From: Lennart Poettering Date: Wed, 11 Dec 2013 23:07:49 +0000 (+0100) Subject: bus: connect directly via kdbus in sd_bus_open_system_container() X-Git-Tag: v209~1017 X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=commitdiff_plain;h=9e5548644f76e893c246d54ae613856b67b8dc1d;hp=ba276c8153e510a6741dc8a9492f5bed2b375825 bus: connect directly via kdbus in sd_bus_open_system_container() kdbus fortunately exposes the container's busses in the host fs, hence we can access it directly instead of doing the namespacing dance. --- diff --git a/src/libsystemd-bus/sd-bus.c b/src/libsystemd-bus/sd-bus.c index f991a0927..edd917e30 100644 --- a/src/libsystemd-bus/sd-bus.c +++ b/src/libsystemd-bus/sd-bus.c @@ -1142,12 +1142,17 @@ _public_ int sd_bus_open_system_container(const char *machine, sd_bus **ret) { assert_return(machine, -EINVAL); assert_return(ret, -EINVAL); + assert_return(filename_is_safe(machine), -EINVAL); e = bus_address_escape(machine); if (!e) return -ENOMEM; +#ifdef ENABLE_KDBUS + p = strjoin("kernel:path=/dev/kdbus/ns/machine-", e, "/0-system/bus;x-container:machine=", e, NULL); +#else p = strjoin("x-container:machine=", e, NULL); +#endif if (!p) return -ENOMEM; diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c index 583912f57..b3ca10ea9 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -1067,6 +1067,7 @@ int main(int argc, char *argv[]) { _cleanup_close_pipe_ int kmsg_socket_pair[2] = { -1, -1 }; _cleanup_fdset_free_ FDSet *fds = NULL; _cleanup_free_ char *kdbus_namespace = NULL; + const char *ns; log_parse_environment(); log_open(); @@ -1167,7 +1168,8 @@ int main(int argc, char *argv[]) { goto finish; } - kdbus_fd = bus_kernel_create_namespace(arg_machine, &kdbus_namespace); + ns = strappenda("machine-", arg_machine); + kdbus_fd = bus_kernel_create_namespace(ns, &kdbus_namespace); if (r < 0) log_debug("Failed to create kdbus namespace: %s", strerror(-r)); else