1 /* libguestfs - the guestfsd daemon
2 * Copyright (C) 2009-2011 Red Hat Inc.
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; either version 2 of the License, or
7 * (at your option) any later version.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
29 #include <rpc/types.h>
32 #include <sys/param.h>
33 #include <sys/types.h>
38 #include <sys/select.h>
40 #include <arpa/inet.h>
41 #include <netinet/in.h>
50 #include "ignore-value.h"
55 static char *read_cmdline (void);
58 # define MAX(a,b) ((a)>(b)?(a):(b))
61 /* Not the end of the world if this open flag is not defined. */
66 /* If root device is an ext2 filesystem, this is the major and minor.
67 * This is so we can ignore this device from the point of view of the
68 * user, eg. in guestfs_list_devices and many other places.
70 static dev_t root_device = 0;
74 static int print_shell_quote (FILE *stream, const struct printf_info *info, const void *const *args);
75 static int print_sysroot_shell_quote (FILE *stream, const struct printf_info *info, const void *const *args);
76 #ifdef HAVE_REGISTER_PRINTF_SPECIFIER
77 static int print_arginfo (const struct printf_info *info, size_t n, int *argtypes, int *size);
79 #ifdef HAVE_REGISTER_PRINTF_FUNCTION
80 static int print_arginfo (const struct printf_info *info, size_t n, int *argtypes);
82 #error "HAVE_REGISTER_PRINTF_{SPECIFIER|FUNCTION} not defined"
92 /* http://msdn2.microsoft.com/en-us/library/ms742213.aspx */
93 r = gl_sockets_startup (SOCKETS_2_2);
94 return r == 0 ? 0 : -1;
104 /* Location to mount root device. */
105 const char *sysroot = "/sysroot"; /* No trailing slash. */
106 size_t sysroot_len = 8;
108 /* If set (the default), do 'umount-all' when performing autosync. */
109 int autosync_umount = 1;
111 /* Not used explicitly, but required by the gnulib 'error' module. */
112 const char *program_name = "guestfsd";
114 /* Name of the virtio-serial channel. */
115 #define VIRTIO_SERIAL_CHANNEL "/dev/virtio-ports/org.libguestfs.channel.0"
121 "guestfsd [-r] [-v|--verbose]\n");
125 main (int argc, char *argv[])
127 static const char *options = "rv?";
128 static const struct option long_options[] = {
129 { "help", 0, 0, '?' },
130 { "verbose", 0, 0, 'v' },
136 ignore_value (chdir ("/"));
138 if (winsock_init () == -1)
139 error (EXIT_FAILURE, 0, "winsock initialization failed");
141 #ifdef HAVE_REGISTER_PRINTF_SPECIFIER
142 /* http://udrepper.livejournal.com/20948.html */
143 register_printf_specifier ('Q', print_shell_quote, print_arginfo);
144 register_printf_specifier ('R', print_sysroot_shell_quote, print_arginfo);
146 #ifdef HAVE_REGISTER_PRINTF_FUNCTION
147 register_printf_function ('Q', print_shell_quote, print_arginfo);
148 register_printf_function ('R', print_sysroot_shell_quote, print_arginfo);
150 #error "HAVE_REGISTER_PRINTF_{SPECIFIER|FUNCTION} not defined"
155 if (stat ("/", &statbuf) == 0)
156 root_device = statbuf.st_dev;
159 c = getopt_long (argc, argv, options, long_options, NULL);
163 /* The -r flag is used when running standalone. It changes
164 * several aspects of the daemon.
181 fprintf (stderr, "guestfsd: unexpected command line option 0x%x\n", c);
191 cmdline = read_cmdline ();
193 /* Set the verbose flag. */
195 (cmdline && strstr (cmdline, "guestfs_verbose=1") != NULL);
197 printf ("verbose daemon enabled\n");
201 printf ("linux commmand line: %s\n", cmdline);
203 printf ("could not read linux command line\n");
207 /* Make sure SIGPIPE doesn't kill us. */
209 memset (&sa, 0, sizeof sa);
210 sa.sa_handler = SIG_IGN;
212 if (sigaction (SIGPIPE, &sa, NULL) == -1)
213 perror ("sigaction SIGPIPE"); /* but try to continue anyway ... */
217 # define setenv(n,v,f) _putenv(n "=" v)
219 /* Set up a basic environment. After we are called by /init the
220 * environment is essentially empty.
221 * https://bugzilla.redhat.com/show_bug.cgi?id=502074#c5
223 * NOTE: if you change $PATH, you must also change 'prog_exists'
226 setenv ("PATH", "/sbin:/usr/sbin:/bin:/usr/bin", 1);
227 setenv ("SHELL", "/bin/sh", 1);
228 setenv ("LC_ALL", "C", 1);
229 setenv ("TERM", "dumb", 1);
232 /* We document that umask defaults to 022 (it should be this anyway). */
235 /* This is the default for Windows anyway. It's not even clear if
236 * Windows ever uses this -- the MSDN documentation for the function
237 * contains obvious errors.
242 /* Connect to virtio-serial channel. */
243 int sock = open (VIRTIO_SERIAL_CHANNEL, O_RDWR | O_CLOEXEC);
247 "Failed to connect to virtio-serial channel.\n"
249 "This is a fatal error and the appliance will now exit.\n"
251 "Usually this error is caused by either QEMU or the appliance\n"
252 "kernel not supporting the vmchannel method that the\n"
253 "libguestfs library chose to use. Please run\n"
254 "'libguestfs-test-tool' and provide the complete, unedited\n"
255 "output to the libguestfs developers, either in a bug report\n"
256 "or on the libguestfs redhat com mailing list.\n"
258 perror (VIRTIO_SERIAL_CHANNEL);
262 /* Send the magic length message which indicates that
263 * userspace is up inside the guest.
267 uint32_t len = GUESTFS_LAUNCH_FLAG;
268 xdrmem_create (&xdr, lenbuf, sizeof lenbuf, XDR_ENCODE);
269 xdr_u_int (&xdr, &len);
271 if (xwrite (sock, lenbuf, sizeof lenbuf) == -1) {
278 /* Enter the main loop, reading and performing actions. */
284 /* Read /proc/cmdline. */
288 int fd = open ("/proc/cmdline", O_RDONLY);
290 perror ("/proc/cmdline");
300 n = read (fd, buf, sizeof buf);
309 char *newr = realloc (r, len + n + 1); /* + 1 is for terminating NUL */
317 memcpy (&r[len], buf, n);
324 if (close (fd) == -1) {
333 /* Return true iff device is the root device (and therefore should be
334 * ignored from the point of view of user calls).
337 is_root_device (const char *device)
340 if (stat (device, &statbuf) == -1) {
344 if (statbuf.st_rdev == root_device)
349 /* Turn "/path" into "/sysroot/path".
351 * Caller must check for NULL and call reply_with_perror ("malloc")
352 * if it is. Caller must also free the string.
354 * See also the custom %R printf formatter which does shell quoting too.
357 sysroot_path (const char *path)
360 int len = strlen (path) + sysroot_len + 1;
366 snprintf (r, len, "%s%s", sysroot, path);
371 xwrite (int sock, const void *v_buf, size_t len)
374 const char *buf = v_buf;
377 r = write (sock, buf, len);
390 xread (int sock, void *v_buf, size_t len)
396 r = read (sock, buf, len);
402 fprintf (stderr, "read: unexpected end of file on fd %d\n", sock);
413 add_string (char ***argv, int *size, int *alloc, const char *str)
418 if (*size >= *alloc) {
420 new_argv = realloc (*argv, *alloc * sizeof (char *));
421 if (new_argv == NULL) {
422 reply_with_perror ("realloc");
423 free_strings (*argv);
430 new_str = strdup (str);
431 if (new_str == NULL) {
432 reply_with_perror ("strdup");
433 free_strings (*argv);
439 (*argv)[*size] = new_str;
446 count_strings (char *const *argv)
450 for (argc = 0; argv[argc] != NULL; ++argc)
455 /* http://graphics.stanford.edu/~seander/bithacks.html#DetermineIfPowerOf2 */
457 is_power_of_2 (unsigned long v)
459 return v && ((v & (v - 1)) == 0);
463 compare (const void *vp1, const void *vp2)
465 char * const *p1 = (char * const *) vp1;
466 char * const *p2 = (char * const *) vp2;
467 return strcmp (*p1, *p2);
471 sort_strings (char **argv, int len)
473 qsort (argv, len, sizeof (char *), compare);
477 free_strings (char **argv)
481 for (argc = 0; argv[argc] != NULL; ++argc)
487 free_stringslen (char **argv, int len)
491 for (i = 0; i < len; ++i)
496 /* Easy ways to run external commands. For full documentation, see
497 * 'commandrvf' below.
500 commandf (char **stdoutput, char **stderror, int flags, const char *name, ...)
507 /* Collect the command line arguments into an array. */
509 argv = malloc (sizeof (char *) * i);
514 argv[0] = (char *) name;
517 va_start (args, name);
519 while ((s = va_arg (args, char *)) != NULL) {
520 const char **p = realloc (argv, sizeof (char *) * (++i));
534 r = commandvf (stdoutput, stderror, flags, (const char * const*) argv);
536 /* NB: Mustn't free the strings which are on the stack. */
542 /* Same as 'command', but we allow the status code from the
543 * subcommand to be non-zero, and return that status code.
544 * We still return -1 if there was some other error.
547 commandrf (char **stdoutput, char **stderror, int flags, const char *name, ...)
554 /* Collect the command line arguments into an array. */
556 argv = malloc (sizeof (char *) * i);
561 argv[0] = (char *) name;
564 va_start (args, name);
566 while ((s = va_arg (args, char *)) != NULL) {
567 const char **p = realloc (argv, sizeof (char *) * (++i));
581 r = commandrvf (stdoutput, stderror, flags, argv);
583 /* NB: Mustn't free the strings which are on the stack. */
589 /* Same as 'command', but passing an argv. */
591 commandvf (char **stdoutput, char **stderror, int flags,
592 char const *const *argv)
596 r = commandrvf (stdoutput, stderror, flags, (void *) argv);
603 /* This is a more sane version of 'system(3)' for running external
604 * commands. It uses fork/execvp, so we don't need to worry about
605 * quoting of parameters, and it allows us to capture any error
606 * messages in a buffer.
608 * If stdoutput is not NULL, then *stdoutput will return the stdout
611 * If stderror is not NULL, then *stderror will return the stderr
612 * of the command. If there is a final \n character, it is removed
613 * so you can use the error string directly in a call to
618 * COMMAND_FLAG_FOLD_STDOUT_ON_STDERR: For broken external commands
619 * that send error messages to stdout (hello, parted) but that don't
620 * have any useful stdout information, use this flag to capture the
621 * error messages in the *stderror buffer. If using this flag,
622 * you should pass stdoutput as NULL because nothing could ever be
623 * captured in that buffer.
625 * COMMAND_FLAG_CHROOT_COPY_FILE_TO_STDIN: For running external
626 * commands on chrooted files correctly (see RHBZ#579608) specifying
627 * this flag causes another process to be forked which chroots into
628 * sysroot and just copies the input file to stdin of the specified
629 * command. The file descriptor is ORed with the flags, and that file
630 * descriptor is always closed by this function. See hexdump.c for an
634 commandrvf (char **stdoutput, char **stderror, int flags,
635 char const* const *argv)
637 int so_size = 0, se_size = 0;
638 int so_fd[2], se_fd[2];
639 int flag_copy_stdin = flags & COMMAND_FLAG_CHROOT_COPY_FILE_TO_STDIN;
640 int stdin_fd[2] = { -1, -1 };
641 pid_t pid, stdin_pid = -1;
647 if (stdoutput) *stdoutput = NULL;
648 if (stderror) *stderror = NULL;
651 printf ("%s", argv[0]);
652 for (i = 1; argv[i] != NULL; ++i)
653 printf (" %s", argv[i]);
657 /* Note: abort is used in a few places along the error paths early
658 * in this function. This is because (a) cleaning up correctly is
659 * very complex at these places and (b) abort is used when a
660 * resource problems is indicated which would be due to much more
661 * serious issues - eg. memory or file descriptor leaks. We
662 * wouldn't expect fork(2) or pipe(2) to fail in normal
666 if (pipe (so_fd) == -1 || pipe (se_fd) == -1) {
667 error (0, errno, "pipe");
671 if (flag_copy_stdin) {
672 if (pipe (stdin_fd) == -1) {
673 error (0, errno, "pipe");
680 error (0, errno, "fork");
684 if (pid == 0) { /* Child process running the command. */
685 signal (SIGALRM, SIG_DFL);
686 signal (SIGPIPE, SIG_DFL);
688 if (flag_copy_stdin) {
689 dup2 (stdin_fd[0], 0);
693 /* Set stdin to /dev/null (ignore failure) */
694 ignore_value (open ("/dev/null", O_RDONLY));
698 if (!(flags & COMMAND_FLAG_FOLD_STDOUT_ON_STDERR))
706 execvp (argv[0], (void *) argv);
708 _exit (EXIT_FAILURE);
711 if (flag_copy_stdin) {
712 int fd = flags & COMMAND_FLAG_FD_MASK;
715 if (stdin_pid == -1) {
716 error (0, errno, "fork");
720 if (stdin_pid == 0) { /* Child process copying stdin. */
727 dup2 (stdin_fd[1], 1);
731 if (chroot (sysroot) == -1) {
733 _exit (EXIT_FAILURE);
738 while ((n = read (fd, buffer, sizeof buffer)) > 0) {
739 if (xwrite (1, buffer, n) == -1)
740 /* EPIPE error indicates the command process has exited
741 * early. If the command process fails that will be caught
742 * by the daemon, and if not, then it's not an error.
744 _exit (errno == EPIPE ? EXIT_SUCCESS : EXIT_FAILURE);
749 _exit (EXIT_FAILURE);
752 if (close (fd) == -1) {
754 _exit (EXIT_FAILURE);
757 _exit (EXIT_SUCCESS);
765 /* Parent process. */
770 FD_SET (so_fd[0], &rset);
771 FD_SET (se_fd[0], &rset);
777 r = select (MAX (so_fd[0], se_fd[0]) + 1, &rset2, NULL, NULL, NULL);
790 /* Need to return non-NULL *stderror here since most callers
791 * will try to print and then free the err string.
792 * Unfortunately recovery from strdup failure here is not
795 *stderror = strdup ("error running external command, "
796 "see debug output for details");
800 waitpid (pid, NULL, 0);
801 if (stdin_pid >= 0) waitpid (stdin_pid, NULL, 0);
805 if (FD_ISSET (so_fd[0], &rset2)) { /* something on stdout */
806 r = read (so_fd[0], buf, sizeof buf);
811 if (r == 0) { FD_CLR (so_fd[0], &rset); quit++; }
813 if (r > 0 && stdoutput) {
815 p = realloc (*stdoutput, so_size);
821 memcpy (*stdoutput + so_size - r, buf, r);
825 if (FD_ISSET (se_fd[0], &rset2)) { /* something on stderr */
826 r = read (se_fd[0], buf, sizeof buf);
831 if (r == 0) { FD_CLR (se_fd[0], &rset); quit++; }
835 ignore_value (write (2, buf, r));
839 p = realloc (*stderror, se_size);
845 memcpy (*stderror + se_size - r, buf, r);
854 /* Make sure the output buffers are \0-terminated. Also remove any
855 * trailing \n characters from the error buffer (not from stdout).
858 void *q = realloc (*stdoutput, so_size+1);
865 (*stdoutput)[so_size] = '\0';
868 void *q = realloc (*stderror, se_size+1);
875 (*stderror)[se_size] = '\0';
877 while (se_size >= 0 && (*stderror)[se_size] == '\n')
878 (*stderror)[se_size--] = '\0';
882 if (flag_copy_stdin) {
883 /* Check copy process didn't fail. */
884 if (waitpid (stdin_pid, &r, 0) != stdin_pid) {
887 waitpid (pid, NULL, 0);
891 if (!WIFEXITED (r) || WEXITSTATUS (r) != 0) {
892 fprintf (stderr, "failed copying from input file, see earlier messages\n");
894 waitpid (pid, NULL, 0);
899 /* Get the exit status of the command. */
900 if (waitpid (pid, &r, 0) != pid) {
906 return WEXITSTATUS (r);
911 /* Split an output string into a NULL-terminated list of lines.
912 * Typically this is used where we have run an external command
913 * which has printed out a list of things, and we want to return
916 * The corner cases here are quite tricky. Note in particular:
920 * "a\nb" -> ["a"; "b"]
921 * "a\nb\n" -> ["a"; "b"]
922 * "a\nb\n\n" -> ["a"; "b"; ""]
924 * The original string is written over and destroyed by this
925 * function (which is usually OK because it's the 'out' string
926 * from command()). You can free the original string, because
927 * add_string() strdups the strings.
930 split_lines (char *str)
933 int size = 0, alloc = 0;
941 /* Empty last line? */
945 pend = strchr (p, '\n');
951 if (add_string (&lines, &size, &alloc, p) == -1) {
959 if (add_string (&lines, &size, &alloc, NULL) == -1)
965 /* Skip leading and trailing whitespace, updating the original string
971 size_t len = strlen (str);
973 while (len > 0 && c_isspace (str[len-1])) {
979 while (*p && c_isspace (*p)) {
984 memmove (str, p, len+1);
987 /* printf helper function so we can use %Q ("quoted") and %R to print
988 * shell-quoted strings. See guestfs(3)/EXTENDING LIBGUESTFS for more
992 print_shell_quote (FILE *stream,
993 const struct printf_info *info ATTRIBUTE_UNUSED,
994 const void *const *args)
996 #define SAFE(c) (c_isalnum((c)) || \
997 (c) == '/' || (c) == '-' || (c) == '_' || (c) == '.')
999 const char *str = *((const char **) (args[0]));
1001 for (i = len = 0; str[i]; ++i) {
1002 if (!SAFE(str[i])) {
1003 putc ('\\', stream);
1006 putc (str[i], stream);
1014 print_sysroot_shell_quote (FILE *stream,
1015 const struct printf_info *info,
1016 const void *const *args)
1018 fputs (sysroot, stream);
1019 return sysroot_len + print_shell_quote (stream, info, args);
1022 #ifdef HAVE_REGISTER_PRINTF_SPECIFIER
1024 print_arginfo (const struct printf_info *info ATTRIBUTE_UNUSED,
1025 size_t n, int *argtypes, int *size)
1028 argtypes[0] = PA_STRING;
1029 size[0] = sizeof (const char *);
1034 #ifdef HAVE_REGISTER_PRINTF_FUNCTION
1036 print_arginfo (const struct printf_info *info, size_t n, int *argtypes)
1039 argtypes[0] = PA_STRING;
1043 #error "HAVE_REGISTER_PRINTF_{SPECIFIER|FUNCTION} not defined"
1047 /* Perform device name translation. Don't call this directly -
1048 * use the RESOLVE_DEVICE macro.
1050 * See guestfs(3) for the algorithm.
1052 * We have to open the device and test for ENXIO, because
1053 * the device nodes themselves will exist in the appliance.
1056 device_name_translation (char *device)
1060 fd = open (device, O_RDONLY);
1067 if (errno != ENXIO && errno != ENOENT)
1070 /* If the name begins with "/dev/sd" then try the alternatives. */
1071 if (STRNEQLEN (device, "/dev/sd", 7))
1074 device[5] = 'h'; /* /dev/hd (old IDE driver) */
1075 fd = open (device, O_RDONLY);
1079 device[5] = 'v'; /* /dev/vd (for virtio devices) */
1080 fd = open (device, O_RDONLY);
1084 device[5] = 's'; /* Restore original device name. */
1088 /* Check program exists and is executable on $PATH. Actually, we
1089 * just assume PATH contains the default entries (see main() above).
1092 prog_exists (const char *prog)
1094 static const char * const dirs[] =
1095 { "/sbin", "/usr/sbin", "/bin", "/usr/bin" };
1099 for (i = 0; i < sizeof dirs / sizeof dirs[0]; ++i) {
1100 snprintf (buf, sizeof buf, "%s/%s", dirs[i], prog);
1101 if (access (buf, X_OK) == 0)
1107 /* LVM and other commands aren't synchronous, especially when udev is
1108 * involved. eg. You can create or remove some device, but the /dev
1109 * device node won't appear until some time later. This means that
1110 * you get an error if you run one command followed by another.
1112 * Use 'udevadm settle' after certain commands, but don't be too
1113 * fussed if it fails.
1115 * 'udevsettle' was the old name for this command (RHEL 5). This was
1116 * deprecated in favour of 'udevadm settle'. The old 'udevsettle'
1117 * command was left as a symlink. Then in Fedora 13 the old symlink
1118 * remained but it stopped working (RHBZ#548121), so we have to be
1119 * careful not to assume that we can use 'udevsettle' if it exists.
1124 (void) command (NULL, NULL, "udevadm", "settle", NULL);
1125 (void) command (NULL, NULL, "udevsettle", NULL);