"Fossies" - the Fresh Open Source Software Archive

Member "lxc-4.0.10/src/lxc/cmd/lxc-checkconfig.in" (16 Jul 2021, 8183 Bytes) of package /linux/misc/lxc-4.0.10.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Bash source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. See also the latest Fossies "Diffs" side-by-side code changes report for "lxc-checkconfig.in": 4.0.9_vs_4.0.10.

    1 #!/bin/sh
    2 # SPDX-License-Identifier: LGPL-2.1+
    3 
    4 # Allow environment variables to override config
    5 : ${CONFIG:=/proc/config.gz}
    6 : ${MODNAME:=configs}
    7 
    8 CAT="cat"
    9 
   10 if [ -t 1 ]; then
   11     SETCOLOR_SUCCESS="printf \\033[1;32m"
   12     SETCOLOR_FAILURE="printf \\033[1;31m"
   13     SETCOLOR_WARNING="printf \\033[1;33m"
   14     SETCOLOR_NORMAL="printf \\033[0;39m"
   15 else
   16     SETCOLOR_SUCCESS=":"
   17     SETCOLOR_FAILURE=":"
   18     SETCOLOR_WARNING=":"
   19     SETCOLOR_NORMAL=":"
   20 fi
   21 
   22 is_set() {
   23     $CAT $CONFIG | grep "$1=[y|m]" > /dev/null
   24     return $?
   25 }
   26 
   27 show_enabled() {
   28     RES=$1
   29     RET=1
   30     if [ $RES -eq 0 ]; then
   31         $SETCOLOR_SUCCESS && echo -n "enabled" && $SETCOLOR_NORMAL
   32         RET=0
   33     else
   34         if [ ! -z "$mandatory" ] && [ "$mandatory" = yes ]; then
   35             $SETCOLOR_FAILURE && echo -n "required" && $SETCOLOR_NORMAL
   36         else
   37             $SETCOLOR_WARNING && echo -n "missing" && $SETCOLOR_NORMAL
   38         fi
   39     fi
   40     return $RET
   41 }
   42 
   43 is_enabled() {
   44     mandatory=$2
   45 
   46     is_set $1
   47     show_enabled $?
   48 }
   49 
   50 has_cgroup_ns() {
   51     mandatory=no
   52 
   53     if [ -f "/proc/self/ns/cgroup" ]; then
   54         show_enabled 0
   55     else
   56         show_enabled 1
   57     fi
   58 }
   59 
   60 is_probed() {
   61     lsmod | grep $1 > /dev/null
   62     if [ $? -eq 0 ]; then
   63         echo -n ", loaded"
   64     else
   65         echo -n ", not loaded"
   66     fi
   67 }
   68 
   69 echo "LXC version $(lxc-start --version)"
   70 
   71 if [ ! -f $CONFIG ]; then
   72     echo "Kernel configuration not found at $CONFIG; searching..."
   73     KVER="`uname -r`"
   74     HEADERS_CONFIG="/lib/modules/$KVER/build/.config"
   75     BOOT_CONFIG="/boot/config-$KVER"
   76     [ -f "${HEADERS_CONFIG}" ] && CONFIG=${HEADERS_CONFIG}
   77     [ -f "${BOOT_CONFIG}" ] && CONFIG=${BOOT_CONFIG}
   78     if [ ! -f "$CONFIG" ]; then
   79         MODULEFILE=$(modinfo -k $KVER -n $MODNAME 2> /dev/null)
   80         # don't want to modprobe, so give user a hint
   81         # although scripts/extract-ikconfig could be used to extract contents without loading kernel module
   82         # http://svn.pld-linux.org/trac/svn/browser/geninitrd/trunk/geninitrd?rev=12696#L327
   83     fi
   84     if [ ! -f $CONFIG ]; then
   85         echo "$(basename $0): unable to retrieve kernel configuration" >&2
   86         echo >&2
   87         if [ -f "$MODULEFILE" ]; then
   88             echo "Try modprobe $MODNAME module, or" >&2
   89         fi
   90         echo "Try recompiling with IKCONFIG_PROC, installing the kernel headers," >&2
   91         echo "or specifying the kernel configuration path with:" >&2
   92         echo "  CONFIG=<path> $(basename $0)" >&2
   93         exit 1
   94     else
   95         echo "Kernel configuration found at $CONFIG"
   96     fi
   97 fi
   98 
   99 if gunzip -tq < $CONFIG 2>/dev/null; then
  100     CAT="zcat"
  101 fi
  102 
  103 KVER_MAJOR=$($CAT $CONFIG | grep '^# Linux.*Kernel Configuration' | \
  104     sed -r 's/.* ([0-9])\.[0-9]{1,2}\.[0-9]{1,3}.*/\1/')
  105 if [ "$KVER_MAJOR" = "2" ]; then
  106 KVER_MINOR=$($CAT $CONFIG | grep '^# Linux.*Kernel Configuration' | \
  107     sed -r 's/.* 2.6.([0-9]{2}).*/\1/')
  108 else
  109 KVER_MINOR=$($CAT $CONFIG | grep '^# Linux.*Kernel Configuration' | \
  110     sed -r 's/.* [0-9]\.([0-9]{1,3})\.[0-9]{1,3}.*/\1/')
  111 fi
  112 
  113 if [ -z "${KVER_MAJOR}" ]; then
  114     echo "WARNING: Unable to detect version from configuration, assuming latest\n"
  115     KVER_MAJOR="100"
  116     KVER_MINOR="0"
  117 fi
  118 
  119 echo "--- Namespaces ---"
  120 echo -n "Namespaces: " && is_enabled CONFIG_NAMESPACES yes
  121 echo
  122 echo -n "Utsname namespace: " && is_enabled CONFIG_UTS_NS
  123 echo
  124 echo -n "Ipc namespace: " && is_enabled CONFIG_IPC_NS yes
  125 echo
  126 echo -n "Pid namespace: " && is_enabled CONFIG_PID_NS yes
  127 echo
  128 echo -n "User namespace: " && is_enabled CONFIG_USER_NS
  129 echo
  130 if is_set CONFIG_USER_NS; then
  131     if which newuidmap > /dev/null 2>&1; then
  132         f=`which newuidmap`
  133         if [ ! -u "${f}" ]; then
  134             echo "Warning: newuidmap is not setuid-root"
  135         fi
  136     else
  137         echo "newuidmap is not installed"
  138     fi
  139     if which newgidmap > /dev/null 2>&1; then
  140         f=`which newgidmap`
  141         if [ ! -u "${f}" ]; then
  142             echo "Warning: newgidmap is not setuid-root"
  143         fi
  144     else
  145         echo "newgidmap is not installed"
  146     fi
  147 fi
  148 echo -n "Network namespace: " && is_enabled CONFIG_NET_NS
  149 echo
  150 if ([ $KVER_MAJOR -lt 4 ]) || ([ $KVER_MAJOR -eq 4 ] && [ $KVER_MINOR -lt 7 ]); then
  151     echo -n "Multiple /dev/pts instances: " && is_enabled DEVPTS_MULTIPLE_INSTANCES
  152     echo
  153 fi
  154 echo
  155 
  156 echo "--- Control groups ---"
  157 
  158 echo -n "Cgroups: " && is_enabled CONFIG_CGROUPS
  159 echo
  160 
  161 echo -n "Cgroup namespace: " && has_cgroup_ns
  162 echo
  163 
  164 print_cgroups() {
  165   # print all mountpoints for cgroup filesystems
  166   awk '$1 !~ /#/ && $3 == mp { print $2; } ; END { exit(0); } '  "mp=$1" "$2" ;
  167 }
  168 
  169 CGROUP_V1_MNTS=`print_cgroups cgroup /proc/self/mounts`
  170 echo
  171 echo "Cgroup v1 mount points: "
  172 echo "$CGROUP_V1_MNTS"
  173 echo
  174 
  175 CGROUP_V2_MNTS=`print_cgroups cgroup2 /proc/self/mounts`
  176 echo "Cgroup v2 mount points: "
  177 echo "$CGROUP_V2_MNTS"
  178 echo
  179 
  180 CGROUP_SYSTEMD_MNTPT=`echo "$CGROUP_V1_MNTS" | grep "/systemd"`
  181 if [ -z "$CGROUP_SYSTEMD_MNTPT" ]; then
  182     echo -n "Cgroup v1 systemd controller: "
  183     $SETCOLOR_FAILURE && echo -n "missing" && $SETCOLOR_NORMAL
  184     echo
  185 fi
  186 
  187 CGROUP_FREEZER_MNTPT=`echo "$CGROUP_V1_MNTS" | grep "/freezer"`
  188 if [ -z "$CGROUP_FREEZER_MNTPT" ]; then
  189     echo -n "Cgroup v1 freezer controller: "
  190     $SETCOLOR_FAILURE && echo -n "missing" && $SETCOLOR_NORMAL
  191     echo
  192 fi
  193 
  194 CGROUP_MNT_PATH=`echo "$CGROUP_V1_MNTS" | head -n 1`
  195 if [ -f $CGROUP_MNT_PATH/cgroup.clone_children ]; then
  196     echo -n "Cgroup v1 clone_children flag: " &&
  197     $SETCOLOR_SUCCESS && echo "enabled" && $SETCOLOR_NORMAL
  198 else
  199     echo -n "Cgroup ns_cgroup: " && is_enabled CONFIG_CGROUP_NS yes
  200     echo
  201 fi
  202 
  203 echo -n "Cgroup device: " && is_enabled CONFIG_CGROUP_DEVICE
  204 echo
  205 
  206 echo -n "Cgroup sched: " && is_enabled CONFIG_CGROUP_SCHED
  207 echo
  208 
  209 echo -n "Cgroup cpu account: " && is_enabled CONFIG_CGROUP_CPUACCT
  210 echo
  211 
  212 echo -n "Cgroup memory controller: "
  213 if ([ $KVER_MAJOR -ge 3 ] && [ $KVER_MINOR -ge 6 ]) || ([ $KVER_MAJOR -gt 3 ]); then
  214     is_enabled CONFIG_MEMCG
  215 else
  216     is_enabled CONFIG_CGROUP_MEM_RES_CTLR
  217 fi
  218 echo
  219 
  220 is_set CONFIG_SMP && echo -n "Cgroup cpuset: " && is_enabled CONFIG_CPUSETS && echo
  221 echo
  222 
  223 echo "--- Misc ---"
  224 echo -n "Veth pair device: " && is_enabled CONFIG_VETH && is_probed veth
  225 echo
  226 echo -n "Macvlan: " && is_enabled CONFIG_MACVLAN && is_probed macvlan
  227 echo
  228 echo -n "Vlan: " && is_enabled CONFIG_VLAN_8021Q && is_probed 8021q
  229 echo
  230 echo -n "Bridges: " && is_enabled CONFIG_BRIDGE && is_probed bridge
  231 echo
  232 echo -n "Advanced netfilter: " && is_enabled CONFIG_NETFILTER_ADVANCED && is_probed nf_tables
  233 echo
  234 echo -n "CONFIG_NF_NAT_IPV4: " && is_enabled CONFIG_NF_NAT_IPV4 && is_probed nf_nat_ipv4
  235 echo
  236 echo -n "CONFIG_NF_NAT_IPV6: " && is_enabled CONFIG_NF_NAT_IPV6 && is_probed nf_nat_ipv6
  237 echo
  238 echo -n "CONFIG_IP_NF_TARGET_MASQUERADE: " && is_enabled CONFIG_IP_NF_TARGET_MASQUERADE && is_probed nf_nat_masquerade_ipv4
  239 echo
  240 echo -n "CONFIG_IP6_NF_TARGET_MASQUERADE: " && is_enabled CONFIG_IP6_NF_TARGET_MASQUERADE && is_probed nf_nat_masquerade_ipv6
  241 echo
  242 echo -n "CONFIG_NETFILTER_XT_TARGET_CHECKSUM: " && is_enabled CONFIG_NETFILTER_XT_TARGET_CHECKSUM && is_probed xt_CHECKSUM
  243 echo
  244 echo -n "CONFIG_NETFILTER_XT_MATCH_COMMENT: " && is_enabled CONFIG_NETFILTER_XT_MATCH_COMMENT && is_probed xt_comment
  245 echo
  246 echo -n "FUSE (for use with lxcfs): " && is_enabled CONFIG_FUSE_FS && is_probed fuse
  247 echo
  248 
  249 echo
  250 echo "--- Checkpoint/Restore ---"
  251 echo -n "checkpoint restore: " && is_enabled CONFIG_CHECKPOINT_RESTORE
  252 echo
  253 echo -n "CONFIG_FHANDLE: " && is_enabled CONFIG_FHANDLE
  254 echo
  255 echo -n "CONFIG_EVENTFD: " && is_enabled CONFIG_EVENTFD
  256 echo
  257 echo -n "CONFIG_EPOLL: " && is_enabled CONFIG_EPOLL
  258 echo
  259 echo -n "CONFIG_UNIX_DIAG: " && is_enabled CONFIG_UNIX_DIAG
  260 echo
  261 echo -n "CONFIG_INET_DIAG: " && is_enabled CONFIG_INET_DIAG
  262 echo
  263 echo -n "CONFIG_PACKET_DIAG: " && is_enabled CONFIG_PACKET_DIAG
  264 echo
  265 echo -n "CONFIG_NETLINK_DIAG: " && is_enabled CONFIG_NETLINK_DIAG
  266 echo
  267 echo -n "File capabilities: " && \
  268     ( [ "${KVER_MAJOR}" = 2 ] && [ ${KVER_MINOR} -lt 33 ] && \
  269        is_enabled CONFIG_SECURITY_FILE_CAPABILITIES; echo ) || \
  270     ( ( [ "${KVER_MAJOR}" = "2" ] && [ ${KVER_MINOR} -gt 32 ] ) || \
  271          [ ${KVER_MAJOR} -gt 2 ] && $SETCOLOR_SUCCESS && \
  272          echo "enabled" && $SETCOLOR_NORMAL )
  273 
  274 echo
  275 echo "Note : Before booting a new kernel, you can check its configuration"
  276 echo "usage : CONFIG=/path/to/config $0"
  277 echo
  278