Ryousei Takano wrote:
> Hi daniel and all,
>
> I have ran the CentOS 5 container on the CentOS 5. When lxc-start executes
> with daemon mode
> and without logging, the permission of /dev/null on the host OS changes from
> 0666 to 0600.
>
> I guess it is because lxc uses bind mount due to remap from /dev/console to
> /dev/null with daemon
> mode. The container OS changes the permission of /dev/console at its boot
> process, and then it
> influences /dev/null on the host OS.
>
> I do not know whether this problem occurs on the other distros.
>
> Here is a simple reproduction code:
>
> #include <stdio.h>
> #include <unistd.h>
> #include <sys/mount.h>
>
> int
> main()
> {
> /* [LXC] setup_console (lxc/conf.c) */
> if (mount("/dev/null", "/dev/console", "none", MS_BIND, 0)) { /* (1) */
> perror("mount");
> return -1;
> }
> /* [CentOS] ??? */
> if (chmod("/dev/console", 0600)) { /* (2) */
> perror("chmod");
> return -1;
> }
> if (umount("/dev/console")) {
> perror("umount");
> return -1;
> }
> return 0;
> }
>
> Any comments and suggestions will be welcome.
Yeah, I will rewrite the console, it sucks.
I had in mind to allocate a pty and bind mount the client side to the
console and then proxy the master to the controlling tty or another fd
if specified in the command line (file, fifo, socket, etc ...).
I rewrote a part of the lxc-console to implement a couple of functions
to be reused.
------------------------------------------------------------------------------
The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
http://p.sf.net/sfu/theplanet-com
_______________________________________________
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
