Quoting S.Çağlar Onur (cag...@10ur.org):
> Being able to set close_all_fds via API would be usefull for the
> situations like running an application (let's say web server)
> that controls the lifecycle of the container using the LXC API.
> We don't want forked process to inherit parent's resource (file, socket, ...)
>
> Signed-off-by: S.Çağlar Onur <cag...@10ur.org>
Thanks, looks good to me.
Acked-by: Serge E. Hallyn <serge.hal...@ubuntu.com>
> ---
> src/lxc/lxc_start.c | 2 +-
> src/lxc/lxccontainer.c | 13 +++++++++++++
> src/lxc/lxccontainer.h | 1 +
> 3 files changed, 15 insertions(+), 1 deletion(-)
>
> diff --git a/src/lxc/lxc_start.c b/src/lxc/lxc_start.c
> index dfc514e..a30a9f6 100644
> --- a/src/lxc/lxc_start.c
> +++ b/src/lxc/lxc_start.c
> @@ -265,7 +265,7 @@ int main(int argc, char *argv[])
> }
>
> if (my_args.close_all_fds)
> - conf->close_all_fds = 1;
> + c->want_close_all_fds(c);
>
> err = c->start(c, 0, args) ? 0 : -1;
>
> diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
> index e8dde91..727c680 100644
> --- a/src/lxc/lxccontainer.c
> +++ b/src/lxc/lxccontainer.c
> @@ -456,6 +456,18 @@ static void lxcapi_want_daemonize(struct lxc_container
> *c)
> container_mem_unlock(c);
> }
>
> +static void lxcapi_want_close_all_fds(struct lxc_container *c)
> +{
> + if (!c || !c->lxc_conf)
> + return;
> + if (container_mem_lock(c)) {
> + ERROR("Error getting mem lock");
> + return;
> + }
> + c->lxc_conf->close_all_fds = 1;
> + container_mem_unlock(c);
> +}
> +
> static bool lxcapi_wait(struct lxc_container *c, const char *state, int
> timeout)
> {
> int ret;
> @@ -2682,6 +2694,7 @@ struct lxc_container *lxc_container_new(const char
> *name, const char *configpath
> c->init_pid = lxcapi_init_pid;
> c->load_config = lxcapi_load_config;
> c->want_daemonize = lxcapi_want_daemonize;
> + c->want_close_all_fds = lxcapi_want_close_all_fds;
> c->start = lxcapi_start;
> c->startl = lxcapi_startl;
> c->stop = lxcapi_stop;
> diff --git a/src/lxc/lxccontainer.h b/src/lxc/lxccontainer.h
> index 89b55bd..8b6c6ef 100644
> --- a/src/lxc/lxccontainer.h
> +++ b/src/lxc/lxccontainer.h
> @@ -68,6 +68,7 @@ struct lxc_container {
> bool (*startl)(struct lxc_container *c, int useinit, ...);
> bool (*stop)(struct lxc_container *c);
> void (*want_daemonize)(struct lxc_container *c);
> + void (*want_close_all_fds)(struct lxc_container *c);
> // Return current config file name. The result is strdup()d, so free
> the result.
> char *(*config_file_name)(struct lxc_container *c);
> // for wait, timeout == -1 means wait forever, timeout == 0 means don't
> wait.
> --
> 1.8.1.2
>
>
> ------------------------------------------------------------------------------
> LIMITED TIME SALE - Full Year of Microsoft Training For Just $49.99!
> 1,500+ hours of tutorials including VisualStudio 2012, Windows 8, SharePoint
> 2013, SQL 2012, MVC 4, more. BEST VALUE: New Multi-Library Power Pack includes
> Mobile, Cloud, Java, and UX Design. Lowest price ever! Ends 9/20/13.
> http://pubads.g.doubleclick.net/gampad/clk?id=58041151&iu=/4140/ostg.clktrk
> _______________________________________________
> Lxc-devel mailing list
> Lxc-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/lxc-devel
------------------------------------------------------------------------------
LIMITED TIME SALE - Full Year of Microsoft Training For Just $49.99!
1,500+ hours of tutorials including VisualStudio 2012, Windows 8, SharePoint
2013, SQL 2012, MVC 4, more. BEST VALUE: New Multi-Library Power Pack includes
Mobile, Cloud, Java, and UX Design. Lowest price ever! Ends 9/22/13.
http://pubads.g.doubleclick.net/gampad/clk?id=64545871&iu=/4140/ostg.clktrk
_______________________________________________
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
