1
0
mirror of https://github.com/systemd/systemd.git synced 2025-01-25 10:04:04 +03:00

Merge pull request #30787 from poettering/hostnamed-cid

hostnamed: expose AF_VSOCK CID among hostnamed/hostnamectl info
This commit is contained in:
Lennart Poettering 2024-01-08 14:36:57 +01:00 committed by GitHub
commit a0e66913c9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 75 additions and 10 deletions

View File

@ -99,6 +99,8 @@ node /org/freedesktop/hostname1 {
readonly ay MachineID = [...];
@org.freedesktop.DBus.Property.EmitsChangedSignal("const")
readonly ay BootID = [...];
@org.freedesktop.DBus.Property.EmitsChangedSignal("const")
readonly u VSockCID = ...;
};
interface org.freedesktop.DBus.Peer { ... };
interface org.freedesktop.DBus.Introspectable { ... };
@ -120,10 +122,6 @@ node /org/freedesktop/hostname1 {
<!--property FirmwareDate is not documented!-->
<!--property MachineID is not documented!-->
<!--property BootID is not documented!-->
<!--Autogenerated cross-references for systemd.directives, do not edit-->
<variablelist class="dbus-interface" generated="True" extra-ref="org.freedesktop.hostname1"/>
@ -196,6 +194,8 @@ node /org/freedesktop/hostname1 {
<variablelist class="dbus-property" generated="True" extra-ref="BootID"/>
<variablelist class="dbus-property" generated="True" extra-ref="VSockCID"/>
<!--End of Autogenerated section-->
<para>Whenever the hostname or other metadata is changed via the daemon,
@ -287,6 +287,18 @@ node /org/freedesktop/hostname1 {
purpose of those properties is to allow remote clients to access this information over D-Bus. Local
clients can access the information directly.</para>
<para><varname>MachineID</varname> expose the 128bit machine ID, see
<citerefentry><refentrytitle>machine-id</refentrytitle><manvolnum>5</manvolnum></citerefentry> for
details.</para>
<para><varname>BootID</varname> expose the 128bit boot ID, as per
<filename>/proc/sys/kernel/random/boot_id</filename>.</para>
<para><varname>VSockCID</varname> exposes the system's local <constant>AF_VSOCK</constant> CID (Context
Identifier, i.e. address) for the system, if one is available in the virtual machine environment. Set to
<constant>UINT32_MAX</constant> otherwise. See <citerefentry project="man-pages"><refentrytitle>vsock</refentrytitle><manvolnum>7</manvolnum></citerefentry> for
details.</para>
<refsect2>
<title>Methods</title>
@ -440,8 +452,8 @@ node /org/freedesktop/hostname1 {
<para><varname>OperatingSystemSupportEnd</varname>,
<varname>FirmwareVendor</varname>, and
<varname>FirmwareDate</varname> were added in version 253.</para>
<para><varname>MachineID</varname>, and
<varname>BootID</varname> were added in version 256.</para>
<para><varname>MachineID</varname>, <varname>BootID</varname> and
<varname>VSockCID</varname> were added in version 256.</para>
</refsect2>
</refsect1>
</refentry>

View File

@ -1753,3 +1753,18 @@ int socket_address_parse_vsock(SocketAddress *ret_address, const char *s) {
return 0;
}
int vsock_get_local_cid(unsigned *ret) {
_cleanup_close_ int vsock_fd = -EBADF;
assert(ret);
vsock_fd = open("/dev/vsock", O_RDONLY|O_CLOEXEC);
if (vsock_fd < 0)
return log_debug_errno(errno, "Failed to open /dev/vsock: %m");
if (ioctl(vsock_fd, IOCTL_VM_SOCKETS_GET_LOCAL_CID, ret) < 0)
return log_debug_errno(errno, "Failed to query local AF_VSOCK CID: %m");
return 0;
}

View File

@ -389,3 +389,5 @@ int socket_address_parse_vsock(SocketAddress *ret_address, const char *s);
* /proc/sys/net/core/somaxconn anyway, thus by setting this to unbounded we just make that sysctl file
* authoritative. */
#define SOMAXCONN_DELUXE INT_MAX
int vsock_get_local_cid(unsigned *ret);

View File

@ -24,6 +24,7 @@
#include "main-func.h"
#include "parse-argument.h"
#include "pretty-print.h"
#include "socket-util.h"
#include "spawn-polkit-agent.h"
#include "terminal-util.h"
#include "verbs.h"
@ -58,6 +59,7 @@ typedef struct StatusInfo {
usec_t firmware_date;
sd_id128_t machine_id;
sd_id128_t boot_id;
uint32_t vsock_cid;
} StatusInfo;
static const char* chassis_string_to_glyph(const char *chassis) {
@ -191,6 +193,14 @@ static int print_status_info(StatusInfo *i) {
return table_log_add_error(r);
}
if (i->vsock_cid != VMADDR_CID_ANY) {
r = table_add_many(table,
TABLE_FIELD, "AF_VSOCK CID",
TABLE_UINT32, i->vsock_cid);
if (r < 0)
return table_log_add_error(r);
}
if (!isempty(i->virtualization)) {
r = table_add_many(table,
TABLE_FIELD, "Virtualization",
@ -332,7 +342,9 @@ static int get_one_name(sd_bus *bus, const char* attr, char **ret) {
}
static int show_all_names(sd_bus *bus) {
StatusInfo info = {};
StatusInfo info = {
.vsock_cid = VMADDR_CID_ANY,
};
static const struct bus_properties_map hostname_map[] = {
{ "Hostname", "s", NULL, offsetof(StatusInfo, hostname) },
@ -354,6 +366,7 @@ static int show_all_names(sd_bus *bus) {
{ "FirmwareDate", "t", NULL, offsetof(StatusInfo, firmware_date) },
{ "MachineID", "ay", bus_map_id128, offsetof(StatusInfo, machine_id) },
{ "BootID", "ay", bus_map_id128, offsetof(StatusInfo, boot_id) },
{ "VSockCID", "u", NULL, offsetof(StatusInfo, vsock_cid) },
{}
}, manager_map[] = {
{ "Virtualization", "s", NULL, offsetof(StatusInfo, virtualization) },

View File

@ -6,6 +6,8 @@
#include <sys/types.h>
#include <unistd.h>
#include "sd-device.h"
#include "alloc-util.h"
#include "bus-common-errors.h"
#include "bus-get-properties.h"
@ -28,10 +30,10 @@
#include "os-util.h"
#include "parse-util.h"
#include "path-util.h"
#include "sd-device.h"
#include "selinux-util.h"
#include "service-util.h"
#include "signal-util.h"
#include "socket-util.h"
#include "stat-util.h"
#include "string-table.h"
#include "strv.h"
@ -1033,6 +1035,22 @@ static int property_get_boot_id(
return bus_property_get_id128(bus, path, interface, property, reply, &id, error);
}
static int property_get_vsock_cid(
sd_bus *bus,
const char *path,
const char *interface,
const char *property,
sd_bus_message *reply,
void *userdata,
sd_bus_error *error) {
unsigned local_cid = VMADDR_CID_ANY;
(void) vsock_get_local_cid(&local_cid);
return sd_bus_message_append(reply, "u", (uint32_t) local_cid);
}
static int method_set_hostname(sd_bus_message *m, void *userdata, sd_bus_error *error) {
Context *c = ASSERT_PTR(userdata);
const char *name;
@ -1333,6 +1351,7 @@ static int method_describe(sd_bus_message *m, void *userdata, sd_bus_error *erro
_cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
_cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
sd_id128_t machine_id, boot_id, product_uuid = SD_ID128_NULL;
unsigned local_cid = VMADDR_CID_ANY;
Context *c = ASSERT_PTR(userdata);
bool privileged;
struct utsname u;
@ -1404,6 +1423,8 @@ static int method_describe(sd_bus_message *m, void *userdata, sd_bus_error *erro
if (r < 0)
return log_error_errno(r, "Failed to get boot ID: %m");
(void) vsock_get_local_cid(&local_cid);
r = json_build(&v, JSON_BUILD_OBJECT(
JSON_BUILD_PAIR("Hostname", JSON_BUILD_STRING(hn)),
JSON_BUILD_PAIR("StaticHostname", JSON_BUILD_STRING(c->data[PROP_STATIC_HOSTNAME])),
@ -1430,7 +1451,8 @@ static int method_describe(sd_bus_message *m, void *userdata, sd_bus_error *erro
JSON_BUILD_PAIR_ID128("MachineID", machine_id),
JSON_BUILD_PAIR_ID128("BootID", boot_id),
JSON_BUILD_PAIR_CONDITION(!sd_id128_is_null(product_uuid), "ProductUUID", JSON_BUILD_ID128(product_uuid)),
JSON_BUILD_PAIR_CONDITION(sd_id128_is_null(product_uuid), "ProductUUID", JSON_BUILD_NULL)));
JSON_BUILD_PAIR_CONDITION(sd_id128_is_null(product_uuid), "ProductUUID", JSON_BUILD_NULL),
JSON_BUILD_PAIR_CONDITION(local_cid != VMADDR_CID_ANY, "VSockCID", JSON_BUILD_UNSIGNED(local_cid))));
if (r < 0)
return log_error_errno(r, "Failed to build JSON data: %m");
@ -1475,6 +1497,7 @@ static const sd_bus_vtable hostname_vtable[] = {
SD_BUS_PROPERTY("FirmwareDate", "t", property_get_firmware_date, 0, SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("MachineID", "ay", property_get_machine_id, 0, SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("BootID", "ay", property_get_boot_id, 0, SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("VSockCID", "u", property_get_vsock_cid, 0, SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_METHOD_WITH_ARGS("SetHostname",
SD_BUS_ARGS("s", hostname, "b", interactive),

View File

@ -22,7 +22,7 @@ IPAddressDeny=any
LockPersonality=yes
MemoryDenyWriteExecute=yes
NoNewPrivileges=yes
PrivateDevices=yes
DeviceAllow=/dev/vsock r
PrivateNetwork=yes
PrivateTmp=yes
ProtectProc=invisible