Re: [lxc-devel] [PATCH] don't leak the rootfs.pin fd into the container

Mon, 11 Mar 2013 06:04:38 -0700 

On 03/10/2013 11:45 PM, Serge Hallyn wrote:

Quoting Ward, David - 0663 - MITLL (david.w...@ll.mit.edu):

Hi Serge,

This patch seems to have introduced a regression.  When I use
lxc-execute with a very simple container (which only sets the
utsname), the terminal input is not forwarded to the application
anymore.  In particular, running "lxc-execute -n $CONTAINER -- bash"
returns immediately without opening a shell.  (This is with Fedora
18 and kernel 3.8.2.)

Thanks, David.  The following patch definately looks like it is
needed.  It may or may not fix the bug you're seeing.  Can you
confirm?


Serge,

Yes, the patch below fixes the issue for me.  Thanks!

Acked-by: David Ward <david.w...@ll.mit.edu>


   Subject: [PATCH 1/1] rootfs pin: fix two bugs

1. if there's no rootfs, return -2, not 0.
2. don't close pinfd unconditionally in do_start().

Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
---
  src/lxc/conf.c  | 2 +-
  src/lxc/start.c | 3 ++-
  2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index add3c74..97b4ae4 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -578,7 +578,7 @@ int pin_rootfs(const char *rootfs)
        int ret, fd;
if (rootfs == NULL || strlen(rootfs) == 0) 
-               return 0;
+               return -2;
if (!realpath(rootfs, absrootfs)) { 
                SYSERROR("failed to get real path for '%s'", rootfs);
diff --git a/src/lxc/start.c b/src/lxc/start.c
index 75d1fd6..51b2f06 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -652,7 +652,8 @@ static int do_start(void *data)
        lxc_sync_fini_parent(handler);
/* don't leak the pinfd to the container */ 
-       close(handler->pinfd);
+       if (handler->pinfd >= 0)
+               close(handler->pinfd);
/* Tell the parent task it can begin to configure the 
         * container and wait for it to finish

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

------------------------------------------------------------------------------
Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester  
Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the  
endpoint security space. For insight on selecting the right partner to 
tackle endpoint security challenges, access the full report. 
http://p.sf.net/sfu/symantec-dev2dev
_______________________________________________
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel

Reply via email to