1 /* libguestfs - the guestfsd daemon
2 * Copyright (C) 2009-2010 Red Hat Inc.
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; either version 2 of the License, or
7 * (at your option) any later version.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
21 #define _BSD_SOURCE /* for daemon(3) */
31 #include <rpc/types.h>
34 #include <sys/param.h>
35 #include <sys/types.h>
40 #include <sys/select.h>
42 #include <arpa/inet.h>
43 #include <netinet/in.h>
52 #include "ignore-value.h"
57 static char *read_cmdline (void);
60 # define MAX(a,b) ((a)>(b)?(a):(b))
63 /* Not the end of the world if this open flag is not defined. */
68 /* If root device is an ext2 filesystem, this is the major and minor.
69 * This is so we can ignore this device from the point of view of the
70 * user, eg. in guestfs_list_devices and many other places.
72 static dev_t root_device = 0;
76 static int print_shell_quote (FILE *stream, const struct printf_info *info, const void *const *args);
77 static int print_sysroot_shell_quote (FILE *stream, const struct printf_info *info, const void *const *args);
78 #ifdef HAVE_REGISTER_PRINTF_SPECIFIER
79 static int print_arginfo (const struct printf_info *info, size_t n, int *argtypes, int *size);
81 #ifdef HAVE_REGISTER_PRINTF_FUNCTION
82 static int print_arginfo (const struct printf_info *info, size_t n, int *argtypes);
84 #error "HAVE_REGISTER_PRINTF_{SPECIFIER|FUNCTION} not defined"
90 daemon (int nochdir, int noclose)
93 "On Windows the daemon does not support forking into the "
94 "background.\nYou *must* run the daemon with the -f option.\n");
105 /* http://msdn2.microsoft.com/en-us/library/ms742213.aspx */
106 r = gl_sockets_startup (SOCKETS_2_2);
107 return r == 0 ? 0 : -1;
117 /* Location to mount root device. */
118 const char *sysroot = "/sysroot"; /* No trailing slash. */
121 /* Not used explicitly, but required by the gnulib 'error' module. */
122 const char *program_name = "guestfsd";
128 "guestfsd [-f|--foreground] [-v|--verbose]\n");
132 main (int argc, char *argv[])
134 static const char *options = "fv?";
135 static const struct option long_options[] = {
136 { "foreground", 0, 0, 'f' },
137 { "help", 0, 0, '?' },
138 { "verbose", 0, 0, 'v' },
145 ignore_value (chdir ("/"));
147 if (winsock_init () == -1)
148 error (EXIT_FAILURE, 0, "winsock initialization failed");
150 #ifdef HAVE_REGISTER_PRINTF_SPECIFIER
151 /* http://udrepper.livejournal.com/20948.html */
152 register_printf_specifier ('Q', print_shell_quote, print_arginfo);
153 register_printf_specifier ('R', print_sysroot_shell_quote, print_arginfo);
155 #ifdef HAVE_REGISTER_PRINTF_FUNCTION
156 register_printf_function ('Q', print_shell_quote, print_arginfo);
157 register_printf_function ('R', print_sysroot_shell_quote, print_arginfo);
159 #error "HAVE_REGISTER_PRINTF_{SPECIFIER|FUNCTION} not defined"
164 if (stat ("/", &statbuf) == 0)
165 root_device = statbuf.st_dev;
168 c = getopt_long (argc, argv, options, long_options, NULL);
185 fprintf (stderr, "guestfsd: unexpected command line option 0x%x\n", c);
195 cmdline = read_cmdline ();
197 /* Set the verbose flag. */
199 (cmdline && strstr (cmdline, "guestfs_verbose=1") != NULL);
201 printf ("verbose daemon enabled\n");
205 printf ("linux commmand line: %s\n", cmdline);
207 printf ("could not read linux command line\n");
211 /* Make sure SIGPIPE doesn't kill us. */
213 memset (&sa, 0, sizeof sa);
214 sa.sa_handler = SIG_IGN;
216 if (sigaction (SIGPIPE, &sa, NULL) == -1)
217 perror ("sigaction SIGPIPE"); /* but try to continue anyway ... */
221 # define setenv(n,v,f) _putenv(n "=" v)
223 /* Set up a basic environment. After we are called by /init the
224 * environment is essentially empty.
225 * https://bugzilla.redhat.com/show_bug.cgi?id=502074#c5
227 * NOTE: if you change $PATH, you must also change 'prog_exists'
230 setenv ("PATH", "/sbin:/usr/sbin:/bin:/usr/bin", 1);
231 setenv ("SHELL", "/bin/sh", 1);
232 setenv ("LC_ALL", "C", 1);
233 setenv ("TERM", "dumb", 1);
236 /* We document that umask defaults to 022 (it should be this anyway). */
239 /* This is the default for Windows anyway. It's not even clear if
240 * Windows ever uses this -- the MSDN documentation for the function
241 * contains obvious errors.
246 /* Connect to virtio-serial channel. */
247 int sock = open ("/dev/virtio-ports/org.libguestfs.channel.0",
252 "Failed to connect to virtio-serial channel.\n"
254 "This is a fatal error and the appliance will now exit.\n"
256 "Usually this error is caused by either QEMU or the appliance\n"
257 "kernel not supporting the vmchannel method that the\n"
258 "libguestfs library chose to use. Please run\n"
259 "'libguestfs-test-tool' and provide the complete, unedited\n"
260 "output to the libguestfs developers, either in a bug report\n"
261 "or on the libguestfs redhat com mailing list.\n"
263 perror ("/dev/virtio-ports/org.libguestfs.channel.0");
267 /* Send the magic length message which indicates that
268 * userspace is up inside the guest.
272 uint32_t len = GUESTFS_LAUNCH_FLAG;
273 xdrmem_create (&xdr, lenbuf, sizeof lenbuf, XDR_ENCODE);
274 xdr_u_int (&xdr, &len);
276 if (xwrite (sock, lenbuf, sizeof lenbuf) == -1) {
283 /* Fork into the background. */
285 if (daemon (0, 1) == -1) {
291 /* Enter the main loop, reading and performing actions. */
297 /* Read /proc/cmdline. */
301 int fd = open ("/proc/cmdline", O_RDONLY);
303 perror ("/proc/cmdline");
313 n = read (fd, buf, sizeof buf);
322 char *newr = realloc (r, len + n + 1); /* + 1 is for terminating NUL */
330 memcpy (&r[len], buf, n);
337 if (close (fd) == -1) {
346 /* Return true iff device is the root device (and therefore should be
347 * ignored from the point of view of user calls).
350 is_root_device (const char *device)
353 if (stat (device, &statbuf) == -1) {
357 if (statbuf.st_rdev == root_device)
362 /* Turn "/path" into "/sysroot/path".
364 * Caller must check for NULL and call reply_with_perror ("malloc")
365 * if it is. Caller must also free the string.
367 * See also the custom %R printf formatter which does shell quoting too.
370 sysroot_path (const char *path)
373 int len = strlen (path) + sysroot_len + 1;
379 snprintf (r, len, "%s%s", sysroot, path);
384 xwrite (int sock, const void *v_buf, size_t len)
387 const char *buf = v_buf;
390 r = write (sock, buf, len);
403 xread (int sock, void *v_buf, size_t len)
409 r = read (sock, buf, len);
415 fprintf (stderr, "read: unexpected end of file on fd %d\n", sock);
426 add_string (char ***argv, int *size, int *alloc, const char *str)
431 if (*size >= *alloc) {
433 new_argv = realloc (*argv, *alloc * sizeof (char *));
434 if (new_argv == NULL) {
435 reply_with_perror ("realloc");
436 free_strings (*argv);
443 new_str = strdup (str);
444 if (new_str == NULL) {
445 reply_with_perror ("strdup");
446 free_strings (*argv);
452 (*argv)[*size] = new_str;
459 count_strings (char *const *argv)
463 for (argc = 0; argv[argc] != NULL; ++argc)
468 /* http://graphics.stanford.edu/~seander/bithacks.html#DetermineIfPowerOf2 */
470 is_power_of_2 (unsigned long v)
472 return v && ((v & (v - 1)) == 0);
476 compare (const void *vp1, const void *vp2)
478 char * const *p1 = (char * const *) vp1;
479 char * const *p2 = (char * const *) vp2;
480 return strcmp (*p1, *p2);
484 sort_strings (char **argv, int len)
486 qsort (argv, len, sizeof (char *), compare);
490 free_strings (char **argv)
494 for (argc = 0; argv[argc] != NULL; ++argc)
500 free_stringslen (char **argv, int len)
504 for (i = 0; i < len; ++i)
509 /* Easy ways to run external commands. For full documentation, see
510 * 'commandrvf' below.
513 commandf (char **stdoutput, char **stderror, int flags, const char *name, ...)
520 /* Collect the command line arguments into an array. */
522 argv = malloc (sizeof (char *) * i);
527 argv[0] = (char *) name;
530 va_start (args, name);
532 while ((s = va_arg (args, char *)) != NULL) {
533 const char **p = realloc (argv, sizeof (char *) * (++i));
547 r = commandvf (stdoutput, stderror, flags, (const char * const*) argv);
549 /* NB: Mustn't free the strings which are on the stack. */
555 /* Same as 'command', but we allow the status code from the
556 * subcommand to be non-zero, and return that status code.
557 * We still return -1 if there was some other error.
560 commandrf (char **stdoutput, char **stderror, int flags, const char *name, ...)
567 /* Collect the command line arguments into an array. */
569 argv = malloc (sizeof (char *) * i);
574 argv[0] = (char *) name;
577 va_start (args, name);
579 while ((s = va_arg (args, char *)) != NULL) {
580 const char **p = realloc (argv, sizeof (char *) * (++i));
594 r = commandrvf (stdoutput, stderror, flags, argv);
596 /* NB: Mustn't free the strings which are on the stack. */
602 /* Same as 'command', but passing an argv. */
604 commandvf (char **stdoutput, char **stderror, int flags,
605 char const *const *argv)
609 r = commandrvf (stdoutput, stderror, flags, (void *) argv);
616 /* This is a more sane version of 'system(3)' for running external
617 * commands. It uses fork/execvp, so we don't need to worry about
618 * quoting of parameters, and it allows us to capture any error
619 * messages in a buffer.
621 * If stdoutput is not NULL, then *stdoutput will return the stdout
624 * If stderror is not NULL, then *stderror will return the stderr
625 * of the command. If there is a final \n character, it is removed
626 * so you can use the error string directly in a call to
631 * COMMAND_FLAG_FOLD_STDOUT_ON_STDERR: For broken external commands
632 * that send error messages to stdout (hello, parted) but that don't
633 * have any useful stdout information, use this flag to capture the
634 * error messages in the *stderror buffer. If using this flag,
635 * you should pass stdoutput as NULL because nothing could ever be
636 * captured in that buffer.
638 * COMMAND_FLAG_CHROOT_COPY_FILE_TO_STDIN: For running external
639 * commands on chrooted files correctly (see RHBZ#579608) specifying
640 * this flag causes another process to be forked which chroots into
641 * sysroot and just copies the input file to stdin of the specified
642 * command. The file descriptor is ORed with the flags, and that file
643 * descriptor is always closed by this function. See hexdump.c for an
647 commandrvf (char **stdoutput, char **stderror, int flags,
648 char const* const *argv)
650 int so_size = 0, se_size = 0;
651 int so_fd[2], se_fd[2];
652 int flag_copy_stdin = flags & COMMAND_FLAG_CHROOT_COPY_FILE_TO_STDIN;
653 int stdin_fd[2] = { -1, -1 };
654 pid_t pid, stdin_pid = -1;
660 if (stdoutput) *stdoutput = NULL;
661 if (stderror) *stderror = NULL;
664 printf ("%s", argv[0]);
665 for (i = 1; argv[i] != NULL; ++i)
666 printf (" %s", argv[i]);
670 /* Note: abort is used in a few places along the error paths early
671 * in this function. This is because (a) cleaning up correctly is
672 * very complex at these places and (b) abort is used when a
673 * resource problems is indicated which would be due to much more
674 * serious issues - eg. memory or file descriptor leaks. We
675 * wouldn't expect fork(2) or pipe(2) to fail in normal
679 if (pipe (so_fd) == -1 || pipe (se_fd) == -1) {
680 error (0, errno, "pipe");
684 if (flag_copy_stdin) {
685 if (pipe (stdin_fd) == -1) {
686 error (0, errno, "pipe");
693 error (0, errno, "fork");
697 if (pid == 0) { /* Child process running the command. */
698 signal (SIGPIPE, SIG_DFL);
700 if (flag_copy_stdin) {
701 dup2 (stdin_fd[0], 0);
705 /* Set stdin to /dev/null (ignore failure) */
706 open ("/dev/null", O_RDONLY);
710 if (!(flags & COMMAND_FLAG_FOLD_STDOUT_ON_STDERR))
718 execvp (argv[0], (void *) argv);
720 _exit (EXIT_FAILURE);
723 if (flag_copy_stdin) {
724 int fd = flags & COMMAND_FLAG_FD_MASK;
727 if (stdin_pid == -1) {
728 error (0, errno, "fork");
732 if (stdin_pid == 0) { /* Child process copying stdin. */
739 dup2 (stdin_fd[1], 1);
743 if (chroot (sysroot) == -1) {
745 _exit (EXIT_FAILURE);
750 while ((n = read (fd, buffer, sizeof buffer)) > 0) {
751 if (xwrite (1, buffer, n) == -1)
752 /* EPIPE error indicates the command process has exited
753 * early. If the command process fails that will be caught
754 * by the daemon, and if not, then it's not an error.
756 _exit (errno == EPIPE ? EXIT_SUCCESS : EXIT_FAILURE);
761 _exit (EXIT_FAILURE);
764 if (close (fd) == -1) {
766 _exit (EXIT_FAILURE);
769 _exit (EXIT_SUCCESS);
777 /* Parent process. */
782 FD_SET (so_fd[0], &rset);
783 FD_SET (se_fd[0], &rset);
789 r = select (MAX (so_fd[0], se_fd[0]) + 1, &rset2, NULL, NULL, NULL);
802 /* Need to return non-NULL *stderror here since most callers
803 * will try to print and then free the err string.
804 * Unfortunately recovery from strdup failure here is not
807 *stderror = strdup ("error running external command, "
808 "see debug output for details");
812 waitpid (pid, NULL, 0);
813 if (stdin_pid >= 0) waitpid (stdin_pid, NULL, 0);
817 if (FD_ISSET (so_fd[0], &rset2)) { /* something on stdout */
818 r = read (so_fd[0], buf, sizeof buf);
823 if (r == 0) { FD_CLR (so_fd[0], &rset); quit++; }
825 if (r > 0 && stdoutput) {
827 p = realloc (*stdoutput, so_size);
833 memcpy (*stdoutput + so_size - r, buf, r);
837 if (FD_ISSET (se_fd[0], &rset2)) { /* something on stderr */
838 r = read (se_fd[0], buf, sizeof buf);
843 if (r == 0) { FD_CLR (se_fd[0], &rset); quit++; }
847 ignore_value (write (2, buf, r));
851 p = realloc (*stderror, se_size);
857 memcpy (*stderror + se_size - r, buf, r);
866 /* Make sure the output buffers are \0-terminated. Also remove any
867 * trailing \n characters from the error buffer (not from stdout).
870 void *q = realloc (*stdoutput, so_size+1);
877 (*stdoutput)[so_size] = '\0';
880 void *q = realloc (*stderror, se_size+1);
887 (*stderror)[se_size] = '\0';
889 while (se_size >= 0 && (*stderror)[se_size] == '\n')
890 (*stderror)[se_size--] = '\0';
894 if (flag_copy_stdin) {
895 /* Check copy process didn't fail. */
896 if (waitpid (stdin_pid, &r, 0) != stdin_pid) {
899 waitpid (pid, NULL, 0);
903 if (!WIFEXITED (r) || WEXITSTATUS (r) != 0) {
904 fprintf (stderr, "failed copying from input file, see earlier messages\n");
906 waitpid (pid, NULL, 0);
911 /* Get the exit status of the command. */
912 if (waitpid (pid, &r, 0) != pid) {
918 return WEXITSTATUS (r);
923 /* Split an output string into a NULL-terminated list of lines.
924 * Typically this is used where we have run an external command
925 * which has printed out a list of things, and we want to return
928 * The corner cases here are quite tricky. Note in particular:
932 * "a\nb" -> ["a"; "b"]
933 * "a\nb\n" -> ["a"; "b"]
934 * "a\nb\n\n" -> ["a"; "b"; ""]
936 * The original string is written over and destroyed by this
937 * function (which is usually OK because it's the 'out' string
938 * from command()). You can free the original string, because
939 * add_string() strdups the strings.
942 split_lines (char *str)
945 int size = 0, alloc = 0;
953 /* Empty last line? */
957 pend = strchr (p, '\n');
963 if (add_string (&lines, &size, &alloc, p) == -1) {
971 if (add_string (&lines, &size, &alloc, NULL) == -1)
977 /* Skip leading and trailing whitespace, updating the original string
983 size_t len = strlen (str);
985 while (len > 0 && c_isspace (str[len-1])) {
991 while (*p && c_isspace (*p)) {
996 memmove (str, p, len+1);
999 /* printf helper function so we can use %Q ("quoted") and %R to print
1000 * shell-quoted strings. See guestfs(3)/EXTENDING LIBGUESTFS for more
1004 print_shell_quote (FILE *stream,
1005 const struct printf_info *info ATTRIBUTE_UNUSED,
1006 const void *const *args)
1008 #define SAFE(c) (c_isalnum((c)) || \
1009 (c) == '/' || (c) == '-' || (c) == '_' || (c) == '.')
1011 const char *str = *((const char **) (args[0]));
1013 for (i = len = 0; str[i]; ++i) {
1014 if (!SAFE(str[i])) {
1015 putc ('\\', stream);
1018 putc (str[i], stream);
1026 print_sysroot_shell_quote (FILE *stream,
1027 const struct printf_info *info,
1028 const void *const *args)
1030 fputs (sysroot, stream);
1031 return sysroot_len + print_shell_quote (stream, info, args);
1034 #ifdef HAVE_REGISTER_PRINTF_SPECIFIER
1036 print_arginfo (const struct printf_info *info ATTRIBUTE_UNUSED,
1037 size_t n, int *argtypes, int *size)
1040 argtypes[0] = PA_STRING;
1041 size[0] = sizeof (const char *);
1046 #ifdef HAVE_REGISTER_PRINTF_FUNCTION
1048 print_arginfo (const struct printf_info *info, size_t n, int *argtypes)
1051 argtypes[0] = PA_STRING;
1055 #error "HAVE_REGISTER_PRINTF_{SPECIFIER|FUNCTION} not defined"
1059 /* Perform device name translation. Don't call this directly -
1060 * use the RESOLVE_DEVICE macro.
1062 * See guestfs(3) for the algorithm.
1064 * We have to open the device and test for ENXIO, because
1065 * the device nodes themselves will exist in the appliance.
1068 device_name_translation (char *device)
1072 fd = open (device, O_RDONLY);
1079 if (errno != ENXIO && errno != ENOENT)
1082 /* If the name begins with "/dev/sd" then try the alternatives. */
1083 if (STRNEQLEN (device, "/dev/sd", 7))
1086 device[5] = 'h'; /* /dev/hd (old IDE driver) */
1087 fd = open (device, O_RDONLY);
1091 device[5] = 'v'; /* /dev/vd (for virtio devices) */
1092 fd = open (device, O_RDONLY);
1096 device[5] = 's'; /* Restore original device name. */
1100 /* Check program exists and is executable on $PATH. Actually, we
1101 * just assume PATH contains the default entries (see main() above).
1104 prog_exists (const char *prog)
1106 static const char * const dirs[] =
1107 { "/sbin", "/usr/sbin", "/bin", "/usr/bin" };
1111 for (i = 0; i < sizeof dirs / sizeof dirs[0]; ++i) {
1112 snprintf (buf, sizeof buf, "%s/%s", dirs[i], prog);
1113 if (access (buf, X_OK) == 0)
1119 /* LVM and other commands aren't synchronous, especially when udev is
1120 * involved. eg. You can create or remove some device, but the /dev
1121 * device node won't appear until some time later. This means that
1122 * you get an error if you run one command followed by another.
1124 * Use 'udevadm settle' after certain commands, but don't be too
1125 * fussed if it fails.
1127 * 'udevsettle' was the old name for this command (RHEL 5). This was
1128 * deprecated in favour of 'udevadm settle'. The old 'udevsettle'
1129 * command was left as a symlink. Then in Fedora 13 the old symlink
1130 * remained but it stopped working (RHBZ#548121), so we have to be
1131 * careful not to assume that we can use 'udevsettle' if it exists.
1136 (void) command (NULL, NULL, "udevadm", "settle", NULL);
1137 (void) command (NULL, NULL, "udevsettle", NULL);