[Libcg-devel] [PATCH 02/10] cgconfigparser: Add 'default' section.

Jan Safranek Wed, 23 Nov 2011 05:30:39 -0800

'default' section in cgconfig.conf file describes default owner and
permissions of group's control and task files. Using the 'default' section,
the common permissions can be specified only once per config file instead
of defining it separately for each group.


Signed-off-by: Jan Safranek <jsafr...@redhat.com>
---

 src/config.c             |   67 ++++++++++++++++++++++++++++++++++++++++++++++
 src/lex.l                |    1 +
 src/libcgroup-internal.h |    1 +
 src/parse.y              |   24 +++++++++++++++-
 4 files changed, 91 insertions(+), 2 deletions(-)

diff --git a/src/config.c b/src/config.c
index 8548174..18c6f55 100644
--- a/src/config.c
+++ b/src/config.c
@@ -49,6 +49,8 @@ unsigned int MAX_CGROUPS = 64;        /* NOTE: This value 
changes dynamically */
 extern FILE *yyin;
 extern int yyparse(void);
 
+static struct cgroup default_group;
+
 /*
  * The basic global data structures.
  *
@@ -748,6 +750,34 @@ static void cgroup_free_config(void)
        config_table_index = 0;
 }
 
+/**
+ * Applies default permissions/uid/gid to all groups in config file.
+ */
+static void cgroup_config_apply_default()
+{
+       int i;
+       if (config_cgroup_table) {
+               for (i = 0; i < cgroup_table_index; i++) {
+                       struct cgroup *c = &config_cgroup_table[i];
+
+                       if (c->control_dperm == NO_PERMS)
+                               c->control_dperm = default_group.control_dperm;
+                       if (c->control_fperm == NO_PERMS)
+                               c->control_fperm = default_group.control_fperm;
+                       if (c->control_gid == NO_UID_GID)
+                               c->control_gid = default_group.control_gid;
+                       if (c->control_uid == NO_UID_GID)
+                               c->control_uid = default_group.control_uid;
+                       if (c->task_fperm == NO_PERMS)
+                               c->task_fperm = default_group.task_fperm;
+                       if (c->tasks_gid == NO_UID_GID)
+                               c->tasks_gid = default_group.tasks_gid;
+                       if (c->tasks_uid == NO_UID_GID)
+                               c->tasks_uid = default_group.tasks_uid;
+               }
+       }
+}
+
 static int cgroup_parse_config(const char *pathname)
 {
        int ret;
@@ -773,6 +803,8 @@ static int cgroup_parse_config(const char *pathname)
        config_table_index = 0;
        namespace_table_index = 0;
        cgroup_table_index = 0;
+       /* init the default cgroup */
+       init_cgroup_table(&default_group, 1);
 
        /*
         * Parser calls longjmp() on really fatal error (like out-of-memory).
@@ -866,6 +898,7 @@ int cgroup_config_load_config(const char *pathname)
        if (error)
                goto err_mnt;
 
+       cgroup_config_apply_default();
        error = cgroup_config_create_groups();
        cgroup_dbg("creating all cgroups now, error=%d\n", error);
        if (error)
@@ -1102,3 +1135,37 @@ out_errno:
        cgroup_get_controller_end(&ctrl_handle);
        return ECGOTHER;
 }
+
+/**
+ * Defines the default group. The parser puts content of 'default { }' to
+ * topmost group in config_cgroup_table. This function copies the permissions
+ * from it to our default cgroup.
+ */
+int cgroup_config_define_default(void)
+{
+       struct cgroup *config_cgroup =
+                       &config_cgroup_table[cgroup_table_index];
+
+       init_cgroup_table(&default_group, 1);
+       if (config_cgroup->control_dperm != NO_PERMS)
+               default_group.control_dperm = config_cgroup->control_dperm;
+       if (config_cgroup->control_fperm != NO_PERMS)
+               default_group.control_fperm = config_cgroup->control_fperm;
+       if (config_cgroup->control_gid != NO_UID_GID)
+               default_group.control_gid = config_cgroup->control_gid;
+       if (config_cgroup->control_uid != NO_UID_GID)
+               default_group.control_uid = config_cgroup->control_uid;
+       if (config_cgroup->task_fperm != NO_PERMS)
+               default_group.task_fperm = config_cgroup->task_fperm;
+       if (config_cgroup->tasks_gid != NO_UID_GID)
+               default_group.tasks_gid = config_cgroup->tasks_gid;
+       if (config_cgroup->tasks_uid != NO_UID_GID)
+               default_group.tasks_uid = config_cgroup->tasks_uid;
+
+       /*
+        * Reset all changes made by 'default { }' to the topmost group so it
+        * can be used by following 'group { }'.
+        */
+       init_cgroup_table(config_cgroup, 1);
+       return 0;
+}
diff --git a/src/lex.l b/src/lex.l
index 7a00015..9ff37ec 100644
--- a/src/lex.l
+++ b/src/lex.l
@@ -39,6 +39,7 @@ jmp_buf parser_error_env;
 "perm"         {return PERM;}
 "group"                {return GROUP;}
 "namespace"    {return NAMESPACE;}
+"default"      {return DEFAULT;}
 [a-zA-Z0-9_\-\/\.\,]+ {yylval.name = strdup(yytext); return ID;}
 \"[^"]*\" {yylval.name = strdup(yytext+1); yylval.name[strlen(yylval.name)-1] 
= '\0'; return ID; }
 .      {return yytext[0];}
diff --git a/src/libcgroup-internal.h b/src/libcgroup-internal.h
index 7d683f4..1b3daf9 100644
--- a/src/libcgroup-internal.h
+++ b/src/libcgroup-internal.h
@@ -224,6 +224,7 @@ int cgroup_config_insert_into_mount_table(char *name, char 
*mount_point);
 int cgroup_config_insert_into_namespace_table(char *name, char *mount_point);
 void cgroup_config_cleanup_mount_table(void);
 void cgroup_config_cleanup_namespace_table(void);
+int cgroup_config_define_default(void);
 
 /**
  * Create an empty dictionary.
diff --git a/src/parse.y b/src/parse.y
index e0c70d3..7cc444c 100644
--- a/src/parse.y
+++ b/src/parse.y
@@ -37,7 +37,7 @@ int yywrap(void)
 
 %}
 
-%token ID MOUNT GROUP PERM TASK ADMIN NAMESPACE
+%token ID MOUNT GROUP PERM TASK ADMIN NAMESPACE DEFAULT
 
 %union {
        char *name;
@@ -48,7 +48,7 @@ int yywrap(void)
 %type <name> ID
 %type <val> mountvalue_conf mount task_namevalue_conf admin_namevalue_conf
 %type <val> admin_conf task_conf task_or_admin group_conf group start
-%type <val> namespace namespace_conf
+%type <val> namespace namespace_conf default default_conf
 %type <values> namevalue_conf
 %start start
 %%
@@ -61,6 +61,10 @@ start   : start group
        {
                $$ = $1;
        }
+       | start default
+       {
+         $$ = $1;
+       }
         | start namespace
        {
                $$ = $1;
@@ -71,6 +75,22 @@ start   : start group
        }
         ;
 
+default :       DEFAULT '{' default_conf '}'
+       {
+               $$ = $3;
+               if ($$) {
+                       cgroup_config_define_default();
+               }
+       }
+       ;
+
+default_conf
+       :       PERM '{' task_or_admin '}'
+       {
+               $$ = $3;
+       }
+       ;
+
 group   :       GROUP ID '{' group_conf '}'
        {
                $$ = $4;


------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure 
contains a definitive record of customers, application performance, 
security threats, fraudulent activity, and more. Splunk takes this 
data and makes sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-novd2d
_______________________________________________
Libcg-devel mailing list
Libcg-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/libcg-devel

[Libcg-devel] [PATCH 02/10] cgconfigparser: Add 'default' section.

Reply via email to