restores the zone's zonepath.
4216 4285 */
4217 4286 if (root_fs_mounted && zone_unmount_rootfs(&mounts,
4218 4287 new_zonepath, B_TRUE) != 0) {
4219 4288 /*
4220 4289 * We can't forcibly unmount the zone's root file system
4221 4290 * from the new zonepath. Bail!
4222 4291 */
4223 4292 zerror(gettext("fatal error: cannot unmount %s/root\n"),
4224 4293 new_zonepath);
4225 4294 goto err_and_mounts_destroy;
4226 4295 }
4227 4296
4228 4297 /* The zonecfg update failed, cleanup the new zonepath. */
4229 4298 if (is_zfs) {
4230 4299 if (move_zfs(new_zonepath, zonepath) == Z_ERR) {
4231 4300 (void) fprintf(stderr, gettext("could not "
4232 4301 "restore zonepath, the zfs mountpoint is "
4233 4302 "set as:\n%s\n"), new_zonepath);
4234 4303 /*
4235 4304 * err is already != Z_OK since we're reverting
4236 4305 */
4237 4306 } else {
4238 4307 (void) zone_mount_rootfs(&mounts, zonepath);
4239 4308 }
4240 4309 } else if (fast) {
4241 4310 if (rename(new_zonepath, zonepath) != 0) {
4242 4311 zperror(gettext("could not restore zonepath"),
4243 4312 B_FALSE);
4244 4313 /*
4245 4314 * err is already != Z_OK since we're reverting
4246 4315 */
4247 4316 } else {
4248 4317 (void) zone_mount_rootfs(&mounts, zonepath);
4249 4318 }
4250 4319 } else {
4251 4320 (void) printf(gettext("Cleaning up zonepath %s..."),
4252 4321 new_zonepath);
4253 4322 (void) fflush(stdout);
4254 4323 err = cleanup_zonepath(new_zonepath, B_TRUE);
4255 4324 (void) printf("\n");
4256 4325
4257 4326 if (err != Z_OK) {
4258 4327 errno = err;
4259 4328 zperror(gettext("could not remove new "
4260 4329 "zonepath"), B_TRUE);
4261 4330 } else {
4262 4331 /*
4263 4332 * Because we're reverting we know the mainline
4264 4333 * code failed but we just reused the err
4265 4334 * variable so we reset it back to Z_ERR.
4266 4335 */
4267 4336 err = Z_ERR;
4268 4337 }
4269 4338
4270 4339 (void) zone_mount_rootfs(&mounts, zonepath);
4271 4340 }
4272 4341 } else {
4273 4342 /* The move was successful, cleanup the old zonepath. */
4274 4343 if (!is_zfs && !fast) {
4275 4344 (void) printf(
4276 4345 gettext("Cleaning up zonepath %s..."), zonepath);
4277 4346 (void) fflush(stdout);
4278 4347 err = cleanup_zonepath(zonepath, B_TRUE);
4279 4348 (void) printf("\n");
4280 4349
4281 4350 if (err != Z_OK) {
4282 4351 errno = err;
4283 4352 zperror(gettext("could not remove zonepath"),
4284 4353 B_TRUE);
4285 4354 }
4286 4355 }
4287 4356 }
4288 4357
4289 4358 zone_mounts_destroy(&mounts);
4290 4359 return ((err == Z_OK) ? Z_OK : Z_ERR);
4291 4360
4292 4361 err_and_rele_lockfile:
4293 4362 zonecfg_release_lock_file(target_zone, lockfd);
4294 4363 err_and_fini_handle:
4295 4364 zonecfg_fini_handle(handle);
4296 4365 err_and_mounts_destroy:
4297 4366 zone_mounts_destroy(&mounts);
4298 4367 return (Z_ERR);
4299 4368 }
4300 4369
4301 4370 /* ARGSUSED */
4302 4371 static int
4303 4372 detach_func(int argc, char *argv[])
4304 4373 {
4305 4374 int lockfd = -1;
4306 4375 int err, arg;
4307 4376 char zonepath[MAXPATHLEN];
4308 4377 char cmdbuf[MAXPATHLEN];
4309 4378 char precmdbuf[MAXPATHLEN];
4310 4379 boolean_t execute = B_TRUE;
4311 4380 boolean_t brand_help = B_FALSE;
4312 4381 brand_handle_t bh = NULL;
4313 4382 int status;
4314 4383
4315 4384 if (zonecfg_in_alt_root()) {
4316 4385 zerror(gettext("cannot detach zone in alternate root"));
4317 4386 return (Z_ERR);
4318 4387 }
4319 4388
4320 4389 /* Check the argv string for args we handle internally */
4321 4390 optind = 0;
4322 4391 opterr = 0;
4323 4392 while ((arg = getopt(argc, argv, "?n")) != EOF) {
4324 4393 switch (arg) {
4325 4394 case '?':
4326 4395 if (optopt == '?') {
4327 4396 sub_usage(SHELP_DETACH, CMD_DETACH);
4328 4397 brand_help = B_TRUE;
4329 4398 }
4330 4399 /* Ignore unknown options - may be brand specific. */
4331 4400 break;
4332 4401 case 'n':
4333 4402 execute = B_FALSE;
4334 4403 break;
4335 4404 default:
4336 4405 /* Ignore unknown options - may be brand specific. */
4337 4406 break;
4338 4407 }
4339 4408 }
4340 4409
4341 4410 if (brand_help)
4342 4411 execute = B_FALSE;
4343 4412
4344 4413 if (execute) {
4345 4414 if (sanity_check(target_zone, CMD_DETACH, B_FALSE, B_TRUE,
4346 4415 B_FALSE) != Z_OK)
4347 4416 return (Z_ERR);
4348 4417 if (verify_details(CMD_DETACH, argv) != Z_OK)
4349 4418 return (Z_ERR);
4350 4419 } else {
4351 4420 /*
4352 4421 * We want a dry-run to work for a non-privileged user so we
4353 4422 * only do minimal validation.
4354 4423 */
4355 4424 if (target_zone == NULL) {
4356 4425 zerror(gettext("no zone specified"));
4357 4426 return (Z_ERR);
4358 4427 }
4359 4428
4360 4429 if (strcmp(target_zone, GLOBAL_ZONENAME) == 0) {
4361 4430 zerror(gettext("%s operation is invalid for the "
4362 4431 "global zone."), cmd_to_str(CMD_DETACH));
4363 4432 return (Z_ERR);
4364 4433 }
4365 4434 }
4366 4435
4367 4436 if ((err = zone_get_zonepath(target_zone, zonepath, sizeof (zonepath)))
4368 4437 != Z_OK) {
4369 4438 errno = err;
4370 4439 zperror2(target_zone, gettext("could not get zone path"));
4371 4440 return (Z_ERR);
4372 4441 }
4373 4442
4374 4443 /* Fetch the detach and predetach hooks from the brand configuration. */
4375 4444 if ((bh = brand_open(target_brand)) == NULL) {
4376 4445 zerror(gettext("missing or invalid brand"));
4377 4446 return (Z_ERR);
4378 4447 }
4379 4448
4380 4449 if (get_hook(bh, cmdbuf, sizeof (cmdbuf), brand_get_detach, target_zone,
4381 4450 zonepath) != Z_OK) {
4382 4451 zerror("invalid brand configuration: missing detach resource");
4383 4452 brand_close(bh);
4384 4453 return (Z_ERR);
4385 4454 }
4386 4455
4387 4456 if (get_hook(bh, precmdbuf, sizeof (precmdbuf), brand_get_predetach,
4388 4457 target_zone, zonepath) != Z_OK) {
4389 4458 zerror("invalid brand configuration: missing predetach "
4390 4459 "resource");
4391 4460 brand_close(bh);
4392 4461 return (Z_ERR);
4393 4462 }
4394 4463 brand_close(bh);
4395 4464
4396 4465 /* Append all options to predetach hook. */
4397 4466 if (addoptions(precmdbuf, argv, sizeof (precmdbuf)) != Z_OK)
4398 4467 return (Z_ERR);
4399 4468
4400 4469 /* Append all options to detach hook. */
4401 4470 if (addoptions(cmdbuf, argv, sizeof (cmdbuf)) != Z_OK)
4402 4471 return (Z_ERR);
4403 4472
4404 4473 if (execute && zonecfg_grab_lock_file(target_zone, &lockfd) != Z_OK) {
4405 4474 zerror(gettext("another %s may have an operation in progress."),
4406 4475 "zoneadm");
4407 4476 return (Z_ERR);
4408 4477 }
4409 4478
4410 4479 /* If we have a brand predetach hook, run it. */
4411 4480 if (!brand_help && precmdbuf[0] != '\0') {
4412 4481 status = do_subproc(precmdbuf);
4413 4482 if (subproc_status(gettext("brand-specific predetach"),
4414 4483 status, B_FALSE) != ZONE_SUBPROC_OK) {
4415 4484
4416 4485 if (execute) {
4417 4486 assert(lockfd >= 0);
4418 4487 zonecfg_release_lock_file(target_zone, lockfd);
4419 4488 lockfd = -1;
4420 4489 }
4421 4490
4422 4491 assert(lockfd == -1);
4423 4492 return (Z_ERR);
4424 4493 }
4425 4494 }
4426 4495
4427 4496 if (cmdbuf[0] != '\0') {
4428 4497 /* Run the detach hook */
4429 4498 status = do_subproc(cmdbuf);
4430 4499 if ((status = subproc_status(gettext("brand-specific detach"),
4431 4500 status, B_FALSE)) != ZONE_SUBPROC_OK) {
4432 4501 if (status == ZONE_SUBPROC_USAGE && !brand_help)
4433 4502 sub_usage(SHELP_DETACH, CMD_DETACH);
4434 4503
4435 4504 if (execute) {
4436 4505 assert(lockfd >= 0);
4437 4506 zonecfg_release_lock_file(target_zone, lockfd);
4438 4507 lockfd = -1;
4439 4508 }
4440 4509
4441 4510 assert(lockfd == -1);
4442 4511 return (Z_ERR);
4443 4512 }
4444 4513
4445 4514 } else {
4446 4515 zone_dochandle_t handle;
4447 4516
4448 4517 /* If just help, we're done since there is no brand help. */
4449 4518 if (brand_help) {
4450 4519 assert(lockfd == -1);
4451 4520 return (Z_OK);
4452 4521 }
4453 4522
4454 4523 /*
4455 4524 * Run the built-in detach support. Just generate a simple
4456 4525 * zone definition XML file and detach.
4457 4526 */
4458 4527
4459 4528 /* Don't detach the zone if anything is still mounted there */
4460 4529 if (execute && zonecfg_find_mounts(zonepath, NULL, NULL)) {
4461 4530 (void) fprintf(stderr, gettext("These file systems are "
4462 4531 "mounted on subdirectories of %s.\n"), zonepath);
4463 4532 (void) zonecfg_find_mounts(zonepath, zfm_print, NULL);
4464 4533 err = ZONE_SUBPROC_NOTCOMPLETE;
4465 4534 goto done;
4466 4535 }
4467 4536
4468 4537 if ((handle = zonecfg_init_handle()) == NULL) {
4469 4538 zperror(cmd_to_str(CMD_DETACH), B_TRUE);
4470 4539 err = ZONE_SUBPROC_NOTCOMPLETE;
4471 4540 goto done;
4472 4541 }
4473 4542
4474 4543 if ((err = zonecfg_get_handle(target_zone, handle)) != Z_OK) {
4475 4544 errno = err;
4476 4545 zperror(cmd_to_str(CMD_DETACH), B_TRUE);
4477 4546
4478 4547 } else if ((err = zonecfg_detach_save(handle,
4479 4548 (execute ? 0 : ZONE_DRY_RUN))) != Z_OK) {
4480 4549 errno = err;
4481 4550 zperror(gettext("saving the detach manifest failed"),
4482 4551 B_TRUE);
4483 4552 }
4484 4553
4485 4554 zonecfg_fini_handle(handle);
4486 4555 if (err != Z_OK)
4487 4556 goto done;
4488 4557 }
4489 4558
4490 4559 /*
4491 4560 * Set the zone state back to configured unless we are running with the
4492 4561 * no-execute option.
4493 4562 */
4494 4563 if (execute && (err = zone_set_state(target_zone,
4495 4564 ZONE_STATE_CONFIGURED)) != Z_OK) {
4496 4565 errno = err;
4497 4566 zperror(gettext("could not reset state"), B_TRUE);
4498 4567 }
4499 4568
4500 4569 done:
4501 4570 if (execute) {
4502 4571 assert(lockfd >= 0);
4503 4572 zonecfg_release_lock_file(target_zone, lockfd);
4504 4573 lockfd = -1;
4505 4574 }
4506 4575
4507 4576 assert(lockfd == -1);
4508 4577 return ((err == Z_OK) ? Z_OK : Z_ERR);
4509 4578 }
4510 4579
4511 4580 /*
4512 4581 * Determine the brand when doing a dry-run attach. The zone does not have to
4513 4582 * exist, so we have to read the incoming manifest to determine the zone's
4514 4583 * brand.
4515 4584 *
4516 4585 * Because the manifest has to be processed twice; once to determine the brand
4517 4586 * and once to do the brand-specific attach logic, we always read it into a tmp
4518 4587 * file. This handles the manifest coming from stdin or a regular file. The
4519 4588 * tmpname parameter returns the name of the temporary file that the manifest
4520 4589 * was read into.
4521 4590 */
4522 4591 static int
4523 4592 dryrun_get_brand(char *manifest_path, char *tmpname, int size)
4524 4593 {
4525 4594 int fd;
4526 4595 int err;
4527 4596 int res = Z_OK;
4528 4597 zone_dochandle_t local_handle;
4529 4598 zone_dochandle_t rem_handle = NULL;
4530 4599 int len;
4531 4600 int ofd;
4532 4601 char buf[512];
4533 4602
4534 4603 if (strcmp(manifest_path, "-") == 0) {
4535 4604 fd = STDIN_FILENO;
4536 4605 } else {
4537 4606 if ((fd = open(manifest_path, O_RDONLY)) < 0) {
4538 4607 if (getcwd(buf, sizeof (buf)) == NULL)
4539 4608 (void) strlcpy(buf, "/", sizeof (buf));
4540 4609 zerror(gettext("could not open manifest path %s%s: %s"),
4541 4610 (*manifest_path == '/' ? "" : buf), manifest_path,
4542 4611 strerror(errno));
4543 4612 return (Z_ERR);
4544 4613 }
4545 4614 }
4546 4615
4547 4616 (void) snprintf(tmpname, size, "/var/run/zone.%d", getpid());
4548 4617
4549 4618 if ((ofd = open(tmpname, O_WRONLY | O_CREAT, S_IRUSR | S_IWUSR)) < 0) {
4550 4619 zperror(gettext("could not save manifest"), B_FALSE);
4551 4620 (void) close(fd);
4552 4621 return (Z_ERR);
4553 4622 }
4554 4623
4555 4624 while ((len = read(fd, buf, sizeof (buf))) > 0) {
4556 4625 if (write(ofd, buf, len) == -1) {
4557 4626 zperror(gettext("could not save manifest"), B_FALSE);
4558 4627 (void) close(ofd);
4559 4628 (void) close(fd);
4560 4629 return (Z_ERR);
4561 4630 }
4562 4631 }
4563 4632
4564 4633 if (close(ofd) != 0) {
4565 4634 zperror(gettext("could not save manifest"), B_FALSE);
4566 4635 (void) close(fd);
4567 4636 return (Z_ERR);
4568 4637 }
4569 4638
4570 4639 (void) close(fd);
4571 4640
4572 4641 if ((fd = open(tmpname, O_RDONLY)) < 0) {
4573 4642 zperror(gettext("could not open manifest path"), B_FALSE);
4574 4643 return (Z_ERR);
4575 4644 }
4576 4645
4577 4646 if ((local_handle = zonecfg_init_handle()) == NULL) {
4578 4647 zperror(cmd_to_str(CMD_ATTACH), B_TRUE);
4579 4648 res = Z_ERR;
4580 4649 goto done;
4581 4650 }
4582 4651
4583 4652 if ((rem_handle = zonecfg_init_handle()) == NULL) {
4584 4653 zperror(cmd_to_str(CMD_ATTACH), B_TRUE);
4585 4654 res = Z_ERR;
4586 4655 goto done;
4587 4656 }
4588 4657
4589 4658 if ((err = zonecfg_attach_manifest(fd, local_handle, rem_handle))
4590 4659 != Z_OK) {
4591 4660 res = Z_ERR;
4592 4661
4593 4662 if (err == Z_INVALID_DOCUMENT) {
4594 4663 struct stat st;
4595 4664 char buf[6];
4596 4665
4597 4666 if (strcmp(manifest_path, "-") == 0) {
4598 4667 zerror(gettext("Input is not a valid XML "
4599 4668 "file"));
4600 4669 goto done;
4601 4670 }
4602 4671
4603 4672 if (fstat(fd, &st) == -1 || !S_ISREG(st.st_mode)) {
4604 4673 zerror(gettext("%s is not an XML file"),
4605 4674 manifest_path);
4606 4675 goto done;
4607 4676 }
4608 4677
4609 4678 bzero(buf, sizeof (buf));
4610 4679 (void) lseek(fd, 0L, SEEK_SET);
4611 4680 if (read(fd, buf, sizeof (buf) - 1) < 0 ||
4612 4681 strncmp(buf, "<?xml", 5) != 0)
4613 4682 zerror(gettext("%s is not an XML file"),
4614 4683 manifest_path);
4615 4684 else
4616 4685 zerror(gettext("Cannot attach to an earlier "
4617 4686 "release of the operating system"));
4618 4687 } else {
4619 4688 zperror(cmd_to_str(CMD_ATTACH), B_TRUE);
4620 4689 }
4621 4690 goto done;
4622 4691 }
4623 4692
4624 4693 /* Retrieve remote handle brand type. */
4625 4694 if (zonecfg_get_brand(rem_handle, target_brand, sizeof (target_brand))
4626 4695 != Z_OK) {
4627 4696 zerror(gettext("missing or invalid brand"));
4628 4697 exit(Z_ERR);
4629 4698 }
4630 4699
4631 4700 done:
4632 4701 zonecfg_fini_handle(local_handle);
4633 4702 zonecfg_fini_handle(rem_handle);
4634 4703 (void) close(fd);
4635 4704
4636 4705 return ((res == Z_OK) ? Z_OK : Z_ERR);
4637 4706 }
4638 4707
4639 4708 /* ARGSUSED */
4640 4709 static int
4641 4710 attach_func(int argc, char *argv[])
4642 4711 {
4643 4712 int lockfd = -1;
4644 4713 int err, arg;
4645 4714 boolean_t force = B_FALSE;
4646 4715 zone_dochandle_t handle;
4647 4716 char zonepath[MAXPATHLEN];
4648 4717 char cmdbuf[MAXPATHLEN];
4649 4718 char postcmdbuf[MAXPATHLEN];
4650 4719 boolean_t execute = B_TRUE;
4651 4720 boolean_t brand_help = B_FALSE;
4652 4721 char *manifest_path;
4653 4722 char tmpmanifest[80];
4654 4723 int manifest_pos;
4655 4724 brand_handle_t bh = NULL;
4656 4725 int status;
4657 4726 int last_index = 0;
4658 4727 int offset;
4659 4728 char *up;
4660 4729 boolean_t forced_update = B_FALSE;
4661 4730
4662 4731 if (zonecfg_in_alt_root()) {
4663 4732 zerror(gettext("cannot attach zone in alternate root"));
4664 4733 return (Z_ERR);
4665 4734 }
4666 4735
4667 4736 /* Check the argv string for args we handle internally */
4668 4737 optind = 0;
4669 4738 opterr = 0;
4670 4739 while ((arg = getopt(argc, argv, "?Fn:U")) != EOF) {
4671 4740 switch (arg) {
4672 4741 case '?':
4673 4742 if (optopt == '?') {
4674 4743 sub_usage(SHELP_ATTACH, CMD_ATTACH);
4675 4744 brand_help = B_TRUE;
4676 4745 }
4677 4746 /* Ignore unknown options - may be brand specific. */
4678 4747 break;
4679 4748 case 'F':
4680 4749 force = B_TRUE;
4681 4750 break;
4682 4751 case 'n':
4683 4752 execute = B_FALSE;
4684 4753 manifest_path = optarg;
4685 4754 manifest_pos = optind - 1;
4686 4755 break;
4687 4756 case 'U':
4688 4757 /*
4689 4758 * Undocumented 'force update' option for p2v update on
4690 4759 * attach when zone is in the incomplete state. Change
4691 4760 * the option back to 'u' and set forced_update flag.
4692 4761 */
4693 4762 if (optind == last_index)
4694 4763 offset = optind;
4695 4764 else
4696 4765 offset = optind - 1;
4697 4766 if ((up = index(argv[offset], 'U')) != NULL)
4698 4767 *up = 'u';
4699 4768 forced_update = B_TRUE;
4700 4769 break;
4701 4770 default:
4702 4771 /* Ignore unknown options - may be brand specific. */
4703 4772 break;
4704 4773 }
4705 4774 last_index = optind;
4706 4775 }
4707 4776
4708 4777 if (brand_help) {
4709 4778 force = B_FALSE;
4710 4779 execute = B_TRUE;
4711 4780 }
4712 4781
4713 4782 /* dry-run and force flags are mutually exclusive */
4714 4783 if (!execute && force) {
4715 4784 zerror(gettext("-F and -n flags are mutually exclusive"));
4716 4785 return (Z_ERR);
4717 4786 }
4718 4787
4719 4788 /*
4720 4789 * If the no-execute option was specified, we don't do validation and
4721 4790 * need to figure out the brand, since there is no zone required to be
4722 4791 * configured for this option.
4723 4792 */
4724 4793 if (execute) {
4725 4794 if (!brand_help) {
4726 4795 if (sanity_check(target_zone, CMD_ATTACH, B_FALSE,
4727 4796 B_TRUE, forced_update) != Z_OK)
4728 4797 return (Z_ERR);
4729 4798 if (verify_details(CMD_ATTACH, argv) != Z_OK)
4730 4799 return (Z_ERR);
4731 4800 }
4732 4801
4733 4802 if ((err = zone_get_zonepath(target_zone, zonepath,
4734 4803 sizeof (zonepath))) != Z_OK) {
4735 4804 errno = err;
4736 4805 zperror2(target_zone,
4737 4806 gettext("could not get zone path"));
4738 4807 return (Z_ERR);
4739 4808 }
4740 4809 } else {
4741 4810 if (dryrun_get_brand(manifest_path, tmpmanifest,
4742 4811 sizeof (tmpmanifest)) != Z_OK)
4743 4812 return (Z_ERR);
4744 4813
4745 4814 argv[manifest_pos] = tmpmanifest;
4746 4815 target_zone = "-";
4747 4816 (void) strlcpy(zonepath, "-", sizeof (zonepath));
4748 4817
4749 4818 /* Run the brand's verify_adm hook. */
4750 4819 if (verify_brand(NULL, CMD_ATTACH, argv) != Z_OK)
4751 4820 return (Z_ERR);
4752 4821 }
4753 4822
4754 4823 /*
4755 4824 * Fetch the attach and postattach hooks from the brand configuration.
4756 4825 */
4757 4826 if ((bh = brand_open(target_brand)) == NULL) {
4758 4827 zerror(gettext("missing or invalid brand"));
4759 4828 return (Z_ERR);
4760 4829 }
4761 4830
4762 4831 if (get_hook(bh, cmdbuf, sizeof (cmdbuf), brand_get_attach, target_zone,
4763 4832 zonepath) != Z_OK) {
4764 4833 zerror("invalid brand configuration: missing attach resource");
4765 4834 brand_close(bh);
4766 4835 return (Z_ERR);
4767 4836 }
4768 4837
4769 4838 if (get_hook(bh, postcmdbuf, sizeof (postcmdbuf), brand_get_postattach,
4770 4839 target_zone, zonepath) != Z_OK) {
4771 4840 zerror("invalid brand configuration: missing postattach "
4772 4841 "resource");
4773 4842 brand_close(bh);
4774 4843 return (Z_ERR);
4775 4844 }
4776 4845 brand_close(bh);
4777 4846
4778 4847 /* Append all options to attach hook. */
4779 4848 if (addoptions(cmdbuf, argv, sizeof (cmdbuf)) != Z_OK)
4780 4849 return (Z_ERR);
4781 4850
4782 4851 /* Append all options to postattach hook. */
4783 4852 if (addoptions(postcmdbuf, argv, sizeof (postcmdbuf)) != Z_OK)
4784 4853 return (Z_ERR);
4785 4854
4786 4855 if (execute && !brand_help) {
4787 4856 if (zonecfg_grab_lock_file(target_zone, &lockfd) != Z_OK) {
4788 4857 zerror(gettext("another %s may have an operation in "
4789 4858 "progress."), "zoneadm");
4790 4859 return (Z_ERR);
4791 4860 }
4792 4861 }
4793 4862
4794 4863 if (!force) {
4795 4864 /*
4796 4865 * Not a force-attach, so we need to actually do the work.
4797 4866 */
4798 4867 if (cmdbuf[0] != '\0') {
4799 4868 /* Run the attach hook */
4800 4869 status = do_subproc(cmdbuf);
4801 4870 if ((status = subproc_status(gettext("brand-specific "
4802 4871 "attach"), status, B_FALSE)) != ZONE_SUBPROC_OK) {
4803 4872 if (status == ZONE_SUBPROC_USAGE && !brand_help)
4804 4873 sub_usage(SHELP_ATTACH, CMD_ATTACH);
4805 4874
4806 4875 if (execute && !brand_help) {
4807 4876 assert(zonecfg_lock_file_held(&lockfd));
4808 4877 zonecfg_release_lock_file(target_zone,
4809 4878 lockfd);
4810 4879 lockfd = -1;
4811 4880 }
4812 4881
4813 4882 assert(lockfd == -1);
4814 4883 return (Z_ERR);
4815 4884 }
4816 4885 }
4817 4886
4818 4887 /*
4819 4888 * Else run the built-in attach support.
4820 4889 * This is a no-op since there is nothing to validate.
4821 4890 */
4822 4891
4823 4892 /* If dry-run or help, then we're done. */
4824 4893 if (!execute || brand_help) {
4825 4894 if (!execute)
4826 4895 (void) unlink(tmpmanifest);
4827 4896 assert(lockfd == -1);
4828 4897 return (Z_OK);
4829 4898 }
4830 4899 }
4831 4900
4832 4901 /* Now we can validate that the zonepath exists. */
4833 4902 if (validate_zonepath(zonepath, CMD_ATTACH) != Z_OK) {
4834 4903 (void) fprintf(stderr, gettext("could not verify zonepath %s "
4835 4904 "because of the above errors.\n"), zonepath);
4836 4905
4837 4906 assert(zonecfg_lock_file_held(&lockfd));
4838 4907 zonecfg_release_lock_file(target_zone, lockfd);
4839 4908 return (Z_ERR);
4840 4909 }
4841 4910
4842 4911 if ((handle = zonecfg_init_handle()) == NULL) {
4843 4912 zperror(cmd_to_str(CMD_ATTACH), B_TRUE);
4844 4913 err = Z_ERR;
4845 4914 } else if ((err = zonecfg_get_handle(target_zone, handle)) != Z_OK) {
4846 4915 errno = err;
4847 4916 zperror(cmd_to_str(CMD_ATTACH), B_TRUE);
4848 4917 zonecfg_fini_handle(handle);
4849 4918 } else {
4850 4919 zonecfg_rm_detached(handle, force);
4851 4920 zonecfg_fini_handle(handle);
4852 4921 }
4853 4922
4854 4923 if (err == Z_OK &&
4855 4924 (err = zone_set_state(target_zone, ZONE_STATE_INSTALLED)) != Z_OK) {
4856 4925 errno = err;
4857 4926 zperror(gettext("could not reset state"), B_TRUE);
4858 4927 }
4859 4928
4860 4929 assert(zonecfg_lock_file_held(&lockfd));
4861 4930 zonecfg_release_lock_file(target_zone, lockfd);
4862 4931 lockfd = -1;
4863 4932
4864 4933 /* If we have a brand postattach hook, run it. */
4865 4934 if (err == Z_OK && !force && postcmdbuf[0] != '\0') {
4866 4935 status = do_subproc(postcmdbuf);
4867 4936 if (subproc_status(gettext("brand-specific postattach"),
4868 4937 status, B_FALSE) != ZONE_SUBPROC_OK) {
4869 4938 if ((err = zone_set_state(target_zone,
4870 4939 ZONE_STATE_CONFIGURED)) != Z_OK) {
4871 4940 errno = err;
4872 4941 zperror(gettext("could not reset state"),
4873 4942 B_TRUE);
4874 4943 }
4875 4944 }
4876 4945 }
4877 4946
4878 4947 assert(lockfd == -1);
4879 4948 return ((err == Z_OK) ? Z_OK : Z_ERR);
4880 4949 }
4881 4950
4882 4951 /*
4883 4952 * On input, TRUE => yes, FALSE => no.
4884 4953 * On return, TRUE => 1, FALSE => 0, could not ask => -1.
4885 4954 */
4886 4955
4887 4956 static int
4888 4957 ask_yesno(boolean_t default_answer, const char *question)
4889 4958 {
4890 4959 char line[64]; /* should be large enough to answer yes or no */
4891 4960
4892 4961 if (!isatty(STDIN_FILENO))
4893 4962 return (-1);
4894 4963 for (;;) {
4895 4964 (void) printf("%s (%s)? ", question,
4896 4965 default_answer ? "[y]/n" : "y/[n]");
4897 4966 if (fgets(line, sizeof (line), stdin) == NULL ||
4898 4967 line[0] == '\n')
4899 4968 return (default_answer ? 1 : 0);
4900 4969 if (tolower(line[0]) == 'y')
4901 4970 return (1);
4902 4971 if (tolower(line[0]) == 'n')
4903 4972 return (0);
4904 4973 }
4905 4974 }
4906 4975
4907 4976 /* ARGSUSED */
4908 4977 static int
4909 4978 uninstall_func(int argc, char *argv[])
4910 4979 {
4911 4980 char line[ZONENAME_MAX + 128]; /* Enough for "Are you sure ..." */
4912 4981 char rootpath[MAXPATHLEN], zonepath[MAXPATHLEN];
4913 4982 char cmdbuf[MAXPATHLEN];
4914 4983 char precmdbuf[MAXPATHLEN];
4915 4984 boolean_t force = B_FALSE;
4916 4985 int lockfd, answer;
4917 4986 int err, arg;
4918 4987 boolean_t brand_help = B_FALSE;
4919 4988 brand_handle_t bh = NULL;
4920 4989 int status;
4921 4990
4922 4991 if (zonecfg_in_alt_root()) {
4923 4992 zerror(gettext("cannot uninstall zone in alternate root"));
4924 4993 return (Z_ERR);
4925 4994 }
4926 4995
4927 4996 /* Check the argv string for args we handle internally */
4928 4997 optind = 0;
4929 4998 opterr = 0;
4930 4999 while ((arg = getopt(argc, argv, "?F")) != EOF) {
4931 5000 switch (arg) {
4932 5001 case '?':
4933 5002 if (optopt == '?') {
4934 5003 sub_usage(SHELP_UNINSTALL, CMD_UNINSTALL);
4935 5004 brand_help = B_TRUE;
4936 5005 }
4937 5006 /* Ignore unknown options - may be brand specific. */
4938 5007 break;
4939 5008 case 'F':
4940 5009 force = B_TRUE;
4941 5010 break;
4942 5011 default:
4943 5012 /* Ignore unknown options - may be brand specific. */
4944 5013 break;
4945 5014 }
4946 5015 }
4947 5016
4948 5017 if (!brand_help) {
4949 5018 if (sanity_check(target_zone, CMD_UNINSTALL, B_FALSE, B_TRUE,
4950 5019 B_FALSE) != Z_OK)
4951 5020 return (Z_ERR);
4952 5021
4953 5022 /*
4954 5023 * Invoke brand-specific handler.
4955 5024 */
4956 5025 if (invoke_brand_handler(CMD_UNINSTALL, argv) != Z_OK)
4957 5026 return (Z_ERR);
4958 5027
4959 5028 if (!force) {
4960 5029 (void) snprintf(line, sizeof (line),
4961 5030 gettext("Are you sure you want to %s zone %s"),
4962 5031 cmd_to_str(CMD_UNINSTALL), target_zone);
4963 5032 if ((answer = ask_yesno(B_FALSE, line)) == 0) {
4964 5033 return (Z_OK);
4965 5034 } else if (answer == -1) {
4966 5035 zerror(gettext("Input not from terminal and -F "
4967 5036 "not specified: %s not done."),
4968 5037 cmd_to_str(CMD_UNINSTALL));
4969 5038 return (Z_ERR);
4970 5039 }
4971 5040 }
4972 5041 }
4973 5042
4974 5043 if ((err = zone_get_zonepath(target_zone, zonepath,
4975 5044 sizeof (zonepath))) != Z_OK) {
4976 5045 errno = err;
4977 5046 zperror2(target_zone, gettext("could not get zone path"));
4978 5047 return (Z_ERR);
4979 5048 }
4980 5049
4981 5050 /*
4982 5051 * Fetch the uninstall and preuninstall hooks from the brand
4983 5052 * configuration.
4984 5053 */
4985 5054 if ((bh = brand_open(target_brand)) == NULL) {
4986 5055 zerror(gettext("missing or invalid brand"));
4987 5056 return (Z_ERR);
4988 5057 }
4989 5058
4990 5059 if (get_hook(bh, cmdbuf, sizeof (cmdbuf), brand_get_uninstall,
4991 5060 target_zone, zonepath) != Z_OK) {
4992 5061 zerror("invalid brand configuration: missing uninstall "
4993 5062 "resource");
4994 5063 brand_close(bh);
4995 5064 return (Z_ERR);
4996 5065 }
4997 5066
4998 5067 if (get_hook(bh, precmdbuf, sizeof (precmdbuf), brand_get_preuninstall,
4999 5068 target_zone, zonepath) != Z_OK) {
5000 5069 zerror("invalid brand configuration: missing preuninstall "
5001 5070 "resource");
5002 5071 brand_close(bh);
5003 5072 return (Z_ERR);
5004 5073 }
5005 5074 brand_close(bh);
5006 5075
5007 5076 /* Append all options to preuninstall hook. */
5008 5077 if (addoptions(precmdbuf, argv, sizeof (precmdbuf)) != Z_OK)
5009 5078 return (Z_ERR);
5010 5079
5011 5080 /* Append all options to uninstall hook. */
5012 5081 if (addoptions(cmdbuf, argv, sizeof (cmdbuf)) != Z_OK)
5013 5082 return (Z_ERR);
5014 5083
5015 5084 if (!brand_help) {
5016 5085 if ((err = zone_get_rootpath(target_zone, rootpath,
5017 5086 sizeof (rootpath))) != Z_OK) {
5018 5087 errno = err;
5019 5088 zperror2(target_zone, gettext("could not get root "
5020 5089 "path"));
5021 5090 return (Z_ERR);
|
↓ open down ↓ |
1943 lines elided |
↑ open up ↑ |
5022 5091 }
5023 5092
5024 5093 /*
5025 5094 * If there seems to be a zoneadmd running for this zone, call
5026 5095 * it to tell it that an uninstall is happening; if all goes
5027 5096 * well it will then shut itself down.
5028 5097 */
5029 5098 if (zonecfg_ping_zoneadmd(target_zone) == Z_OK) {
5030 5099 zone_cmd_arg_t zarg;
5031 5100 zarg.cmd = Z_NOTE_UNINSTALLING;
5032 - zarg.debug = B_FALSE;
5033 5101 /* we don't care too much if this fails, just plow on */
5034 5102 (void) zonecfg_call_zoneadmd(target_zone, &zarg, locale,
5035 5103 B_TRUE);
5036 5104 }
5037 5105
5038 5106 if (zonecfg_grab_lock_file(target_zone, &lockfd) != Z_OK) {
5039 5107 zerror(gettext("another %s may have an operation in "
5040 5108 "progress."), "zoneadm");
5041 5109 return (Z_ERR);
5042 5110 }
5043 5111
5044 5112 /* Don't uninstall the zone if anything is mounted there */
5045 5113 err = zonecfg_find_mounts(rootpath, NULL, NULL);
5046 5114 if (err) {
5047 5115 zerror(gettext("These file systems are mounted on "
5048 5116 "subdirectories of %s.\n"), rootpath);
5049 5117 (void) zonecfg_find_mounts(rootpath, zfm_print, NULL);
5050 5118 zonecfg_release_lock_file(target_zone, lockfd);
5051 5119 return (Z_ERR);
5052 5120 }
5053 5121 }
5054 5122
5055 5123 /* If we have a brand preuninstall hook, run it. */
5056 5124 if (!brand_help && precmdbuf[0] != '\0') {
5057 5125 status = do_subproc(precmdbuf);
5058 5126 if (subproc_status(gettext("brand-specific preuninstall"),
5059 5127 status, B_FALSE) != ZONE_SUBPROC_OK) {
5060 5128 zonecfg_release_lock_file(target_zone, lockfd);
5061 5129 return (Z_ERR);
5062 5130 }
5063 5131 }
5064 5132
5065 5133 if (!brand_help) {
5066 5134 err = zone_set_state(target_zone, ZONE_STATE_INCOMPLETE);
5067 5135 if (err != Z_OK) {
5068 5136 errno = err;
5069 5137 zperror2(target_zone, gettext("could not set state"));
5070 5138 goto bad;
5071 5139 }
5072 5140 }
5073 5141
5074 5142 /*
5075 5143 * If there is a brand uninstall hook, use it, otherwise use the
5076 5144 * built-in uninstall code.
5077 5145 */
5078 5146 if (cmdbuf[0] != '\0') {
5079 5147 /* Run the uninstall hook */
5080 5148 status = do_subproc(cmdbuf);
5081 5149 if ((status = subproc_status(gettext("brand-specific "
5082 5150 "uninstall"), status, B_FALSE)) != ZONE_SUBPROC_OK) {
5083 5151 if (status == ZONE_SUBPROC_USAGE && !brand_help)
5084 5152 sub_usage(SHELP_UNINSTALL, CMD_UNINSTALL);
5085 5153 if (!brand_help)
5086 5154 zonecfg_release_lock_file(target_zone, lockfd);
5087 5155 return (Z_ERR);
5088 5156 }
5089 5157
5090 5158 if (brand_help)
5091 5159 return (Z_OK);
5092 5160 } else {
5093 5161 /* If just help, we're done since there is no brand help. */
5094 5162 if (brand_help)
5095 5163 return (Z_OK);
5096 5164
5097 5165 /* Run the built-in uninstall support. */
5098 5166 if ((err = cleanup_zonepath(zonepath, B_FALSE)) != Z_OK) {
5099 5167 errno = err;
5100 5168 zperror2(target_zone, gettext("cleaning up zonepath "
5101 5169 "failed"));
5102 5170 goto bad;
5103 5171 }
5104 5172 }
5105 5173
5106 5174 err = zone_set_state(target_zone, ZONE_STATE_CONFIGURED);
5107 5175 if (err != Z_OK) {
5108 5176 errno = err;
5109 5177 zperror2(target_zone, gettext("could not reset state"));
5110 5178 }
5111 5179 bad:
5112 5180 zonecfg_release_lock_file(target_zone, lockfd);
5113 5181 return (err);
5114 5182 }
5115 5183
5116 5184 /* ARGSUSED */
5117 5185 static int
5118 5186 mount_func(int argc, char *argv[])
5119 5187 {
5120 5188 zone_cmd_arg_t zarg;
5121 5189 boolean_t force = B_FALSE;
5122 5190 int arg;
5123 5191
5124 5192 /*
5125 5193 * The only supported subargument to the "mount" subcommand is
5126 5194 * "-f", which forces us to mount a zone in the INCOMPLETE state.
5127 5195 */
5128 5196 optind = 0;
5129 5197 if ((arg = getopt(argc, argv, "f")) != EOF) {
5130 5198 switch (arg) {
5131 5199 case 'f':
5132 5200 force = B_TRUE;
5133 5201 break;
5134 5202 default:
5135 5203 return (Z_USAGE);
5136 5204 }
5137 5205 }
|
↓ open down ↓ |
95 lines elided |
↑ open up ↑ |
5138 5206 if (argc > optind)
5139 5207 return (Z_USAGE);
5140 5208
5141 5209 if (sanity_check(target_zone, CMD_MOUNT, B_FALSE, B_FALSE, force)
5142 5210 != Z_OK)
5143 5211 return (Z_ERR);
5144 5212 if (verify_details(CMD_MOUNT, argv) != Z_OK)
5145 5213 return (Z_ERR);
5146 5214
5147 5215 zarg.cmd = force ? Z_FORCEMOUNT : Z_MOUNT;
5148 - zarg.debug = B_FALSE;
5149 5216 zarg.bootbuf[0] = '\0';
5150 5217 if (zonecfg_call_zoneadmd(target_zone, &zarg, locale, B_TRUE) != 0) {
5151 5218 zerror(gettext("call to %s failed"), "zoneadmd");
5152 5219 return (Z_ERR);
5153 5220 }
5154 5221 return (Z_OK);
5155 5222 }
5156 5223
5157 5224 /* ARGSUSED */
5158 5225 static int
5159 5226 unmount_func(int argc, char *argv[])
|
↓ open down ↓ |
1 lines elided |
↑ open up ↑ |
5160 5227 {
5161 5228 zone_cmd_arg_t zarg;
5162 5229
5163 5230 if (argc > 0)
5164 5231 return (Z_USAGE);
5165 5232 if (sanity_check(target_zone, CMD_UNMOUNT, B_FALSE, B_FALSE, B_FALSE)
5166 5233 != Z_OK)
5167 5234 return (Z_ERR);
5168 5235
5169 5236 zarg.cmd = Z_UNMOUNT;
5170 - zarg.debug = B_FALSE;
5171 5237 if (zonecfg_call_zoneadmd(target_zone, &zarg, locale, B_TRUE) != 0) {
5172 5238 zerror(gettext("call to %s failed"), "zoneadmd");
5173 5239 return (Z_ERR);
5174 5240 }
5175 5241 return (Z_OK);
5176 5242 }
5177 5243
5178 5244 static int
5179 5245 mark_func(int argc, char *argv[])
5180 5246 {
5181 5247 int err, lockfd;
5182 5248 int arg;
5183 5249 boolean_t force = B_FALSE;
5184 5250 int state;
5185 5251
5186 5252 optind = 0;
5187 5253 opterr = 0;
5188 5254 while ((arg = getopt(argc, argv, "F")) != EOF) {
5189 5255 switch (arg) {
5190 5256 case 'F':
5191 5257 force = B_TRUE;
5192 5258 break;
5193 5259 default:
5194 5260 return (Z_USAGE);
5195 5261 }
5196 5262 }
5197 5263
5198 5264 if (argc != (optind + 1))
5199 5265 return (Z_USAGE);
5200 5266
5201 5267 if (strcmp(argv[optind], "configured") == 0)
5202 5268 state = ZONE_STATE_CONFIGURED;
5203 5269 else if (strcmp(argv[optind], "incomplete") == 0)
5204 5270 state = ZONE_STATE_INCOMPLETE;
5205 5271 else if (strcmp(argv[optind], "installed") == 0)
5206 5272 state = ZONE_STATE_INSTALLED;
5207 5273 else
5208 5274 return (Z_USAGE);
5209 5275
5210 5276 if (state != ZONE_STATE_INCOMPLETE && !force)
5211 5277 return (Z_USAGE);
5212 5278
5213 5279 if (sanity_check(target_zone, CMD_MARK, B_FALSE, B_TRUE, B_FALSE)
5214 5280 != Z_OK)
5215 5281 return (Z_ERR);
5216 5282
5217 5283 /*
5218 5284 * Invoke brand-specific handler.
5219 5285 */
5220 5286 if (invoke_brand_handler(CMD_MARK, argv) != Z_OK)
5221 5287 return (Z_ERR);
5222 5288
5223 5289 if (zonecfg_grab_lock_file(target_zone, &lockfd) != Z_OK) {
5224 5290 zerror(gettext("another %s may have an operation in progress."),
5225 5291 "zoneadm");
5226 5292 return (Z_ERR);
5227 5293 }
5228 5294
5229 5295 err = zone_set_state(target_zone, state);
5230 5296 if (err != Z_OK) {
5231 5297 errno = err;
5232 5298 zperror2(target_zone, gettext("could not set state"));
5233 5299 }
5234 5300 zonecfg_release_lock_file(target_zone, lockfd);
5235 5301
5236 5302 return (err);
5237 5303 }
5238 5304
5239 5305 /*
5240 5306 * Check what scheduling class we're running under and print a warning if
5241 5307 * we're not using FSS.
5242 5308 */
5243 5309 static int
5244 5310 check_sched_fss(zone_dochandle_t handle)
5245 5311 {
5246 5312 char class_name[PC_CLNMSZ];
5247 5313
5248 5314 if (zonecfg_get_dflt_sched_class(handle, class_name,
5249 5315 sizeof (class_name)) != Z_OK) {
5250 5316 zerror(gettext("WARNING: unable to determine the zone's "
5251 5317 "scheduling class"));
5252 5318 } else if (strcmp("FSS", class_name) != 0) {
5253 5319 zerror(gettext("WARNING: The zone.cpu-shares rctl is set but\n"
5254 5320 "FSS is not the default scheduling class for this zone. "
5255 5321 "FSS will be\nused for processes in the zone but to get "
5256 5322 "the full benefit of FSS,\nit should be the default "
5257 5323 "scheduling class. See dispadmin(1M) for\nmore details."));
5258 5324 return (Z_SYSTEM);
5259 5325 }
5260 5326
5261 5327 return (Z_OK);
5262 5328 }
5263 5329
5264 5330 static int
5265 5331 check_cpu_shares_sched(zone_dochandle_t handle)
5266 5332 {
5267 5333 int err;
5268 5334 int res = Z_OK;
5269 5335 struct zone_rctltab rctl;
5270 5336
5271 5337 if ((err = zonecfg_setrctlent(handle)) != Z_OK) {
5272 5338 errno = err;
5273 5339 zperror(cmd_to_str(CMD_APPLY), B_TRUE);
5274 5340 return (err);
5275 5341 }
5276 5342
5277 5343 while (zonecfg_getrctlent(handle, &rctl) == Z_OK) {
5278 5344 if (strcmp(rctl.zone_rctl_name, "zone.cpu-shares") == 0) {
5279 5345 if (check_sched_fss(handle) != Z_OK)
5280 5346 res = Z_SYSTEM;
5281 5347 break;
5282 5348 }
5283 5349 }
5284 5350
5285 5351 (void) zonecfg_endrctlent(handle);
5286 5352
5287 5353 return (res);
5288 5354 }
5289 5355
5290 5356 /*
5291 5357 * Check if there is a mix of processes running in different pools within the
5292 5358 * zone. This is currently only going to be called for the global zone from
5293 5359 * apply_func but that could be generalized in the future.
5294 5360 */
5295 5361 static boolean_t
5296 5362 mixed_pools(zoneid_t zoneid)
5297 5363 {
5298 5364 DIR *dirp;
5299 5365 dirent_t *dent;
5300 5366 boolean_t mixed = B_FALSE;
5301 5367 boolean_t poolid_set = B_FALSE;
5302 5368 poolid_t last_poolid = 0;
5303 5369
5304 5370 if ((dirp = opendir("/proc")) == NULL) {
5305 5371 zerror(gettext("could not open /proc"));
5306 5372 return (B_FALSE);
5307 5373 }
5308 5374
5309 5375 while ((dent = readdir(dirp)) != NULL) {
5310 5376 int procfd;
5311 5377 psinfo_t ps;
5312 5378 char procpath[MAXPATHLEN];
5313 5379
5314 5380 if (dent->d_name[0] == '.')
5315 5381 continue;
5316 5382
5317 5383 (void) snprintf(procpath, sizeof (procpath), "/proc/%s/psinfo",
5318 5384 dent->d_name);
5319 5385
5320 5386 if ((procfd = open(procpath, O_RDONLY)) == -1)
5321 5387 continue;
5322 5388
5323 5389 if (read(procfd, &ps, sizeof (ps)) == sizeof (psinfo_t)) {
5324 5390 /* skip processes in other zones and system processes */
5325 5391 if (zoneid != ps.pr_zoneid || ps.pr_flag & SSYS) {
5326 5392 (void) close(procfd);
5327 5393 continue;
5328 5394 }
5329 5395
5330 5396 if (poolid_set) {
5331 5397 if (ps.pr_poolid != last_poolid)
5332 5398 mixed = B_TRUE;
5333 5399 } else {
5334 5400 last_poolid = ps.pr_poolid;
5335 5401 poolid_set = B_TRUE;
5336 5402 }
5337 5403 }
5338 5404
5339 5405 (void) close(procfd);
5340 5406
5341 5407 if (mixed)
5342 5408 break;
5343 5409 }
5344 5410
5345 5411 (void) closedir(dirp);
5346 5412
5347 5413 return (mixed);
5348 5414 }
5349 5415
5350 5416 /*
5351 5417 * Check if a persistent or temporary pool is configured for the zone.
5352 5418 * This is currently only going to be called for the global zone from
5353 5419 * apply_func but that could be generalized in the future.
5354 5420 */
5355 5421 static boolean_t
5356 5422 pool_configured(zone_dochandle_t handle)
5357 5423 {
5358 5424 int err1, err2;
5359 5425 struct zone_psettab pset_tab;
5360 5426 char poolname[MAXPATHLEN];
5361 5427
5362 5428 err1 = zonecfg_lookup_pset(handle, &pset_tab);
5363 5429 err2 = zonecfg_get_pool(handle, poolname, sizeof (poolname));
5364 5430
5365 5431 if (err1 == Z_NO_ENTRY &&
5366 5432 (err2 == Z_NO_ENTRY || (err2 == Z_OK && strlen(poolname) == 0)))
5367 5433 return (B_FALSE);
5368 5434
5369 5435 return (B_TRUE);
5370 5436 }
5371 5437
5372 5438 /*
5373 5439 * This is an undocumented interface which is currently only used to apply
5374 5440 * the global zone resource management settings when the system boots.
5375 5441 * This function does not yet properly handle updating a running system so
5376 5442 * any projects running in the zone would be trashed if this function
5377 5443 * were to run after the zone had booted. It also does not reset any
5378 5444 * rctl settings that were removed from zonecfg. There is still work to be
5379 5445 * done before we can properly support dynamically updating the resource
5380 5446 * management settings for a running zone (global or non-global). Thus, this
5381 5447 * functionality is undocumented for now.
5382 5448 */
5383 5449 /* ARGSUSED */
5384 5450 static int
5385 5451 apply_func(int argc, char *argv[])
5386 5452 {
5387 5453 int err;
5388 5454 int res = Z_OK;
5389 5455 priv_set_t *privset;
5390 5456 zoneid_t zoneid;
5391 5457 zone_dochandle_t handle;
5392 5458 uint64_t mcap;
5393 5459 char pool_err[128];
5394 5460
5395 5461 zoneid = getzoneid();
5396 5462
5397 5463 if (zonecfg_in_alt_root() || zoneid != GLOBAL_ZONEID ||
5398 5464 target_zone == NULL || strcmp(target_zone, GLOBAL_ZONENAME) != 0)
5399 5465 return (usage(B_FALSE));
5400 5466
5401 5467 if ((privset = priv_allocset()) == NULL) {
5402 5468 zerror(gettext("%s failed"), "priv_allocset");
5403 5469 return (Z_ERR);
5404 5470 }
5405 5471
5406 5472 if (getppriv(PRIV_EFFECTIVE, privset) != 0) {
5407 5473 zerror(gettext("%s failed"), "getppriv");
5408 5474 priv_freeset(privset);
5409 5475 return (Z_ERR);
5410 5476 }
5411 5477
5412 5478 if (priv_isfullset(privset) == B_FALSE) {
5413 5479 (void) usage(B_FALSE);
5414 5480 priv_freeset(privset);
5415 5481 return (Z_ERR);
5416 5482 }
5417 5483 priv_freeset(privset);
5418 5484
5419 5485 if ((handle = zonecfg_init_handle()) == NULL) {
5420 5486 zperror(cmd_to_str(CMD_APPLY), B_TRUE);
5421 5487 return (Z_ERR);
5422 5488 }
5423 5489
5424 5490 if ((err = zonecfg_get_handle(target_zone, handle)) != Z_OK) {
5425 5491 errno = err;
5426 5492 zperror(cmd_to_str(CMD_APPLY), B_TRUE);
5427 5493 zonecfg_fini_handle(handle);
5428 5494 return (Z_ERR);
5429 5495 }
5430 5496
5431 5497 /* specific error msgs are printed within apply_rctls */
5432 5498 if ((err = zonecfg_apply_rctls(target_zone, handle)) != Z_OK) {
5433 5499 errno = err;
5434 5500 zperror(cmd_to_str(CMD_APPLY), B_TRUE);
5435 5501 res = Z_ERR;
5436 5502 }
5437 5503
5438 5504 if ((err = check_cpu_shares_sched(handle)) != Z_OK)
5439 5505 res = Z_ERR;
5440 5506
5441 5507 if (pool_configured(handle)) {
5442 5508 if (mixed_pools(zoneid)) {
5443 5509 zerror(gettext("Zone is using multiple resource "
5444 5510 "pools. The pool\nconfiguration cannot be "
5445 5511 "applied without rebooting."));
5446 5512 res = Z_ERR;
5447 5513 } else {
5448 5514
5449 5515 /*
5450 5516 * The next two blocks of code attempt to set up
5451 5517 * temporary pools as well as persistent pools. In
5452 5518 * both cases we call the functions unconditionally.
5453 5519 * Within each funtion the code will check if the zone
5454 5520 * is actually configured for a temporary pool or
5455 5521 * persistent pool and just return if there is nothing
5456 5522 * to do.
5457 5523 */
5458 5524 if ((err = zonecfg_bind_tmp_pool(handle, zoneid,
5459 5525 pool_err, sizeof (pool_err))) != Z_OK) {
5460 5526 if (err == Z_POOL || err == Z_POOL_CREATE ||
5461 5527 err == Z_POOL_BIND)
5462 5528 zerror("%s: %s", zonecfg_strerror(err),
5463 5529 pool_err);
5464 5530 else
5465 5531 zerror(gettext("could not bind zone to "
5466 5532 "temporary pool: %s"),
5467 5533 zonecfg_strerror(err));
5468 5534 res = Z_ERR;
5469 5535 }
5470 5536
5471 5537 if ((err = zonecfg_bind_pool(handle, zoneid, pool_err,
5472 5538 sizeof (pool_err))) != Z_OK) {
5473 5539 if (err == Z_POOL || err == Z_POOL_BIND)
5474 5540 zerror("%s: %s", zonecfg_strerror(err),
5475 5541 pool_err);
5476 5542 else
5477 5543 zerror("%s", zonecfg_strerror(err));
5478 5544 }
5479 5545 }
5480 5546 }
5481 5547
5482 5548 /*
5483 5549 * If a memory cap is configured, make sure the rcapd SMF service is
5484 5550 * enabled.
5485 5551 */
5486 5552 if (zonecfg_get_aliased_rctl(handle, ALIAS_MAXPHYSMEM, &mcap) == Z_OK) {
5487 5553 char smf_err[128];
5488 5554
5489 5555 if (zonecfg_enable_rcapd(smf_err, sizeof (smf_err)) != Z_OK) {
5490 5556 zerror(gettext("enabling system/rcap service failed: "
5491 5557 "%s"), smf_err);
5492 5558 res = Z_ERR;
5493 5559 }
5494 5560 }
5495 5561
5496 5562 zonecfg_fini_handle(handle);
5497 5563
5498 5564 return (res);
5499 5565 }
5500 5566
5501 5567 /*
5502 5568 * This is an undocumented interface that is invoked by the zones SMF service
5503 5569 * for installed zones that won't automatically boot.
5504 5570 */
5505 5571 /* ARGSUSED */
5506 5572 static int
5507 5573 sysboot_func(int argc, char *argv[])
5508 5574 {
5509 5575 int err;
5510 5576 zone_dochandle_t zone_handle;
5511 5577 brand_handle_t brand_handle;
5512 5578 char cmdbuf[MAXPATHLEN];
5513 5579 char zonepath[MAXPATHLEN];
5514 5580
5515 5581 /*
5516 5582 * This subcommand can only be executed in the global zone on non-global
5517 5583 * zones.
5518 5584 */
5519 5585 if (zonecfg_in_alt_root())
5520 5586 return (usage(B_FALSE));
5521 5587 if (sanity_check(target_zone, CMD_SYSBOOT, B_FALSE, B_TRUE, B_FALSE) !=
5522 5588 Z_OK)
5523 5589 return (Z_ERR);
5524 5590
5525 5591 /*
5526 5592 * Fetch the sysboot hook from the target zone's brand.
5527 5593 */
5528 5594 if ((zone_handle = zonecfg_init_handle()) == NULL) {
5529 5595 zperror(cmd_to_str(CMD_SYSBOOT), B_TRUE);
5530 5596 return (Z_ERR);
5531 5597 }
5532 5598 if ((err = zonecfg_get_handle(target_zone, zone_handle)) != Z_OK) {
5533 5599 errno = err;
5534 5600 zperror(cmd_to_str(CMD_SYSBOOT), B_TRUE);
5535 5601 zonecfg_fini_handle(zone_handle);
5536 5602 return (Z_ERR);
5537 5603 }
5538 5604 if ((err = zonecfg_get_zonepath(zone_handle, zonepath,
5539 5605 sizeof (zonepath))) != Z_OK) {
5540 5606 errno = err;
5541 5607 zperror(cmd_to_str(CMD_SYSBOOT), B_TRUE);
5542 5608 zonecfg_fini_handle(zone_handle);
5543 5609 return (Z_ERR);
5544 5610 }
5545 5611 if ((brand_handle = brand_open(target_brand)) == NULL) {
5546 5612 zerror(gettext("missing or invalid brand during %s operation: "
5547 5613 "%s"), cmd_to_str(CMD_SYSBOOT), target_brand);
5548 5614 zonecfg_fini_handle(zone_handle);
5549 5615 return (Z_ERR);
5550 5616 }
5551 5617 err = get_hook(brand_handle, cmdbuf, sizeof (cmdbuf), brand_get_sysboot,
5552 5618 target_zone, zonepath);
5553 5619 brand_close(brand_handle);
5554 5620 zonecfg_fini_handle(zone_handle);
5555 5621 if (err != Z_OK) {
5556 5622 zerror(gettext("unable to get brand hook from brand %s for %s "
5557 5623 "operation"), target_brand, cmd_to_str(CMD_SYSBOOT));
5558 5624 return (Z_ERR);
5559 5625 }
5560 5626
5561 5627 /*
5562 5628 * If the hook wasn't defined (which is OK), then indicate success and
5563 5629 * return. Otherwise, execute the hook.
5564 5630 */
5565 5631 if (cmdbuf[0] != '\0')
5566 5632 return ((subproc_status(gettext("brand sysboot operation"),
5567 5633 do_subproc(cmdbuf), B_FALSE) == ZONE_SUBPROC_OK) ? Z_OK :
5568 5634 Z_BRAND_ERROR);
5569 5635 return (Z_OK);
5570 5636 }
5571 5637
5572 5638 static int
5573 5639 help_func(int argc, char *argv[])
5574 5640 {
5575 5641 int arg, cmd_num;
5576 5642
5577 5643 if (argc == 0) {
5578 5644 (void) usage(B_TRUE);
5579 5645 return (Z_OK);
5580 5646 }
5581 5647 optind = 0;
5582 5648 if ((arg = getopt(argc, argv, "?")) != EOF) {
5583 5649 switch (arg) {
5584 5650 case '?':
5585 5651 sub_usage(SHELP_HELP, CMD_HELP);
5586 5652 return (optopt == '?' ? Z_OK : Z_USAGE);
5587 5653 default:
5588 5654 sub_usage(SHELP_HELP, CMD_HELP);
5589 5655 return (Z_USAGE);
5590 5656 }
5591 5657 }
5592 5658 while (optind < argc) {
5593 5659 /* Private commands have NULL short_usage; omit them */
5594 5660 if ((cmd_num = cmd_match(argv[optind])) < 0 ||
5595 5661 cmdtab[cmd_num].short_usage == NULL) {
5596 5662 sub_usage(SHELP_HELP, CMD_HELP);
5597 5663 return (Z_USAGE);
5598 5664 }
5599 5665 sub_usage(cmdtab[cmd_num].short_usage, cmd_num);
5600 5666 optind++;
5601 5667 }
5602 5668 return (Z_OK);
5603 5669 }
5604 5670
5605 5671 /*
5606 5672 * Returns: CMD_MIN thru CMD_MAX on success, -1 on error
5607 5673 */
5608 5674
5609 5675 static int
5610 5676 cmd_match(char *cmd)
5611 5677 {
5612 5678 int i;
5613 5679
5614 5680 for (i = CMD_MIN; i <= CMD_MAX; i++) {
5615 5681 /* return only if there is an exact match */
5616 5682 if (strcmp(cmd, cmdtab[i].cmd_name) == 0)
5617 5683 return (cmdtab[i].cmd_num);
5618 5684 }
5619 5685 return (-1);
5620 5686 }
5621 5687
5622 5688 static int
5623 5689 parse_and_run(int argc, char *argv[])
5624 5690 {
5625 5691 int i = cmd_match(argv[0]);
5626 5692
5627 5693 if (i < 0)
5628 5694 return (usage(B_FALSE));
5629 5695 return (cmdtab[i].handler(argc - 1, &(argv[1])));
5630 5696 }
5631 5697
5632 5698 static char *
5633 5699 get_execbasename(char *execfullname)
5634 5700 {
5635 5701 char *last_slash, *execbasename;
5636 5702
5637 5703 /* guard against '/' at end of command invocation */
5638 5704 for (;;) {
5639 5705 last_slash = strrchr(execfullname, '/');
5640 5706 if (last_slash == NULL) {
5641 5707 execbasename = execfullname;
5642 5708 break;
5643 5709 } else {
5644 5710 execbasename = last_slash + 1;
5645 5711 if (*execbasename == '\0') {
5646 5712 *last_slash = '\0';
5647 5713 continue;
5648 5714 }
5649 5715 break;
5650 5716 }
5651 5717 }
5652 5718 return (execbasename);
5653 5719 }
5654 5720
5655 5721 static char *
5656 5722 get_username()
5657 5723 {
5658 5724 uid_t uid;
5659 5725 struct passwd *nptr;
5660 5726
5661 5727
5662 5728 /*
5663 5729 * Authorizations are checked to restrict access based on the
5664 5730 * requested operation and zone name, It is assumed that the
5665 5731 * program is running with all privileges, but that the real
5666 5732 * user ID is that of the user or role on whose behalf we are
5667 5733 * operating. So we start by getting the username that will be
5668 5734 * used for subsequent authorization checks.
5669 5735 */
5670 5736
5671 5737 uid = getuid();
5672 5738 if ((nptr = getpwuid(uid)) == NULL) {
5673 5739 zerror(gettext("could not get user name."));
5674 5740 exit(Z_ERR);
5675 5741 }
5676 5742 return (nptr->pw_name);
5677 5743 }
5678 5744
5679 5745 int
5680 5746 main(int argc, char **argv)
5681 5747 {
5682 5748 int arg;
5683 5749 zoneid_t zid;
5684 5750 struct stat st;
5685 5751 char *zone_lock_env;
5686 5752 int err;
5687 5753
5688 5754 if ((locale = setlocale(LC_ALL, "")) == NULL)
5689 5755 locale = "C";
5690 5756 (void) textdomain(TEXT_DOMAIN);
5691 5757 setbuf(stdout, NULL);
5692 5758 (void) sigset(SIGHUP, SIG_IGN);
5693 5759 execname = get_execbasename(argv[0]);
5694 5760 username = get_username();
5695 5761 target_zone = NULL;
5696 5762 if (chdir("/") != 0) {
5697 5763 zerror(gettext("could not change directory to /."));
5698 5764 exit(Z_ERR);
5699 5765 }
5700 5766
5701 5767 /*
5702 5768 * Use the default system mask rather than anything that may have been
5703 5769 * set by the caller.
5704 5770 */
5705 5771 (void) umask(CMASK);
5706 5772
5707 5773 if (init_zfs() != Z_OK)
5708 5774 exit(Z_ERR);
5709 5775
5710 5776 while ((arg = getopt(argc, argv, "?u:z:R:")) != EOF) {
5711 5777 switch (arg) {
5712 5778 case '?':
5713 5779 return (usage(B_TRUE));
5714 5780 case 'u':
5715 5781 target_uuid = optarg;
5716 5782 break;
5717 5783 case 'z':
5718 5784 target_zone = optarg;
5719 5785 break;
5720 5786 case 'R': /* private option for admin/install use */
5721 5787 if (*optarg != '/') {
5722 5788 zerror(gettext("root path must be absolute."));
5723 5789 exit(Z_ERR);
5724 5790 }
5725 5791 if (stat(optarg, &st) == -1 || !S_ISDIR(st.st_mode)) {
5726 5792 zerror(
5727 5793 gettext("root path must be a directory."));
5728 5794 exit(Z_ERR);
5729 5795 }
5730 5796 zonecfg_set_root(optarg);
5731 5797 break;
5732 5798 default:
5733 5799 return (usage(B_FALSE));
5734 5800 }
5735 5801 }
5736 5802
5737 5803 if (optind >= argc)
5738 5804 return (usage(B_FALSE));
5739 5805
5740 5806 if (target_uuid != NULL && *target_uuid != '\0') {
5741 5807 uuid_t uuid;
5742 5808 static char newtarget[ZONENAME_MAX];
5743 5809
5744 5810 if (uuid_parse(target_uuid, uuid) == -1) {
5745 5811 zerror(gettext("illegal UUID value specified"));
5746 5812 exit(Z_ERR);
5747 5813 }
5748 5814 if (zonecfg_get_name_by_uuid(uuid, newtarget,
5749 5815 sizeof (newtarget)) == Z_OK)
5750 5816 target_zone = newtarget;
5751 5817 }
5752 5818
5753 5819 if (target_zone != NULL && zone_get_id(target_zone, &zid) != 0) {
5754 5820 errno = Z_NO_ZONE;
5755 5821 zperror(target_zone, B_TRUE);
5756 5822 exit(Z_ERR);
5757 5823 }
5758 5824
5759 5825 /*
5760 5826 * See if we have inherited the right to manipulate this zone from
5761 5827 * a zoneadm instance in our ancestry. If so, set zone_lock_cnt to
5762 5828 * indicate it. If not, make that explicit in our environment.
5763 5829 */
5764 5830 zonecfg_init_lock_file(target_zone, &zone_lock_env);
5765 5831
5766 5832 /* Figure out what the system's default brand is */
5767 5833 if (zonecfg_default_brand(default_brand,
5768 5834 sizeof (default_brand)) != Z_OK) {
5769 5835 zerror(gettext("unable to determine default brand"));
5770 5836 return (Z_ERR);
5771 5837 }
5772 5838
5773 5839 /*
5774 5840 * If we are going to be operating on a single zone, retrieve its
5775 5841 * brand type and determine whether it is native or not.
5776 5842 */
5777 5843 if ((target_zone != NULL) &&
5778 5844 (strcmp(target_zone, GLOBAL_ZONENAME) != 0)) {
5779 5845 if (zone_get_brand(target_zone, target_brand,
5780 5846 sizeof (target_brand)) != Z_OK) {
5781 5847 zerror(gettext("missing or invalid brand"));
5782 5848 exit(Z_ERR);
5783 5849 }
5784 5850 /*
5785 5851 * In the alternate root environment, the only supported
5786 5852 * operations are mount and unmount. In this case, just treat
5787 5853 * the zone as native if it is cluster. Cluster zones can be
5788 5854 * native for the purpose of LU or upgrade, and the cluster
5789 5855 * brand may not exist in the miniroot (such as in net install
5790 5856 * upgrade).
5791 5857 */
5792 5858 if (strcmp(target_brand, CLUSTER_BRAND_NAME) == 0) {
5793 5859 if (zonecfg_in_alt_root()) {
5794 5860 (void) strlcpy(target_brand, default_brand,
5795 5861 sizeof (target_brand));
5796 5862 }
5797 5863 }
5798 5864 }
5799 5865
5800 5866 err = parse_and_run(argc - optind, &argv[optind]);
5801 5867
5802 5868 return (err);
5803 5869 }
|
↓ open down ↓ |
623 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX