[pve-devel] [PATCH container 2/3] added $skiplock parameter for pct start/stop

Thu, 04 Feb 2016 23:50:03 -0800 

Like with qemu the root user can use -skiplock with 'pct
start' and 'pct stop'.

This does not alter the container's lxc config, instead we
pass PVE_SKIPLOCK=1 via the environment which will be seen
from the prestart hook but not from inside the container.
---
 src/PVE/API2/LXC/Status.pm | 16 ++++++++++++++--
 src/lxc-pve-prestart-hook  |  2 +-
 2 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/src/PVE/API2/LXC/Status.pm b/src/PVE/API2/LXC/Status.pm
index 1c80355..cd7f04d 100644
--- a/src/PVE/API2/LXC/Status.pm
+++ b/src/PVE/API2/LXC/Status.pm
@@ -112,6 +112,7 @@ __PACKAGE__->register_method({
        properties => {
            node => get_standard_option('pve-node'),
            vmid => get_standard_option('pve-vmid', { completion => 
\&PVE::LXC::complete_ctid_stopped }),
+           skiplock => get_standard_option('skiplock'),
        },
     },
     returns => {
@@ -128,6 +129,10 @@ __PACKAGE__->register_method({
 
        my $vmid = extract_param($param, 'vmid');
 
+       my $skiplock = extract_param($param, 'skiplock');
+       raise_param_exc({ skiplock => "Only root may use this option." })
+           if $skiplock && $authuser ne 'root@pam';
+
        die "CT $vmid already running\n" if PVE::LXC::check_running($vmid);
 
        PVE::Cluster::check_cfs_quorum();
@@ -163,12 +168,14 @@ __PACKAGE__->register_method({
                    die "you can't start a CT if it's a template\n"
                        if PVE::LXC::is_template($conf);
 
-                   PVE::LXC::check_lock($conf);
+                   PVE::LXC::check_lock($conf) if !$skiplock;
 
                    my $storage_cfg = cfs_read_file("storage.cfg");
 
                    PVE::LXC::update_lxc_config($storage_cfg, $vmid, $conf);
 
+                   local $ENV{PVE_SKIPLOCK}=1 if $skiplock;
+
                    my $cmd = ['lxc-start', '-n', $vmid];
 
                    run_command($cmd);
@@ -198,6 +205,7 @@ __PACKAGE__->register_method({
        properties => {
            node => get_standard_option('pve-node'),
            vmid => get_standard_option('pve-vmid', { completion => 
\&PVE::LXC::complete_ctid_running }),
+           skiplock => get_standard_option('skiplock'),
        },
     },
     returns => {
@@ -214,6 +222,10 @@ __PACKAGE__->register_method({
 
        my $vmid = extract_param($param, 'vmid');
 
+       my $skiplock = extract_param($param, 'skiplock');
+       raise_param_exc({ skiplock => "Only root may use this option." })
+           if $skiplock && $authuser ne 'root@pam';
+
        die "CT $vmid not running\n" if !PVE::LXC::check_running($vmid);
 
        if (PVE::HA::Config::vm_is_ha_managed($vmid) && $rpcenv->{type} ne 
'ha') {
@@ -244,7 +256,7 @@ __PACKAGE__->register_method({
 
                    my $conf = PVE::LXC::load_config($vmid);
 
-                   PVE::LXC::check_lock($conf);
+                   PVE::LXC::check_lock($conf) if !$skiplock;
 
                    my $cmd = ['lxc-stop', '-n', $vmid, '--kill'];
 
diff --git a/src/lxc-pve-prestart-hook b/src/lxc-pve-prestart-hook
index 1ba957f..d52cbbc 100755
--- a/src/lxc-pve-prestart-hook
+++ b/src/lxc-pve-prestart-hook
@@ -63,7 +63,7 @@ __PACKAGE__->register_method ({
        return undef if ! -f PVE::LXC::config_file($vmid);
 
        my $conf = PVE::LXC::load_config($vmid);
-       PVE::LXC::check_lock($conf);
+       PVE::LXC::check_lock($conf) if !$ENV{PVE_SKIPLOCK};
 
        my $storage_cfg = PVE::Storage::config();
 
-- 
2.1.4


_______________________________________________
pve-devel mailing list
pve-devel@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

Reply via email to