1 /* libguestfs - the guestfsd daemon
2 * Copyright (C) 2009-2010 Red Hat Inc.
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; either version 2 of the License, or
7 * (at your option) any later version.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
21 #define _BSD_SOURCE /* for daemon(3) */
31 #include <rpc/types.h>
34 #include <sys/param.h>
35 #include <sys/types.h>
40 #include <sys/select.h>
42 #include <arpa/inet.h>
43 #include <netinet/in.h>
52 #include "ignore-value.h"
57 static char *read_cmdline (void);
60 # define MAX(a,b) ((a)>(b)?(a):(b))
63 /* Not the end of the world if this open flag is not defined. */
68 /* If root device is an ext2 filesystem, this is the major and minor.
69 * This is so we can ignore this device from the point of view of the
70 * user, eg. in guestfs_list_devices and many other places.
72 static dev_t root_device = 0;
76 static int print_shell_quote (FILE *stream, const struct printf_info *info, const void *const *args);
77 static int print_sysroot_shell_quote (FILE *stream, const struct printf_info *info, const void *const *args);
78 #ifdef HAVE_REGISTER_PRINTF_SPECIFIER
79 static int print_arginfo (const struct printf_info *info, size_t n, int *argtypes, int *size);
81 #ifdef HAVE_REGISTER_PRINTF_FUNCTION
82 static int print_arginfo (const struct printf_info *info, size_t n, int *argtypes);
84 #error "HAVE_REGISTER_PRINTF_{SPECIFIER|FUNCTION} not defined"
90 daemon (int nochdir, int noclose)
93 "On Windows the daemon does not support forking into the "
94 "background.\nYou *must* run the daemon with the -f option.\n");
105 /* http://msdn2.microsoft.com/en-us/library/ms742213.aspx */
106 r = gl_sockets_startup (SOCKETS_2_2);
107 return r == 0 ? 0 : -1;
117 /* Location to mount root device. */
118 const char *sysroot = "/sysroot"; /* No trailing slash. */
121 /* If set (the default), do 'umount-all' when performing autosync. */
122 int autosync_umount = 1;
124 /* Not used explicitly, but required by the gnulib 'error' module. */
125 const char *program_name = "guestfsd";
131 "guestfsd [-f|--foreground] [-v|--verbose] [-r]\n");
135 main (int argc, char *argv[])
137 static const char *options = "frv?";
138 static const struct option long_options[] = {
139 { "foreground", 0, 0, 'f' },
140 { "help", 0, 0, '?' },
141 { "verbose", 0, 0, 'v' },
150 if (winsock_init () == -1)
151 error (EXIT_FAILURE, 0, "winsock initialization failed");
153 #ifdef HAVE_REGISTER_PRINTF_SPECIFIER
154 /* http://udrepper.livejournal.com/20948.html */
155 register_printf_specifier ('Q', print_shell_quote, print_arginfo);
156 register_printf_specifier ('R', print_sysroot_shell_quote, print_arginfo);
158 #ifdef HAVE_REGISTER_PRINTF_FUNCTION
159 register_printf_function ('Q', print_shell_quote, print_arginfo);
160 register_printf_function ('R', print_sysroot_shell_quote, print_arginfo);
162 #error "HAVE_REGISTER_PRINTF_{SPECIFIER|FUNCTION} not defined"
167 if (stat ("/", &statbuf) == 0)
168 root_device = statbuf.st_dev;
171 c = getopt_long (argc, argv, options, long_options, NULL);
179 /* The -r flag is used when running standalone. It changes
180 * several aspects of the daemon.
197 fprintf (stderr, "guestfsd: unexpected command line option 0x%x\n", c);
207 cmdline = read_cmdline ();
209 /* Set the verbose flag. */
211 (cmdline && strstr (cmdline, "guestfs_verbose=1") != NULL);
213 printf ("verbose daemon enabled\n");
217 printf ("linux commmand line: %s\n", cmdline);
219 printf ("could not read linux command line\n");
223 /* Make sure SIGPIPE doesn't kill us. */
225 memset (&sa, 0, sizeof sa);
226 sa.sa_handler = SIG_IGN;
228 if (sigaction (SIGPIPE, &sa, NULL) == -1)
229 perror ("sigaction SIGPIPE"); /* but try to continue anyway ... */
233 # define setenv(n,v,f) _putenv(n "=" v)
235 /* Set up a basic environment. After we are called by /init the
236 * environment is essentially empty.
237 * https://bugzilla.redhat.com/show_bug.cgi?id=502074#c5
239 * NOTE: if you change $PATH, you must also change 'prog_exists'
242 setenv ("PATH", "/sbin:/usr/sbin:/bin:/usr/bin", 1);
243 setenv ("SHELL", "/bin/sh", 1);
244 setenv ("LC_ALL", "C", 1);
245 setenv ("TERM", "dumb", 1);
248 /* We document that umask defaults to 022 (it should be this anyway). */
251 /* This is the default for Windows anyway. It's not even clear if
252 * Windows ever uses this -- the MSDN documentation for the function
253 * contains obvious errors.
258 /* Connect to virtio-serial channel. */
259 int sock = open ("/dev/virtio-ports/org.libguestfs.channel.0",
264 "Failed to connect to virtio-serial channel.\n"
266 "This is a fatal error and the appliance will now exit.\n"
268 "Usually this error is caused by either QEMU or the appliance\n"
269 "kernel not supporting the vmchannel method that the\n"
270 "libguestfs library chose to use. Please run\n"
271 "'libguestfs-test-tool' and provide the complete, unedited\n"
272 "output to the libguestfs developers, either in a bug report\n"
273 "or on the libguestfs redhat com mailing list.\n"
275 perror ("/dev/virtio-ports/org.libguestfs.channel.0");
279 /* Send the magic length message which indicates that
280 * userspace is up inside the guest.
284 uint32_t len = GUESTFS_LAUNCH_FLAG;
285 xdrmem_create (&xdr, lenbuf, sizeof lenbuf, XDR_ENCODE);
286 xdr_u_int (&xdr, &len);
288 if (xwrite (sock, lenbuf, sizeof lenbuf) == -1) {
295 /* Fork into the background. */
297 if (daemon (0, 1) == -1) {
303 /* Enter the main loop, reading and performing actions. */
309 /* Read /proc/cmdline. */
313 int fd = open ("/proc/cmdline", O_RDONLY);
315 perror ("/proc/cmdline");
325 n = read (fd, buf, sizeof buf);
334 char *newr = realloc (r, len + n + 1); /* + 1 is for terminating NUL */
342 memcpy (&r[len], buf, n);
349 if (close (fd) == -1) {
358 /* Return true iff device is the root device (and therefore should be
359 * ignored from the point of view of user calls).
362 is_root_device (const char *device)
365 if (stat (device, &statbuf) == -1) {
369 if (statbuf.st_rdev == root_device)
374 /* Turn "/path" into "/sysroot/path".
376 * Caller must check for NULL and call reply_with_perror ("malloc")
377 * if it is. Caller must also free the string.
379 * See also the custom %R printf formatter which does shell quoting too.
382 sysroot_path (const char *path)
385 int len = strlen (path) + sysroot_len + 1;
391 snprintf (r, len, "%s%s", sysroot, path);
396 xwrite (int sock, const void *v_buf, size_t len)
399 const char *buf = v_buf;
402 r = write (sock, buf, len);
415 xread (int sock, void *v_buf, size_t len)
421 r = read (sock, buf, len);
427 fprintf (stderr, "read: unexpected end of file on fd %d\n", sock);
438 add_string (char ***argv, int *size, int *alloc, const char *str)
443 if (*size >= *alloc) {
445 new_argv = realloc (*argv, *alloc * sizeof (char *));
446 if (new_argv == NULL) {
447 reply_with_perror ("realloc");
448 free_strings (*argv);
455 new_str = strdup (str);
456 if (new_str == NULL) {
457 reply_with_perror ("strdup");
458 free_strings (*argv);
463 (*argv)[*size] = new_str;
470 count_strings (char *const *argv)
474 for (argc = 0; argv[argc] != NULL; ++argc)
479 /* http://graphics.stanford.edu/~seander/bithacks.html#DetermineIfPowerOf2 */
481 is_power_of_2 (unsigned long v)
483 return v && ((v & (v - 1)) == 0);
487 compare (const void *vp1, const void *vp2)
489 char * const *p1 = (char * const *) vp1;
490 char * const *p2 = (char * const *) vp2;
491 return strcmp (*p1, *p2);
495 sort_strings (char **argv, int len)
497 qsort (argv, len, sizeof (char *), compare);
501 free_strings (char **argv)
505 for (argc = 0; argv[argc] != NULL; ++argc)
511 free_stringslen (char **argv, int len)
515 for (i = 0; i < len; ++i)
520 /* Easy ways to run external commands. For full documentation, see
521 * 'commandrvf' below.
524 commandf (char **stdoutput, char **stderror, int flags, const char *name, ...)
531 /* Collect the command line arguments into an array. */
533 argv = malloc (sizeof (char *) * i);
538 argv[0] = (char *) name;
541 va_start (args, name);
543 while ((s = va_arg (args, char *)) != NULL) {
544 const char **p = realloc (argv, sizeof (char *) * (++i));
558 r = commandvf (stdoutput, stderror, flags, (const char * const*) argv);
560 /* NB: Mustn't free the strings which are on the stack. */
566 /* Same as 'command', but we allow the status code from the
567 * subcommand to be non-zero, and return that status code.
568 * We still return -1 if there was some other error.
571 commandrf (char **stdoutput, char **stderror, int flags, const char *name, ...)
578 /* Collect the command line arguments into an array. */
580 argv = malloc (sizeof (char *) * i);
585 argv[0] = (char *) name;
588 va_start (args, name);
590 while ((s = va_arg (args, char *)) != NULL) {
591 const char **p = realloc (argv, sizeof (char *) * (++i));
605 r = commandrvf (stdoutput, stderror, flags, argv);
607 /* NB: Mustn't free the strings which are on the stack. */
613 /* Same as 'command', but passing an argv. */
615 commandvf (char **stdoutput, char **stderror, int flags,
616 char const *const *argv)
620 r = commandrvf (stdoutput, stderror, flags, (void *) argv);
627 /* This is a more sane version of 'system(3)' for running external
628 * commands. It uses fork/execvp, so we don't need to worry about
629 * quoting of parameters, and it allows us to capture any error
630 * messages in a buffer.
632 * If stdoutput is not NULL, then *stdoutput will return the stdout
635 * If stderror is not NULL, then *stderror will return the stderr
636 * of the command. If there is a final \n character, it is removed
637 * so you can use the error string directly in a call to
642 * COMMAND_FLAG_FOLD_STDOUT_ON_STDERR: For broken external commands
643 * that send error messages to stdout (hello, parted) but that don't
644 * have any useful stdout information, use this flag to capture the
645 * error messages in the *stderror buffer. If using this flag,
646 * you should pass stdoutput as NULL because nothing could ever be
647 * captured in that buffer.
649 * COMMAND_FLAG_CHROOT_COPY_FILE_TO_STDIN: For running external
650 * commands on chrooted files correctly (see RHBZ#579608) specifying
651 * this flag causes another process to be forked which chroots into
652 * sysroot and just copies the input file to stdin of the specified
653 * command. The file descriptor is ORed with the flags, and that file
654 * descriptor is always closed by this function. See hexdump.c for an
658 commandrvf (char **stdoutput, char **stderror, int flags,
659 char const* const *argv)
661 int so_size = 0, se_size = 0;
662 int so_fd[2], se_fd[2];
663 int flag_copy_stdin = flags & COMMAND_FLAG_CHROOT_COPY_FILE_TO_STDIN;
664 int stdin_fd[2] = { -1, -1 };
665 pid_t pid, stdin_pid = -1;
671 if (stdoutput) *stdoutput = NULL;
672 if (stderror) *stderror = NULL;
675 printf ("%s", argv[0]);
676 for (i = 1; argv[i] != NULL; ++i)
677 printf (" %s", argv[i]);
681 /* Note: abort is used in a few places along the error paths early
682 * in this function. This is because (a) cleaning up correctly is
683 * very complex at these places and (b) abort is used when a
684 * resource problems is indicated which would be due to much more
685 * serious issues - eg. memory or file descriptor leaks. We
686 * wouldn't expect fork(2) or pipe(2) to fail in normal
690 if (pipe (so_fd) == -1 || pipe (se_fd) == -1) {
691 error (0, errno, "pipe");
695 if (flag_copy_stdin) {
696 if (pipe (stdin_fd) == -1) {
697 error (0, errno, "pipe");
704 error (0, errno, "fork");
708 if (pid == 0) { /* Child process running the command. */
710 if (flag_copy_stdin) {
711 dup2 (stdin_fd[0], 0);
715 /* Set stdin to /dev/null (ignore failure) */
716 open ("/dev/null", O_RDONLY);
720 if (!(flags & COMMAND_FLAG_FOLD_STDOUT_ON_STDERR))
728 execvp (argv[0], (void *) argv);
730 _exit (EXIT_FAILURE);
733 if (flag_copy_stdin) {
734 int fd = flags & COMMAND_FLAG_FD_MASK;
737 if (stdin_pid == -1) {
738 error (0, errno, "fork");
742 if (stdin_pid == 0) { /* Child process copying stdin. */
749 dup2 (stdin_fd[1], 1);
753 if (chroot (sysroot) == -1) {
755 _exit (EXIT_FAILURE);
760 while ((n = read (fd, buffer, sizeof buffer)) > 0) {
761 if (xwrite (1, buffer, n) == -1)
762 /* EPIPE error indicates the command process has exited
763 * early. If the command process fails that will be caught
764 * by the daemon, and if not, then it's not an error.
766 _exit (errno == EPIPE ? EXIT_SUCCESS : EXIT_FAILURE);
771 _exit (EXIT_FAILURE);
774 if (close (fd) == -1) {
776 _exit (EXIT_FAILURE);
779 _exit (EXIT_SUCCESS);
787 /* Parent process. */
792 FD_SET (so_fd[0], &rset);
793 FD_SET (se_fd[0], &rset);
798 r = select (MAX (so_fd[0], se_fd[0]) + 1, &rset2, NULL, NULL, NULL);
802 if (stdoutput) free (*stdoutput);
803 if (stderror) free (*stderror);
806 waitpid (pid, NULL, 0);
807 if (stdin_pid >= 0) waitpid (stdin_pid, NULL, 0);
811 if (FD_ISSET (so_fd[0], &rset2)) { /* something on stdout */
812 r = read (so_fd[0], buf, sizeof buf);
817 if (r == 0) { FD_CLR (so_fd[0], &rset); quit++; }
819 if (r > 0 && stdoutput) {
821 p = realloc (*stdoutput, so_size);
827 memcpy (*stdoutput + so_size - r, buf, r);
831 if (FD_ISSET (se_fd[0], &rset2)) { /* something on stderr */
832 r = read (se_fd[0], buf, sizeof buf);
837 if (r == 0) { FD_CLR (se_fd[0], &rset); quit++; }
841 ignore_value (write (2, buf, r));
845 p = realloc (*stderror, se_size);
851 memcpy (*stderror + se_size - r, buf, r);
860 /* Make sure the output buffers are \0-terminated. Also remove any
861 * trailing \n characters from the error buffer (not from stdout).
864 void *q = realloc (*stdoutput, so_size+1);
871 (*stdoutput)[so_size] = '\0';
874 void *q = realloc (*stderror, se_size+1);
881 (*stderror)[se_size] = '\0';
883 while (se_size >= 0 && (*stderror)[se_size] == '\n')
884 (*stderror)[se_size--] = '\0';
888 if (flag_copy_stdin) {
889 /* Check copy process didn't fail. */
890 if (waitpid (stdin_pid, &r, 0) != stdin_pid) {
893 waitpid (pid, NULL, 0);
897 if (!WIFEXITED (r) || WEXITSTATUS (r) != 0) {
898 fprintf (stderr, "failed copying from input file, see earlier messages\n");
900 waitpid (pid, NULL, 0);
905 /* Get the exit status of the command. */
906 if (waitpid (pid, &r, 0) != pid) {
912 return WEXITSTATUS (r);
917 /* Split an output string into a NULL-terminated list of lines.
918 * Typically this is used where we have run an external command
919 * which has printed out a list of things, and we want to return
922 * The corner cases here are quite tricky. Note in particular:
926 * "a\nb" -> ["a"; "b"]
927 * "a\nb\n" -> ["a"; "b"]
928 * "a\nb\n\n" -> ["a"; "b"; ""]
930 * The original string is written over and destroyed by this
931 * function (which is usually OK because it's the 'out' string
932 * from command()). You can free the original string, because
933 * add_string() strdups the strings.
936 split_lines (char *str)
939 int size = 0, alloc = 0;
947 /* Empty last line? */
951 pend = strchr (p, '\n');
957 if (add_string (&lines, &size, &alloc, p) == -1) {
965 if (add_string (&lines, &size, &alloc, NULL) == -1)
971 /* Skip leading and trailing whitespace, updating the original string
977 size_t len = strlen (str);
979 while (len > 0 && c_isspace (str[len-1])) {
985 while (*p && c_isspace (*p)) {
990 memmove (str, p, len+1);
993 /* printf helper function so we can use %Q ("quoted") and %R to print
994 * shell-quoted strings. See guestfs(3)/EXTENDING LIBGUESTFS for more
998 print_shell_quote (FILE *stream,
999 const struct printf_info *info ATTRIBUTE_UNUSED,
1000 const void *const *args)
1002 #define SAFE(c) (c_isalnum((c)) || \
1003 (c) == '/' || (c) == '-' || (c) == '_' || (c) == '.')
1005 const char *str = *((const char **) (args[0]));
1007 for (i = len = 0; str[i]; ++i) {
1008 if (!SAFE(str[i])) {
1009 putc ('\\', stream);
1012 putc (str[i], stream);
1020 print_sysroot_shell_quote (FILE *stream,
1021 const struct printf_info *info,
1022 const void *const *args)
1024 fputs (sysroot, stream);
1025 return sysroot_len + print_shell_quote (stream, info, args);
1028 #ifdef HAVE_REGISTER_PRINTF_SPECIFIER
1030 print_arginfo (const struct printf_info *info ATTRIBUTE_UNUSED,
1031 size_t n, int *argtypes, int *size)
1034 argtypes[0] = PA_STRING;
1035 size[0] = sizeof (const char *);
1040 #ifdef HAVE_REGISTER_PRINTF_FUNCTION
1042 print_arginfo (const struct printf_info *info, size_t n, int *argtypes)
1045 argtypes[0] = PA_STRING;
1049 #error "HAVE_REGISTER_PRINTF_{SPECIFIER|FUNCTION} not defined"
1053 /* Perform device name translation. Don't call this directly -
1054 * use the RESOLVE_DEVICE macro.
1056 * See guestfs(3) for the algorithm.
1058 * We have to open the device and test for ENXIO, because
1059 * the device nodes themselves will exist in the appliance.
1062 device_name_translation (char *device)
1066 fd = open (device, O_RDONLY);
1073 if (errno != ENXIO && errno != ENOENT)
1076 /* If the name begins with "/dev/sd" then try the alternatives. */
1077 if (STRNEQLEN (device, "/dev/sd", 7))
1080 device[5] = 'h'; /* /dev/hd (old IDE driver) */
1081 fd = open (device, O_RDONLY);
1085 device[5] = 'v'; /* /dev/vd (for virtio devices) */
1086 fd = open (device, O_RDONLY);
1090 device[5] = 's'; /* Restore original device name. */
1094 /* Check program exists and is executable on $PATH. Actually, we
1095 * just assume PATH contains the default entries (see main() above).
1098 prog_exists (const char *prog)
1100 static const char * const dirs[] =
1101 { "/sbin", "/usr/sbin", "/bin", "/usr/bin" };
1105 for (i = 0; i < sizeof dirs / sizeof dirs[0]; ++i) {
1106 snprintf (buf, sizeof buf, "%s/%s", dirs[i], prog);
1107 if (access (buf, X_OK) == 0)
1113 /* LVM and other commands aren't synchronous, especially when udev is
1114 * involved. eg. You can create or remove some device, but the /dev
1115 * device node won't appear until some time later. This means that
1116 * you get an error if you run one command followed by another.
1118 * Use 'udevadm settle' after certain commands, but don't be too
1119 * fussed if it fails.
1121 * 'udevsettle' was the old name for this command (RHEL 5). This was
1122 * deprecated in favour of 'udevadm settle'. The old 'udevsettle'
1123 * command was left as a symlink. Then in Fedora 13 the old symlink
1124 * remained but it stopped working (RHBZ#548121), so we have to be
1125 * careful not to assume that we can use 'udevsettle' if it exists.
1130 (void) command (NULL, NULL, "udevadm", "settle", NULL);
1131 (void) command (NULL, NULL, "udevsettle", NULL);