From 603c3f40ccfa18c918d135031d60f604deac8e48 Mon Sep 17 00:00:00 2001 From: Levente Meszaros Date: Mon, 25 Mar 2024 09:54:16 +0100 Subject: [PATCH] common: Added Linux OS guards to network and user namespaces. --- src/inet/common/NetworkNamespaceContext.cc | 14 ++++++++++++++ src/inet/common/UnsharedNamespaceInitializer.cc | 6 ++++++ 2 files changed, 20 insertions(+) diff --git a/src/inet/common/NetworkNamespaceContext.cc b/src/inet/common/NetworkNamespaceContext.cc index 4cdab7e08cb..940b0c9d67c 100644 --- a/src/inet/common/NetworkNamespaceContext.cc +++ b/src/inet/common/NetworkNamespaceContext.cc @@ -20,6 +20,7 @@ std::map localNetworkNamespaces; // network namespace which ar void createNetworkNamespace(const char *name, bool global) { +#ifdef __linux__ if (global) { std::string fullPath = std::string("/var/run/netns/") + name; int fd = open(fullPath.c_str(), O_RDONLY | O_CREAT | O_EXCL, 0); @@ -40,10 +41,14 @@ void createNetworkNamespace(const char *name, bool global) // switch back to the original namespace that was used before unshare setns(oldFd, 0); } +#else + throw cRuntimeError("Network namespaces are only supported on Linux"); +#endif } bool existsNetworkNamespace(const char *name) { +#ifdef __linux__ auto it = localNetworkNamespaces.find(name); if (it != localNetworkNamespaces.end()) return true; @@ -56,9 +61,13 @@ bool existsNetworkNamespace(const char *name) } } return false; +#else + throw cRuntimeError("Network namespaces are only supported on Linux"); +#endif } void deleteNetworkNamespace(const char *name) { +#ifdef __linux__ auto it = localNetworkNamespaces.find(name); if (it != localNetworkNamespaces.end()) { auto it = localNetworkNamespaces.find(name); @@ -72,6 +81,9 @@ void deleteNetworkNamespace(const char *name) { if (unlink(path.c_str()) != 0) throw cRuntimeError("Cannot unlink file: %s", path.c_str()); } +#else + throw cRuntimeError("Network namespaces are only supported on Linux"); +#endif } NetworkNamespaceContext::NetworkNamespaceContext(const char *name) @@ -117,6 +129,8 @@ NetworkNamespaceContext::~NetworkNamespaceContext() } oldFd = -1; newFd = -1; +#else + throw cRuntimeError("Network namespaces are only supported on Linux"); #endif } } diff --git a/src/inet/common/UnsharedNamespaceInitializer.cc b/src/inet/common/UnsharedNamespaceInitializer.cc index 233eff8ed2c..db557fdaf02 100644 --- a/src/inet/common/UnsharedNamespaceInitializer.cc +++ b/src/inet/common/UnsharedNamespaceInitializer.cc @@ -15,7 +15,9 @@ Register_GlobalConfigOption(CFGID_UNSHARE_USER_NAMESPACE, "unshare-user-namespac UnsharedNamespaceInitializer UnsharedNamespaceInitializer::singleton; +#ifdef __linux__ EXECUTE_ON_STARTUP(getEnvir()->addLifecycleListener(&UnsharedNamespaceInitializer::singleton)); +#endif void UnsharedNamespaceInitializer::lifecycleEvent(SimulationLifecycleEventType eventType, cObject *details) { @@ -35,6 +37,7 @@ void UnsharedNamespaceInitializer::lifecycleEvent(SimulationLifecycleEventType e void UnsharedNamespaceInitializer::unshareUserNamespace() { +#ifdef __linux__ pid_t originalUid = getuid(); pid_t originalGid = getgid(); if (unshare(CLONE_NEWUSER) < 0) @@ -52,13 +55,16 @@ void UnsharedNamespaceInitializer::unshareUserNamespace() // change effective user to root if (seteuid(0) < 0) throw cRuntimeError("Failed to switch to the root user"); +#endif } void UnsharedNamespaceInitializer::unshareNetworkNamespace() { +#ifdef __linux__ if (unshare(CLONE_NEWNET) < 0) throw cRuntimeError("Failed to unshare network namespace"); originalNetworkNamespaceFd = open("/proc/self/ns/net", O_RDONLY); +#endif } void UnsharedNamespaceInitializer::writeMapping(const char* path, const char* mapping)