CHANGELOGS:
CHANGELOG v6
* remove the default whitelist (now default state is no whitelist is
used)
* incorporate jan's feedback
* dynamic allocation of variable names in lists
* fix the path names and reading
CHANGELOG v5
* add the default blacklist and whitelist
* -w, -b: there is options for setting both blacklist and whitelist
configuration files
* -t: add the possibility to read the whitelist strictly
CHANGELOG v4
* incorporate dhaval feedback:
* whitelist -> blacklist
* add cgroup_free_cgroup
CHANGELOG v3
* white/blacklist is cached
* incorporate jsafraneks feedback
CHANGELOG v2
* add whitelist which describe the set of variables which can be dealt
by
cgsnapshot without any problem (the values which with which have cgsnapshot
the problems are there with TODO comment and the reason) without -s option
the skipped variables are output with the warning text
* add the possibility to set the whitelist file
* add the possibility to redirect the output
CHANGELOG v1
* more verbose comments
* tune the variable names/description/usage in display_controller_data
function
* remove unnecessary .stat exception
SYNOPSIS:
cgsnapshot [-h] [-s] [-t] [-b file] [-w file] [-f output_file]
[controller] [...]
Generate the configuration file from the given controllers of control groups
-b,--blacklist file Set the blacklist configuration file (default
/etc/cgsnapshot_blacklist.conf)
-f,--file Redirect the output to output_file
-h,--help Display this help
-s,--silent Ignore all warnings
-t,--strict Don't show the variables which are not on the whitelist
-w,--whitelist file Set the whitelist configuration file (don't used by
default)
EXAMPLE:
$ /home/varekova/bg/libcgroup/20100719/libcg/src/tools/cgsnapshot -n
# Configuration file generated by cgsnapshot
mount {
cpuset = /cgroup/cpuset;
cpu = /cgroup/devices;
cpuacct = /cgroup/memoryd;
memory = /cgroup/memory;
devices = /cgroup/devices;
freezer = /cgroup/freezer;
net_cls = /cgroup/net_cls;
}
group daemons {
perm {
admin {
uid = root;
gid = root;
}
task {
uid = root;
gid = root;
}
}
cpuset {
cpuset.memory_spread_slab="0";
cpuset.memory_spread_page="0";
cpuset.memory_migrate="0";
cpuset.sched_relax_domain_level="-1";
cpuset.sched_load_balance="1";
cpuset.mem_hardwall="0";
cpuset.mem_exclusive="0";
cpuset.cpu_exclusive="0";
}
}
Signed-off-by: Ivana Hutarova Varekova <[email protected]>
---
src/tools/Makefile.am | 5
src/tools/cgsnapshot.c | 688 ++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 692 insertions(+), 1 deletions(-)
create mode 100644 src/tools/cgsnapshot.c
diff --git a/src/tools/Makefile.am b/src/tools/Makefile.am
index f755037..92a0078 100644
--- a/src/tools/Makefile.am
+++ b/src/tools/Makefile.am
@@ -3,7 +3,8 @@ LDADD = $(top_builddir)/src/.libs/libcgroup.la
if WITH_TOOLS
-bin_PROGRAMS = cgexec cgclassify cgcreate cgset cgget cgdelete lssubsys
lscgroup
+bin_PROGRAMS = cgexec cgclassify cgcreate cgset cgget cgdelete lssubsys\
+ lscgroup cgsnapshot
sbin_PROGRAMS = cgconfigparser cgclear
@@ -27,6 +28,8 @@ lssubsys_SOURCES = lssubsys.c
lscgroup_SOURCES = tools-common.c lscgroup.c
+cgsnapshot_SOURCES = cgsnapshot.c
+
install-exec-hook:
chmod u+s $(DESTDIR)$(bindir)/cgexec
diff --git a/src/tools/cgsnapshot.c b/src/tools/cgsnapshot.c
new file mode 100644
index 0000000..628a8bd
--- /dev/null
+++ b/src/tools/cgsnapshot.c
@@ -0,0 +1,688 @@
+/* " Copyright (C) 2010 Red Hat, Inc. All Rights Reserved.
+ * " Written by Ivana Hutarova Varekova <[email protected]>
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of version 2.1 of the GNU Lesser General Public License
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it would be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#include <stdio.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <string.h>
+#include <getopt.h>
+#include <errno.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <libcgroup.h>
+#include <libcgroup-internal.h>
+#include <pwd.h>
+#include <grp.h>
+
+enum flag{
+ FL_LIST = 1,
+ FL_SILENT = 2, /* do-not show any warning/error output */
+ FL_STRICT = 4, /* don show the variables which are not on
+ whitelist */
+ FL_OUTPUT = 8, /* output should be redirect to the given
file */
+ FL_BLACK = 16, /* blacklist set */
+ FL_WHITE = 32, /* whitelist set */
+};
+
+#define BLACKLIST_CONF "/etc/cgsnapshot_blacklist.conf"
+#define WHITELIST_CONF "/etc/cgsnapshot_whitelist.conf"
+
+struct black_list_type {
+ char *name; /* variable name */
+ struct black_list_type *next; /* pointer to the next record */
+};
+
+struct black_list_type *black_list;
+struct black_list_type *white_list;
+
+typedef char cont_name_t[FILENAME_MAX];
+
+int flags;
+FILE *of;
+
+/*
+ * Display the usage
+ */
+static void usage(int status, const char *program_name)
+{
+ if (status != 0) {
+ fprintf(stderr, "Wrong input parameters,"
+ " try %s -h' for more information.\n",
+ program_name);
+ } else {
+ fprintf(stdout, "Usage: %s [-h] [-s] [-b file] "\
+ "[-w file] [-f output_file] "\
+ "[controller] [...]\n", program_name);
+ fprintf(stdout, "Generate the configuration file from "\
+ "the given controllers of control groups\n");
+ fprintf(stdout, " -b,--blacklist file Set the blacklist"\
+ " configuration file (default %s)\n", BLACKLIST_CONF);
+ fprintf(stdout, " -f,--file Redirect the output"\
+ " to output_file\n");
+ fprintf(stdout, " -h,--help Display this help\n");
+ fprintf(stdout, " -s,--silent Ignore all "\
+ "warnings\n");
+ fprintf(stdout, " -t,--strict Don't show the "\
+ "variables which are not on the whitelist\n");
+ fprintf(stdout, " -w,--whitelist file Set the whitelist"\
+ " configuration file (don't used by default)\n");
+ }
+}
+
+/* cache values from blacklist file to the list structure */
+
+int load_list(char *filename, struct black_list_type **p_list)
+{
+ FILE *fw;
+ int i = 0;
+ int ret;
+ char buf[FILENAME_MAX];
+ char name[FILENAME_MAX];
+
+ struct black_list_type *start = NULL;
+ struct black_list_type *end = NULL;
+ struct black_list_type *new;
+
+ fw = fopen(filename, "r");
+ if (fw == NULL) {
+ fprintf(stderr, "ERROR: Failed to open file %s: %s\n",
+ filename, strerror(errno));
+ *p_list = NULL;
+ return 1;
+ }
+
+ /* go through the all configuration file and search the line */
+ while (fgets(buf, FILENAME_MAX, fw) != NULL) {
+ buf[FILENAME_MAX-1] = '\0';
+ i = 0;
+
+ /* if the record start with # then skip it */
+ while ((buf[i] == ' ') || (buf[i] == '\n'))
+ i++;
+
+ if ((buf[i] == '#') || (buf[i] == '\0'))
+ continue;
+
+ new = (struct black_list_type *)malloc(sizeof
+ (struct black_list_type));
+ if (new == NULL) {
+ fprintf(stderr, "ERROR: Memory allocation problem "
+ "(%s)\n", strerror(errno));
+ *p_list = NULL;
+ return 1;
+ }
+
+ ret = sscanf(buf, "%s", name);
+ new->name = strdup(name);
+
+ new->next = NULL;
+
+ /* update the variables list */
+ if (start == NULL) {
+ start = new;
+ end = new;
+ } else {
+ end->next = new;
+ end = new;
+ }
+ }
+
+ fclose(fw);
+ *p_list = start;
+ return 0;
+}
+
+/* free list structure */
+void free_list(struct black_list_type *list)
+{
+ struct black_list_type *now;
+ struct black_list_type *next;
+
+ now = list;
+ while (now != NULL) {
+ next = now->next;
+ free(now);
+ now = next;
+ }
+ return;
+}
+
+/* Test whether the variable is on the list
+ * return values are:
+ * 1 ... was found
+ * 0 ... no record was found
+ */
+int is_on_list(char *name, struct black_list_type *list)
+{
+ struct black_list_type *record;
+
+ record = list;
+ /* go through the list of all values */
+ while (record != NULL) {
+ /* if the variable name is found */
+ if (strcmp(record->name, name) == 0) {
+ /* return its value */
+ return 1;
+ }
+ record = record->next;
+ }
+
+ /* the variable was not found */
+ return 0;
+
+}
+
+/* Display permissions record for the given group
+ * defined by path
+ */
+static int display_permissions(const char *path,
+ const char *program_name)
+{
+ int ret;
+ struct stat sb;
+ struct passwd *pw;
+ struct group *gr;
+ char tasks_path[FILENAME_MAX];
+
+ /* print the header */
+ fprintf(of, "\tperm {\n");
+
+ /* admin permissions record */
+ /* get the directory statistic */
+ ret = stat(path, &sb);
+ if (ret) {
+ fprintf(stderr, "ERROR: can't read statistics about %s\n",
+ path);
+ return -1;
+ }
+
+ /* find out the user and group name */
+ pw = getpwuid(sb.st_uid);
+ if (pw == NULL) {
+ fprintf(stderr, "ERROR: can't get %d user name\n", sb.st_uid);
+ return -1;
+ }
+
+ gr = getgrgid(sb.st_gid);
+ if (gr == NULL) {
+ fprintf(stderr, "ERROR: can't get %d group name\n", sb.st_gid);
+ return -1;
+ }
+
+ /* print the admin record */
+ fprintf(of, "\t\tadmin {\n"\
+ "\t\t\tuid = %s;\n"\
+ "\t\t\tgid = %s;\n"\
+ "\t\t}\n", pw->pw_name, gr->gr_name);
+
+ /* tasks permissions record */
+ /* get tasks file statistic */
+ strncpy(tasks_path, path, FILENAME_MAX);
+ tasks_path[FILENAME_MAX-1] = '\0';
+ strncat(tasks_path, "/tasks", FILENAME_MAX);
+ tasks_path[FILENAME_MAX-1] = '\0';
+
+ ret = stat(tasks_path, &sb);
+ if (ret) {
+ fprintf(stderr, "ERROR: can't read statistics about %s\n",
+ tasks_path);
+ return -1;
+ }
+
+ /* find out the user and group name */
+ pw = getpwuid(sb.st_uid);
+ if (pw == NULL) {
+ fprintf(stderr, "ERROR: can't get %d user name\n", sb.st_uid);
+ return -1;
+ }
+
+ gr = getgrgid(sb.st_gid);
+ if (gr == NULL) {
+ fprintf(stderr, "ERROR: can't get %d group name\n", sb.st_gid);
+ return -1;
+ }
+
+ /* print the task record */
+ fprintf(of, "\t\ttask {\n"\
+ "\t\t\tuid = %s;\n"\
+ "\t\t\tgid = %s;\n"\
+ "\t\t}\n", pw->pw_name, gr->gr_name);
+
+ fprintf(of, "\t}\n");
+
+ return 0;
+}
+
+/* Displey the control group record:
+ * header
+ * permission record
+ * controllers records
+ * tail
+ */
+
+static int display_cgroup_data(struct cgroup *group,
+ char controller[CG_CONTROLLER_MAX][FILENAME_MAX],
+ const char *group_path, const char *root_path, int first,
+ const char *program_name)
+{
+ int i = 0, j;
+ int bl, wl = 0; /* is on the blacklist/whitelist flag */
+ int nr_var = 0;
+ char *name;
+ struct cgroup_controller *group_controller = NULL;
+ char *value = NULL;
+ int ret = 0;
+ struct stat sb;
+
+ /* print the group definition header */
+ fprintf(of, "group %s {\n", group->name, group_path);
+
+ /* display the permission tags */
+ ret = display_permissions(group_path, program_name);
+ if (ret)
+ return ret;
+
+ /* for all wanted controllers display controllers tag */
+ while (controller[i][0] != '\0') {
+
+ group_controller = cgroup_get_controller(group, controller[i]);
+ if (group_controller == NULL) {
+ printf("cannot find controller "\
+ "'%s' in group '%s'\n",
+ controller[i], group->name);
+ ret = -1;
+ continue;
+ }
+
+ /* print the controller header */
+ fprintf(of, "\t%s {\n", controller[i]);
+ i++;
+ nr_var = cgroup_get_value_name_count(group_controller);
+
+ for (j = 0; j < nr_var; j++) {
+ name = cgroup_get_value_name(group_controller, j);
+
+ /* test whether the variable file is writable */
+
+ /* test whether the write permissions */
+ ret = stat(root_path, &sb);
+ /* freezer.state is not in root group so ret != 0,
+ * but it should be listed
+ */
+ if ((ret == 0) && ((sb.st_mode & S_IWUSR) == 0)) {
+ /* variable is not writable */
+ continue;
+ }
+
+ /* find whether the variable is blacklisted or
+ whitelisted */
+ bl = is_on_list(name, black_list);
+ wl = is_on_list(name, white_list);
+
+ /* if it is blacklisted skip it and continue */
+ if (bl)
+ continue;
+
+ /* if it is not whitelisted and strict tag is used
+ skip it and continue too */
+ if ((!wl) && (flags & FL_STRICT))
+ continue;
+
+ /* if it is not whitelisted and silent tag is not
+ used write an warning */
+ if ((!wl) && !(flags & FL_SILENT) && (first))
+ fprintf(stderr, "WARNING: variable %s is "\
+ "neither blacklisted nor "\
+ "whitelisted\n", name);
+
+ ret = cgroup_get_value_string(group_controller,
+ name, &value);
+
+ /* variable can not be read */
+ if (ret != 0) {
+ ret = 0;
+ fprintf(stderr, "ERROR: Value of "\
+ "variable %s can be read\n",
+ name);
+ goto err;
+ }
+ fprintf(of, "\t\t%s=\"%s\";\n", name, value);
+ }
+ fprintf(of, "\t}\n");
+ }
+
+ /* tail of the record */
+ fprintf(of, "}\n\n");
+
+err:
+ return ret;
+}
+
+/*
+ * creates the record about the hierarchie which contains
+ * "controller" subsystem
+ */
+static int display_controller_data(
+ char controller[CG_CONTROLLER_MAX][FILENAME_MAX],
+ const char *program_name)
+{
+ int ret;
+ void *handle;
+ int first = 1;
+
+ struct cgroup_file_info info;
+ int lvl;
+
+ int prefix_len;
+ char cgroup_name[FILENAME_MAX];
+
+ struct cgroup *group = NULL;
+
+ /* start to parse the structure for the first controller -
+ controller[0] attached to hierarchie */
+ ret = cgroup_walk_tree_begin(controller[0], "/", 0,
+ &handle, &info, &lvl);
+ if (ret != 0)
+ return ret;
+
+ prefix_len = strlen(info.full_path);
+
+ /* go through all files and directories */
+ while ((ret = cgroup_walk_tree_next(0, &handle, &info, lvl)) == 0) {
+ /* some group starts here */
+ if (info.type == CGROUP_FILE_TYPE_DIR) {
+ /* parse the group name from full_path*/
+ strncpy(cgroup_name, &info.full_path[prefix_len],
+ FILENAME_MAX);
+ cgroup_name[FILENAME_MAX-1] = '\0';
+
+
+ /* start to grab data about the new group */
+ group = cgroup_new_cgroup(cgroup_name);
+ if (group == NULL) {
+ printf("cannot create group '%s'\n",
+ cgroup_name);
+ return -1;
+ }
+
+ ret = cgroup_get_cgroup(group);
+ if (ret != 0) {
+ printf("cannot read group '%s': %s\n",
+ cgroup_name, cgroup_strerror(ret));
+ }
+
+ display_cgroup_data(group, controller, info.full_path,
+ info.path, first, program_name);
+ first = 0;
+ }
+ }
+
+ cgroup_free(&group);
+
+ cgroup_walk_tree_end(&handle);
+ if (ret == ECGEOF)
+ ret = 0;
+
+ return ret;
+
+}
+
+static int is_ctlr_on_list(char controllers[CG_CONTROLLER_MAX][FILENAME_MAX],
+ cont_name_t wanted_conts[FILENAME_MAX])
+{
+ int i = 0;
+ int j = 0;
+
+ while (controllers[i][0] != '\0') {
+ while (wanted_conts[j][0] != '\0') {
+ if (strcmp(controllers[i], wanted_conts[j]) == 0)
+ return 1;
+ j++;
+ }
+ j = 0;
+ i++;
+ }
+
+ return 0;
+}
+
+
+/* print data about input cont_name controller */
+static int parse_controllers(cont_name_t cont_names[CG_CONTROLLER_MAX],
+ const char *program_name)
+{
+ int ret = 0;
+ void *handle;
+ char path[FILENAME_MAX];
+ struct cgroup_mount_point controller;
+
+ char controllers[CG_CONTROLLER_MAX][FILENAME_MAX];
+ int max = 0;
+
+ path[0] = '\0';
+
+ ret = cgroup_get_controller_begin(&handle, &controller);
+
+ /* go through the list of controllers/mount point pairs */
+ while (ret == 0) {
+ if (strcmp(path, controller.path) == 0) {
+ /* if it is still the same mount point */
+ if (max < CG_CONTROLLER_MAX) {
+ strncpy(controllers[max],
+ controller.name, FILENAME_MAX);
+ (controllers[max])[FILENAME_MAX-1] = '\0';
+ max++;
+ }
+ } else {
+
+ /* we got new mount point, print it if needed */
+ if ((!(flags & FL_LIST) ||
+ (is_ctlr_on_list(controllers, cont_names)))
+ && (max != 0)) {
+ (controllers[max])[0] = '\0';
+ ret = display_controller_data(
+ controllers, program_name);
+ }
+
+ strncpy(controllers[0], controller.name, FILENAME_MAX);
+ (controllers[0])[FILENAME_MAX-1] = '\0';
+
+ strncpy(path, controller.path, FILENAME_MAX);
+ path[FILENAME_MAX-1] = '\0';
+ max = 1;
+ }
+
+ /* the actual controller should not be printed */
+ ret = cgroup_get_controller_next(&handle, &controller);
+ }
+
+ if (max != 0)
+ ret = display_controller_data(
+ controllers, program_name);
+
+ cgroup_get_controller_end(&handle);
+ if (ret != ECGEOF)
+ return ret;
+ return 0;
+}
+
+/* print data about input mount points */
+/* TODO only wanted ones */
+static int parse_mountpoints(cont_name_t cont_names[CG_CONTROLLER_MAX],
+ const char *program_name)
+{
+ int ret;
+ void *handle;
+ struct controller_data info;
+ char *mount_point;
+
+ /* start mount section */
+ fprintf(of, "mount {\n");
+
+ /* go through the controller list */
+ ret = cgroup_get_all_controller_begin(&handle, &info);
+ while (ret == 0) {
+
+ /* the controller attached to some hierarchy */
+ if (info.hierarchy != 0) {
+ ret = cgroup_get_subsys_mount_point(info.name,
+ &mount_point);
+ if (ret != 0) {
+ /* the controller is not mounted */
+ if ((flags & FL_SILENT) == 0) {
+ fprintf(stderr, "ERROR: %s hierarchy "\
+ "not mounted\n", info.name);
+ }
+ } else
+ fprintf(of, "\t%s = %s;\n",
+ info.name, mount_point);
+ }
+
+ /* next controller */
+ ret = cgroup_get_all_controller_next(&handle, &info);
+ }
+ if (ret != ECGEOF) {
+ if ((flags & FL_SILENT) != 0) {
+ fprintf(stderr,
+ "E: in get next controller %s\n",
+ cgroup_strerror(ret));
+ return ret;
+ }
+ }
+
+ ret |= cgroup_get_all_controller_end(&handle);
+
+ /* finish mount section */
+ fprintf(of, "}\n\n");
+ return ret;
+}
+
+int main(int argc, char *argv[])
+{
+ int ret = 0;
+ int c;
+
+ int i;
+ int c_number = 0;
+ cont_name_t wanted_cont[CG_CONTROLLER_MAX];
+
+ char bl_file[FILENAME_MAX]; /* blacklist file name */
+ char wl_file[FILENAME_MAX]; /* whitelist file name */
+
+ static struct option long_opts[] = {
+ {"help", no_argument, NULL, 'h'},
+ {"silent" , no_argument, NULL, 's'},
+ {"blacklist", required_argument, NULL, 'b'},
+ {"whitelist", required_argument, NULL, 'w'},
+ {"strict", no_argument, NULL, 't'},
+ {"file", required_argument, NULL, 'f'},
+ {0, 0, 0, 0}
+ };
+
+ for (i = 0; i < CG_CONTROLLER_MAX; i++)
+ wanted_cont[i][0] = '\0';
+ flags = 0;
+
+ /* parse arguments */
+ while ((c = getopt_long(argc, argv, "hsb:w:tf:", long_opts, NULL))
+ > 0) {
+ switch (c) {
+ case 'h':
+ usage(0, argv[0]);
+ return 0;
+ case 's':
+ flags |= FL_SILENT;
+ break;
+ case 'b':
+ flags |= FL_BLACK;
+ strncpy(bl_file, optarg, FILENAME_MAX);
+ break;
+ case 'w':
+ flags |= FL_WHITE;
+ strncpy(wl_file, optarg, FILENAME_MAX);
+ break;
+ case 't':
+ flags |= FL_STRICT;
+ break;
+ case 'f':
+ flags |= FL_OUTPUT;
+ of = fopen(optarg, "w");
+ if (of == NULL) {
+ fprintf(stderr, "%s: Failed to open file %s\n",
+ argv[0], optarg);
+ return ECGOTHER;
+ }
+ break;
+ default:
+ usage(1, argv[0]);
+ return -1;
+ }
+ }
+
+ /* read the list of controllers */
+ while (optind < argc) {
+ flags |= FL_LIST;
+ strncpy(wanted_cont[c_number], argv[optind], FILENAME_MAX);
+ (wanted_cont[c_number])[FILENAME_MAX-1] = '\0';
+ c_number++;
+ optind++;
+ if (optind == CG_CONTROLLER_MAX-1) {
+ fprintf(stderr, "too many parameters\n");
+ break;
+ }
+ }
+
+ if ((flags & FL_OUTPUT) == 0)
+ of = stdout;
+
+ /* blacklkist */
+ if (flags & FL_BLACK) {
+ ret = load_list(bl_file, &black_list);
+ } else {
+ /* load the blacklist from the default location */
+ ret = load_list(BLACKLIST_CONF, &black_list);
+ }
+ if (ret != 0)
+ return ret;
+
+ /* whitelist */
+ if (flags & FL_WHITE)
+ ret = load_list(wl_file, &white_list);
+ if (ret != 0)
+ return ret;
+
+ /* print the header */
+ fprintf(of, "# Configuration file generated by cgsnapshot\n");
+
+ /* initialize libcgroup */
+ ret = cgroup_init();
+
+ if (ret) {
+ /* empty configuration file */
+ return ret;
+ }
+
+ /* print mount points section */
+ ret = parse_mountpoints(wanted_cont, argv[0]);
+
+ /* print hierarchies section */
+ ret = parse_controllers(wanted_cont, argv[0]);
+
+ free_list(black_list);
+ free_list(white_list);
+
+ if (of != stdout)
+ fclose(of);
+
+ return ret;
+}
------------------------------------------------------------------------------
Beautiful is writing same markup. Internet Explorer 9 supports
standards for HTML5, CSS3, SVG 1.1, ECMAScript5, and DOM L2 & L3.
Spend less time writing and rewriting code and more time creating great
experiences on the web. Be a part of the beta today.
http://p.sf.net/sfu/beautyoftheweb
_______________________________________________
Libcg-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/libcg-devel
