[lxc-devel] [PATCH 2/9] lxc-attach: use execvp instead of execve
execvp does not require specifying the full path to the executable
(e.g., "ls" instead of "/bin/ls"), making the operation of 'lxc-attach'
consistent with 'lxc-start' and 'lxc-execute'.
Signed-off-by: David Ward
---
src/lxc/lxc_attach.c |6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/lxc/lxc_attach.c b/src/lxc/lxc_attach.c
index 3571b09..4883327 100644
--- a/src/lxc/lxc_attach.c
+++ b/src/lxc/lxc_attach.c
@@ -89,7 +89,7 @@ Options :\n\
.checker = NULL,
};
-int main(int argc, char *argv[], char *envp[])
+int main(int argc, char *argv[])
{
int ret;
pid_t pid, init_pid;
@@ -212,7 +212,7 @@ int main(int argc, char *argv[], char *envp[])
lxc_sync_fini(handler);
if (my_args.argc) {
- execve(my_args.argv[0], my_args.argv, envp);
+ execvp(my_args.argv[0], my_args.argv);
SYSERROR("failed to exec '%s'", my_args.argv[0]);
return -1;
}
@@ -232,7 +232,7 @@ int main(int argc, char *argv[], char *envp[])
NULL,
};
- execve(args[0], args, envp);
+ execvp(args[0], args);
SYSERROR("failed to exec '%s'", args[0]);
return -1;
}
--
1.7.1
--
Try before you buy = See our experts in action!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-dev2
___
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
[lxc-devel] [PATCH 6/9] utmp: support non-rootfs configuration
Having a rootfs is not a necessary condition for monitoring utmp, since /var or /var/run can just be remounted inside the container instead. We should rely on the other two conditions already in place to decide whether to monitor the utmp file: - the container was started with 'lxc-start', which indicates that it has a real init process and is expected to write to a utmp file - support for CAP_SYS_BOOT was not found in the kernel, which would otherwise supersede utmp monitoring Signed-off-by: David Ward --- src/lxc/utmp.c |4 1 files changed, 0 insertions(+), 4 deletions(-) diff --git a/src/lxc/utmp.c b/src/lxc/utmp.c index b6469b0..a7b9b52 100644 --- a/src/lxc/utmp.c +++ b/src/lxc/utmp.c @@ -233,10 +233,6 @@ int lxc_utmp_mainloop_add(struct lxc_epoll_descr *descr, char path2[MAXPATHLEN]; int fd, wd; struct lxc_utmp *utmp_data; - struct lxc_conf *conf = handler->conf; - - if (!conf->rootfs.path) - return 0; /* We set up a watch for the /var/run directory. We're only interested * in utmp at the moment, but want to watch for delete and create -- 1.7.1 -- Try before you buy = See our experts in action! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-dev2 ___ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
[lxc-devel] [PATCH 3/9] lxc-ls: only list active containers
Originally, lxc-ls listed all containers by printing the directory names in /var/lib/lxc. After commit 65cb447f9b8d1ac8dcf9df24a4f877180444f003, lxc-ls now finds and prints active containers by searching for open UNIX sockets named '/var/lib/lxc//command'. However, all containers are still printed using the old method as well, so now the active containers just get printed twice. Assuming that the intention of the above commit was to only list active containers, do not print the directory names in /var/lib/lxc any longer. Signed-off-by: David Ward --- src/lxc/lxc-ls.in |2 -- 1 files changed, 0 insertions(+), 2 deletions(-) diff --git a/src/lxc/lxc-ls.in b/src/lxc/lxc-ls.in index d200509..b923c56 100644 --- a/src/lxc/lxc-ls.in +++ b/src/lxc/lxc-ls.in @@ -23,8 +23,6 @@ function get_cgroup() mount_point=`echo "$mount_string" |cut -d' ' -f2`; } -ls "$@" $lxcpath - active=$(netstat -xl 2>/dev/null | grep $lxcpath | \ sed -e 's#.*'"$lxcpath/"'\(.*\)/command#\1#'); -- 1.7.1 -- Try before you buy = See our experts in action! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-dev2 ___ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
[lxc-devel] [PATCH 5/9] utmp: do not set conf->need_utmp_watch if CAP_SYS_BOOT is not found
If CAP_SYS_BOOT is not found in the kernel, the existing value for
conf->need_utmp_watch should be left intact (which will be '1' for
containers started with 'lxc-start', or '0' for containers started
with 'lxc-execute').
Signed-off-by: David Ward
---
src/lxc/start.c |1 -
1 files changed, 0 insertions(+), 1 deletions(-)
diff --git a/src/lxc/start.c b/src/lxc/start.c
index fc2a1b1..1ee7bdf 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -508,7 +508,6 @@ static int do_start(void *data)
SYSERROR("failed to remove CAP_SYS_BOOT capability");
return -1;
}
- handler->conf->need_utmp_watch = 1;
DEBUG("Dropped cap_sys_boot\n");
} else {
DEBUG("Not dropping cap_sys_boot or watching utmp\n");
--
1.7.1
--
Try before you buy = See our experts in action!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-dev2
___
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
[lxc-devel] [PATCH 7/9] cgroup: rearrange code blocks
Avoid nesting and improve readability.
Signed-off-by: David Ward
---
src/lxc/cgroup.c | 66 -
1 files changed, 30 insertions(+), 36 deletions(-)
diff --git a/src/lxc/cgroup.c b/src/lxc/cgroup.c
index cc3910a..c915b52 100644
--- a/src/lxc/cgroup.c
+++ b/src/lxc/cgroup.c
@@ -142,6 +142,7 @@ static int get_cgroup_mount(const char *subsystem, char
*mnt)
struct mntent *mntent;
char initcgroup[MAXPATHLEN];
FILE *file = NULL;
+ int ret, err = -1;
file = setmntent(MTAB, "r");
if (!file) {
@@ -150,30 +151,27 @@ static int get_cgroup_mount(const char *subsystem, char
*mnt)
}
while ((mntent = getmntent(file))) {
-
if (strcmp(mntent->mnt_type, "cgroup"))
continue;
- if (!subsystem || hasmntopt_multiple(mntent, subsystem)) {
- int ret;
- ret = snprintf(mnt, MAXPATHLEN, "%s%s/lxc",
- mntent->mnt_dir,
- get_init_cgroup(subsystem, NULL,
- initcgroup));
- if (ret < 0 || ret >= MAXPATHLEN)
- goto fail;
- fclose(file);
- DEBUG("using cgroup mounted at '%s'", mnt);
- return 0;
- }
+ if (subsystem && !hasmntopt_multiple(mntent, subsystem))
+ continue;
+
+ ret = snprintf(mnt, MAXPATHLEN, "%s%s/lxc", mntent->mnt_dir,
+ get_init_cgroup(subsystem, NULL, initcgroup));
+ if (ret < 0 || ret >= MAXPATHLEN)
+ goto fail;
+
+ DEBUG("using cgroup mounted at '%s'", mnt);
+ err = 0;
+ goto out;
};
fail:
DEBUG("Failed to find cgroup for %s\n",
subsystem ? subsystem : "(NULL)");
-
- fclose(file);
-
- return -1;
+out:
+ endmntent(file);
+ return err;
}
int lxc_ns_is_mounted(void)
@@ -398,18 +396,17 @@ int lxc_cgroup_create(const char *name, pid_t pid)
}
while ((mntent = getmntent(file))) {
-
DEBUG("checking '%s' (%s)", mntent->mnt_dir, mntent->mnt_type);
- if (!strcmp(mntent->mnt_type, "cgroup")) {
+ if (strcmp(mntent->mnt_type, "cgroup"))
+ continue;
- INFO("[%d] found cgroup mounted at '%s',opts='%s'",
-++found, mntent->mnt_dir, mntent->mnt_opts);
+ INFO("[%d] found cgroup mounted at '%s',opts='%s'",
+++found, mntent->mnt_dir, mntent->mnt_opts);
- err = lxc_one_cgroup_create(name, mntent, pid);
- if (err)
- goto out;
- }
+ err = lxc_one_cgroup_create(name, mntent, pid);
+ if (err)
+ goto out;
};
if (!found)
@@ -485,7 +482,7 @@ int lxc_cgroup_destroy(const char *name)
{
struct mntent *mntent;
FILE *file = NULL;
- int ret, err = -1;
+ int err = -1;
file = setmntent(MTAB, "r");
if (!file) {
@@ -494,18 +491,15 @@ int lxc_cgroup_destroy(const char *name)
}
while ((mntent = getmntent(file))) {
- if (!strcmp(mntent->mnt_type, "cgroup")) {
- ret = lxc_one_cgroup_destroy(mntent, name);
- if (ret) {
- fclose(file);
- return ret;
- }
- err = 0;
- }
- }
+ if (strcmp(mntent->mnt_type, "cgroup"))
+ continue;
- fclose(file);
+ err = lxc_one_cgroup_destroy(mntent, name);
+ if (err)
+ break;
+ }
+ endmntent(file);
return err;
}
/*
--
1.7.1
--
Try before you buy = See our experts in action!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-dev2
___
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
[lxc-devel] [PATCH 9/9] cgroup: only touch hierarchies that are bound to subsystems
Obtain a list of subsystems from /proc/cgroups, and ignore hierarchies
that are not bound to any of them (especially the 'systemd' hierarchy:
http://www.freedesktop.org/wiki/Software/systemd/PaxControlGroups ).
Signed-off-by: David Ward
---
src/lxc/cgroup.c | 50 --
1 files changed, 48 insertions(+), 2 deletions(-)
diff --git a/src/lxc/cgroup.c b/src/lxc/cgroup.c
index 06aa1a0..8ccbc50 100644
--- a/src/lxc/cgroup.c
+++ b/src/lxc/cgroup.c
@@ -53,6 +53,39 @@ enum {
CGROUP_CLONE_CHILDREN,
};
+/* Check if a mount is a cgroup hierarchy for any subsystem.
+ * Return the first subsystem found (or NULL if none).
+ */
+static char *mount_has_subsystem(const struct mntent *mntent)
+{
+ FILE *f;
+ char *c, *ret;
+ char line[MAXPATHLEN];
+
+ /* read the list of subsystems from the kernel */
+ f = fopen("/proc/cgroups", "r");
+ if (!f)
+ return 0;
+
+ /* skip the first line, which contains column headings */
+ if (!fgets(line, MAXPATHLEN, f))
+ return 0;
+
+ while (fgets(line, MAXPATHLEN, f)) {
+ c = strchr(line, '\t');
+ if (!c)
+ continue;
+ *c = '\0';
+
+ ret = hasmntopt(mntent, line);
+ if (ret)
+ break;
+ }
+
+ fclose(f);
+ return ret;
+}
+
/*
* get_init_cgroup: get the cgroup init is in.
* dsg: preallocated buffer to put the output in
@@ -124,8 +157,15 @@ static int get_cgroup_mount(const char *subsystem, char
*mnt)
while ((mntent = getmntent(file))) {
if (strcmp(mntent->mnt_type, "cgroup"))
continue;
- if (subsystem && !hasmntopt(mntent, subsystem))
- continue;
+
+ if (subsystem) {
+ if (!hasmntopt(mntent, subsystem))
+ continue;
+ }
+ else {
+ if (!mount_has_subsystem(mntent))
+ continue;
+ }
ret = snprintf(mnt, MAXPATHLEN, "%s%s/lxc", mntent->mnt_dir,
get_init_cgroup(subsystem, NULL, initcgroup));
@@ -252,6 +292,8 @@ int lxc_cgroup_attach(const char *name, pid_t pid)
if (strcmp(mntent->mnt_type, "cgroup"))
continue;
+ if (!mount_has_subsystem(mntent))
+ continue;
INFO("[%d] found cgroup mounted at '%s',opts='%s'",
++found, mntent->mnt_dir, mntent->mnt_opts);
@@ -405,6 +447,8 @@ int lxc_cgroup_create(const char *name, pid_t pid)
if (strcmp(mntent->mnt_type, "cgroup"))
continue;
+ if (!mount_has_subsystem(mntent))
+ continue;
INFO("[%d] found cgroup mounted at '%s',opts='%s'",
++found, mntent->mnt_dir, mntent->mnt_opts);
@@ -502,6 +546,8 @@ int lxc_cgroup_destroy(const char *name)
while ((mntent = getmntent(file))) {
if (strcmp(mntent->mnt_type, "cgroup"))
continue;
+ if (!mount_has_subsystem(mntent))
+ continue;
err = lxc_one_cgroup_destroy(mntent, name);
if (err)
--
1.7.1
--
Try before you buy = See our experts in action!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-dev2
___
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
[lxc-devel] [PATCH 4/9] lxc-ls: tighten regex search on open sockets
lxc-ls returns a list of active containers by searching for UNIX sockets named '/var/lib/lxc//command'. Make the regular expression tighter for this search, to avoid inadvertently picking up other sockets. Signed-off-by: David Ward --- src/lxc/lxc-ls.in |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/lxc/lxc-ls.in b/src/lxc/lxc-ls.in index b923c56..ea68971 100644 --- a/src/lxc/lxc-ls.in +++ b/src/lxc/lxc-ls.in @@ -23,8 +23,8 @@ function get_cgroup() mount_point=`echo "$mount_string" |cut -d' ' -f2`; } -active=$(netstat -xl 2>/dev/null | grep $lxcpath | \ - sed -e 's#.*'"$lxcpath/"'\(.*\)/command#\1#'); +active=$(netstat -xl 2>/dev/null | grep "$lxcpath"'/[^/]*/command' | \ + sed -e 's#.*'"$lxcpath"'/\([^/]*\)/command.*#\1#'); if test -n "$active"; then get_cgroup -- 1.7.1 -- Try before you buy = See our experts in action! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-dev2 ___ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
[lxc-devel] [PATCH 0/9] Assorted fixes against lxc 0.8.0-rc1
The following patches address a few issues I discovered while building or using lxc, including compatibility with systemd. They were tested on top of lxc 0.8.0-rc1 under Fedora 16. Please let me know if you have any questions or concerns. David Ward (9): use syscall numbers from Linux kernel headers lxc-attach: use execvp instead of execve lxc-ls: only list active containers lxc-ls: tighten regex search on open sockets utmp: do not set conf->need_utmp_watch if CAP_SYS_BOOT is not found utmp: support non-rootfs configuration cgroup: rearrange code blocks lxc-attach: unify code for attaching a pid to a cgroup cgroup: only touch hierarchies that are bound to subsystems config/linux.m4 | 76 - configure.ac |8 +-- src/lxc/Makefile.am | 11 --- src/lxc/attach.c | 113 +-- src/lxc/attach.h |9 --- src/lxc/cgroup.c | 183 +++-- src/lxc/cgroup.h |2 +- src/lxc/lxc-ls.in|6 +- src/lxc/lxc_attach.c | 10 ++-- src/lxc/start.c |1 - src/lxc/utmp.c |4 - 11 files changed, 131 insertions(+), 292 deletions(-) delete mode 100644 config/linux.m4 -- Try before you buy = See our experts in action! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-dev2 ___ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
[lxc-devel] [PATCH 1/9] use syscall numbers from Linux kernel headers
__NR_setns is defined in the Linux kernel headers in linux/unistd.h.
The full Linux kernel sources are not necessary for compilation.
Signed-off-by: David Ward
---
config/linux.m4 | 76 ---
configure.ac|8 ++---
src/lxc/Makefile.am | 11 ---
src/lxc/attach.c|3 +-
4 files changed, 4 insertions(+), 94 deletions(-)
delete mode 100644 config/linux.m4
diff --git a/config/linux.m4 b/config/linux.m4
deleted file mode 100644
index a4e9fa8..000
--- a/config/linux.m4
+++ /dev/null
@@ -1,76 +0,0 @@
-AC_DEFUN([AC_LINUX],
-[
- AC_LINUX_DIR()
- AC_LINUX_SRCARCH()
-])
-
-AC_DEFUN([AS_TRY_LINUX_DIR],
- [AC_MSG_CHECKING(for Linux in $1)
-
- if test -f "$1/Makefile" ; then
- result=yes
- $2
- else
- result="not found"
- $3
- fi
-
- AC_MSG_RESULT($result)
-])
-
-AC_DEFUN([AC_LINUX_DIR],
-[
- AC_ARG_WITH([linuxdir],
- [AC_HELP_STRING([--with-linuxdir=DIR],
- [specify path to Linux source directory])],
- [LINUX_DIR="${withval}"],
- [LINUX_DIR=default])
-
- dnl if specified, use the specified one
- if test "${LINUX_DIR}" != "default" ; then
- AS_TRY_LINUX_DIR([${LINUX_DIR}], , AC_MSG_ERROR([Linux dir not
found]) )
- fi
-
- dnl if not specified, first try with previously set LINUX_KERNEL_RELEASE
- if test "${LINUX_DIR}" = "default" ; then
- dir="/lib/modules/$LINUX_KERNEL_RELEASE/build";
- AS_TRY_LINUX_DIR([${dir}], [LINUX_DIR=${dir}], )
- fi
-
- dnl next try using the kernel source dir
- if test "${LINUX_DIR}" = "default" ; then
- dir="/usr/src/linux-$LINUX_KERNEL_RELEASE";
- AS_TRY_LINUX_DIR([${dir}], [LINUX_DIR=${dir}], )
- fi
-
- dnl then try a common default of /usr/src/linux
- if test "${LINUX_DIR}" = "default" ; then
- dir="/usr/src/linux";
- AS_TRY_LINUX_DIR([${dir}], [LINUX_DIR=${dir}], )
- fi
-
- dnl if still nothing found, fail
- if test "${LINUX_DIR}" = "default" ; then
- AC_MSG_WARN([Linux source directory not found])
- fi
-
- AC_SUBST(LINUX_DIR)
-])
-
-AC_DEFUN([AC_LINUX_SRCARCH],[
- AC_MSG_CHECKING(for linux SRCARCH)
-
- case "${host}" in
- i[[3456]]86-*) LINUX_SRCARCH=x86;;
- x86_64-*) LINUX_SRCARCH=x86;;
- powerpc*-*) LINUX_SRCARCH=powerpc;;
- s390*-*) LINUX_SRCARCH=s390;;
- arm*-*) LINUX_SRCARCH=arm;;
- mips*-*) LINUX_SRCARCH=mips;;
- sparc*-*) LINUX_SRCARCH=sparc;;
- *) AC_MSG_ERROR([architecture ${host} not supported]);;
- esac
-
- AC_MSG_RESULT(${LINUX_SRCARCH})
- AC_SUBST(LINUX_SRCARCH)
-])
diff --git a/configure.ac b/configure.ac
index b103599..526d22d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -65,13 +65,13 @@ AC_SUBST(LXCROOTFSMOUNT, "${with_rootfs_path}")
AC_SUBST(LXCINITDIR, ['${libexecdir}/lxc'])
AC_SUBST(LXCTEMPLATEDIR, ['${libdir}/lxc/templates'])
-AC_CHECK_HEADERS([linux/netlink.h linux/genetlink.h],
+AC_CHECK_HEADERS([linux/unistd.h linux/netlink.h linux/genetlink.h],
[],
- AC_MSG_ERROR([netlink headers not found.
Please install the linux kernel headers.]),
+ AC_MSG_ERROR([Please install the Linux kernel
headers.]),
[#include
])
-AC_CHECK_HEADERS([sys/capability.h], [], AC_MSG_ERROR([please install
libcap-devel.]),
+AC_CHECK_HEADERS([sys/capability.h], [], AC_MSG_ERROR([Please install the
libcap development files.]),
[#include
#include ])
AC_CHECK_LIB(cap,cap_set_proc,caplib=yes,caplib=no)
@@ -91,8 +91,6 @@ AC_CHECK_HEADERS([sys/signalfd.h])
AC_PROG_GCC_TRADITIONAL
-AC_LINUX
-
if test "x$GCC" = "xyes"; then
CFLAGS="$CFLAGS -Wall"
fi
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 3a3816e..1c26952 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -131,14 +131,3 @@ install-exec-local: install-soPROGRAMS
uninstall-local:
$(RM) $(DESTDIR)$(libdir)/liblxc.so*
-
-namespace.c: setns.h
-
-setns.h:
- -$(CC) $(CPPFLAGS) -M -MT$@
$(LINUX_DIR)/arch/$(LINUX_SRCARCH)/include/asm/unistd.h >setns.P
- -$(CPP) $(CPPFLAGS) -dM
$(LINUX_DIR)/arch/$(LINUX_SRCARCH)/include/asm/unistd.h |grep setns > $@
-
-clean-local:
- $(RM) setns.h setns.P
-
--include setns.P
diff --git a/src/lxc/attach.c b/src/lxc/attach.c
index 33da411..0ca8b39 100644
--- a/src/lxc/attach.c
+++ b/src/lxc/attach.c
@@ -30,6 +30,7 @@
#include
#include
#include
+#include
#if !HAVE_DECL_PR_CAPBSET_DROP
#define PR_CAPBSET_DROP 24
@@ -42,8 +43,6 @@
#include "cgroup.h"
#include "config.h"
-#include "setns.h"
-
lxc_log_define(lxc_attach, lxc);
int setns(int fd, int nstype)
-
[lxc-devel] [PATCH 8/9] lxc-attach: unify code for attaching a pid to a cgroup
To attach a new pid to the cgroups for an existing container, we can use
the same method that we did when we started the container: iterate over
all the mounted cgroup hierarchies; find the cgroup that pid 1 is in for
each hierarchy; add 'lxc/' to the end of it; then write the pid to
the 'tasks' file in that cgroup. (The only difference is that we do not
create the cgroup again.) Note that we follow exactly the same iteration
pattern to delete our cgroups when a container is shutdown.
There may be situations where additional cgroups hierarchies are mounted
after the container is started, or the cgroup for pid 1 gets reassigned.
But we currently don't handle any of these cases in the shutdown code or
anywhere else, so it doesn't make sense to try to handle these cases for
lxc-attach by itself. Aside from simplifying the code, this change makes
it easier to solve a different problem: ignoring hierarchies that are
not bound to any subsystems (like 'systemd').
Signed-off-by: David Ward
---
src/lxc/attach.c | 110 +
src/lxc/attach.h |9
src/lxc/cgroup.c | 91 +++--
src/lxc/cgroup.h |2 +-
src/lxc/lxc_attach.c |4 +-
5 files changed, 56 insertions(+), 160 deletions(-)
diff --git a/src/lxc/attach.c b/src/lxc/attach.c
index 0ca8b39..a95b3d3 100644
--- a/src/lxc/attach.c
+++ b/src/lxc/attach.c
@@ -60,10 +60,9 @@ struct lxc_proc_context_info
*lxc_proc_get_context_info(pid_t pid)
struct lxc_proc_context_info *info = calloc(1, sizeof(*info));
FILE *proc_file;
char proc_fn[MAXPATHLEN];
- char *line = NULL, *ptr, *ptr2;
+ char *line = NULL;
size_t line_bufsz = 0;
- int ret, found, l;
- int i;
+ int ret, found;
if (!info) {
SYSERROR("Could not allocate memory.");
@@ -114,117 +113,14 @@ struct lxc_proc_context_info
*lxc_proc_get_context_info(pid_t pid)
goto out_error;
}
- /* read cgroups */
- snprintf(proc_fn, MAXPATHLEN, "/proc/%d/cgroup", pid);
-
- proc_file = fopen(proc_fn, "r");
- if (!proc_file) {
- SYSERROR("Could not open %s", proc_fn);
- goto out_error;
- }
-
- /* we don't really know how many cgroup subsystems there are
-* mounted, so we go through the whole file twice */
- i = 0;
- while (getline(&line, &line_bufsz, proc_file) != -1) {
- /* we assume that all lines containing at least two colons
-* are valid */
- ptr = strchr(line, ':');
- if (ptr && strchr(ptr + 1, ':'))
- i++;
- }
-
- rewind(proc_file);
-
- info->cgroups = calloc(i, sizeof(*(info->cgroups)));
- info->cgroups_count = i;
-
- i = 0;
- while (getline(&line, &line_bufsz, proc_file) != -1 && i <
info->cgroups_count) {
- /* format of the lines is:
-* id:subsystems:path, where subsystems are separated by
-* commas and each subsystem may also be of the form
-* name=xxx if it describes a private named hierarchy
-* we will ignore the id in the following */
- ptr = strchr(line, ':');
- ptr2 = ptr ? strchr(ptr + 1, ':') : NULL;
-
- /* ignore invalid lines */
- if (!ptr || !ptr2) continue;
-
- l = strlen(ptr2) - 1;
- if (ptr2[l] == '\n')
- ptr2[l] = '\0';
-
- info->cgroups[i].subsystems = strndup(ptr + 1, ptr2 - (ptr +
1));
- info->cgroups[i].cgroup = strdup(ptr2 + 1);
-
- i++;
- }
-
- free(line);
- fclose(proc_file);
-
return info;
out_error:
- lxc_proc_free_context_info(info);
+ free(info);
free(line);
return NULL;
}
-void lxc_proc_free_context_info(struct lxc_proc_context_info *info)
-{
- if (!info)
- return;
-
- if (info->cgroups) {
- int i;
- for (i = 0; i < info->cgroups_count; i++) {
- free(info->cgroups[i].subsystems);
- free(info->cgroups[i].cgroup);
- }
- }
- free(info->cgroups);
- free(info);
-}
-
-int lxc_attach_proc_to_cgroups(pid_t pid, struct lxc_proc_context_info *ctx)
-{
- int i, ret;
-
- if (!ctx) {
- ERROR("No valid context supplied when asked to attach "
- "process to cgroups.");
- return -1;
- }
-
- for (i = 0; i < ctx->cgroups_count; i++) {
- char *path;
-
- /* the kernel should return paths that start with '/' */
- if (ctx->cgroups[i].cgroup[0] != '/') {
- ERROR("For cgroup subsystem(s) %s the path '%s' does "
- "not start with a '
[lxc-devel] [GIT] lxc branch, master, updated. f9d0d2cbbf401ffb74c251e75581174d91a02cfc
This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "lxc". The branch, master has been updated via f9d0d2cbbf401ffb74c251e75581174d91a02cfc (commit) via fc3c7f7f6e9d8adfc4be943160e4ef902436a25d (commit) from 09f2410e846189e765e39685b350255c196637c1 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log - commit f9d0d2cbbf401ffb74c251e75581174d91a02cfc Author: InformatiQ Date: Mon Mar 5 23:53:14 2012 +0100 fix cached rootfs update* fix rootfs path* add handling of systemd Signed-off-by: InformatiQ Signed-off-by: Daniel Lezcano commit fc3c7f7f6e9d8adfc4be943160e4ef902436a25d Author: Serge Hallyn Date: Mon Mar 5 23:53:14 2012 +0100 cgroups: fix broken support for deprecated ns cgroup when using ns cgroup, use /cgroup/ rather than /cgroup//lxc At least lxc-start, lxc-stop, lxc-cgroup, lxc-console and lxc-ls work with this patch. I've tested this in a 2.6.35 kernel with ns cgroup, and in a 3.2 kernel without ns cgroup. Note also that because of the check for container reboot support, if we're using the ns cgroup we now end up with a /cgroup//2 cgroup created, empty, by the clone(CLONE_NEWPID). I'm really not sure how much time we want to spend cleaning such things up since ns cgroup is deprecated in kernel. Signed-off-by: Serge Hallyn Signed-off-by: Daniel Lezcano --- Summary of changes: src/lxc/cgroup.c| 60 -- src/lxc/lxc-ls.in |6 - templates/lxc-fedora.in | 35 +-- 3 files changed, 68 insertions(+), 33 deletions(-) hooks/post-receive -- lxc -- Try before you buy = See our experts in action! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-dev2 ___ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
Re: [lxc-devel] [PATCH 3/9] lxc-ls: only list active containers
On 03/05/2012 02:34 PM, David Ward wrote: > Originally, lxc-ls listed all containers by printing the directory names > in /var/lib/lxc. After commit 65cb447f9b8d1ac8dcf9df24a4f877180444f003, > lxc-ls now finds and prints active containers by searching for open UNIX > sockets named '/var/lib/lxc//command'. However, all containers are > still printed using the old method as well, so now the active containers > just get printed twice. > > Assuming that the intention of the above commit was to only list active > containers, do not print the directory names in /var/lib/lxc any longer. The intention of the above commit was to list also the container which were created on-the-fly and hence not present in the /var/lib/lxc. For example, lxc-execute -n foo sleep 10, does not exists in /var/lib/lxc. I think the correct fix is to remove the duplicate container names. Or just show two list, the running ones and the stopped ones. -- Try before you buy = See our experts in action! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-dev2 ___ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
