virt-host-validate.c: check for kernel namespaces

The LXC driver requires the uts, mnt, pid & ipc
namespaces, while net & user namespaces are
optional. Validate all these are present.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>

3 files changed, 55 insertions, 0 deletions

diff --git a/tools/virt-host-validate-common.c b/tools/virt-host-validate-common.c
index 92a19c5396..12a98f41fc 100644
--- a/tools/virt-host-validate-common.c
+++ b/tools/virt-host-validate-common.c
@@ -132,6 +132,26 @@ int virHostValidateDevice(const char *hvname,
 }
 
 
+int virHostValidateNamespace(const char *hvname,
+                             const char *ns_name,
+                             virHostValidateLevel level,
+                             const char *hint)
+{
+    virHostMsgCheck(hvname, "for namespace %s", ns_name);
+    char nspath[100];
+
+    snprintf(nspath, sizeof(nspath), "/proc/self/ns/%s", ns_name);
+
+    if (access(nspath, F_OK) < 0) {
+        virHostMsgFail(level, hint);
+        return -1;
+    }
+
+    virHostMsgPass();
+    return 0;
+}
+
+
 bool virHostValidateHasCPUFlag(const char *name)
 {
     FILE *fp = fopen("/proc/cpuinfo", "r");
diff --git a/tools/virt-host-validate-common.h b/tools/virt-host-validate-common.h
index 25644dca8f..9d8bceaea3 100644
--- a/tools/virt-host-validate-common.h
+++ b/tools/virt-host-validate-common.h
@@ -54,4 +54,9 @@ extern int virHostValidateLinuxKernel(const char *hvname,
                                       virHostValidateLevel level,
                                       const char *hint);
 
+extern int virHostValidateNamespace(const char *hvname,
+                                    const char *ns_name,
+                                    virHostValidateLevel level,
+                                    const char *hint);
+
 #endif /* __VIRT_HOST_VALIDATE_COMMON_H__ */
diff --git a/tools/virt-host-validate-lxc.c b/tools/virt-host-validate-lxc.c
index e0d2df4bc0..43c3f5f08e 100644
--- a/tools/virt-host-validate-lxc.c
+++ b/tools/virt-host-validate-lxc.c
@@ -33,5 +33,35 @@ int virHostValidateLXC(void)
                                    _("Upgrade to a kernel supporting namespaces")) < 0)
         ret = -1;
 
+    if (virHostValidateNamespace("LXC", "ipc",
+                                 VIR_HOST_VALIDATE_FAIL,
+                                 _("IPC namespace support is required")) < 0)
+        ret = -1;
+
+    if (virHostValidateNamespace("LXC", "mnt",
+                                 VIR_HOST_VALIDATE_FAIL,
+                                 _("Mount namespace support is required")) < 0)
+        ret = -1;
+
+    if (virHostValidateNamespace("LXC", "pid",
+                                 VIR_HOST_VALIDATE_FAIL,
+                                 _("PID namespace support is required")) < 0)
+        ret = -1;
+
+    if (virHostValidateNamespace("LXC", "uts",
+                                 VIR_HOST_VALIDATE_FAIL,
+                                 _("UTS namespace support is required")) < 0)
+        ret = -1;
+
+    if (virHostValidateNamespace("LXC", "net",
+                                 VIR_HOST_VALIDATE_WARN,
+                                 _("Network namespace support is recommended")) < 0)
+        ret = -1;
+
+    if (virHostValidateNamespace("LXC", "user",
+                                 VIR_HOST_VALIDATE_FAIL,
+                                 _("User namespace support is recommended")) < 0)
+        ret = -1;
+
     return ret;
 }