container start: check for start hooks in container rootfs

Do so early enough that we can report a meaningful failure. (This should fix https://github.com/lxc/lxc/issues/225) Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com> Acked-by: Stéphane Graber <stgraber@ubuntu.com>

container start: check for start hooks in container rootfs
1a9c040f · Serge Hallyn · Stéphane Graber · d18de3bc · 1a9c040f
Commit 1a9c040f authored Jun 10, 2014 by Serge Hallyn Committed by Stéphane Graber Jun 09, 2014
Hide whitespace changes
Inline Side-by-side

Showing with 28 additions and 0 deletions

conf.c src/lxc/conf.c +28 -0

No files found.
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -3851,6 +3851,30 @@ int do_rootfs_setup(struct lxc_conf *conf, const char *name, const char *lxcpath
 	return 0;
 }

+static bool verify_start_hooks(struct lxc_conf *conf)
+{
+	struct lxc_list *it;
+	char path[MAXPATHLEN];
+	lxc_list_for_each(it, &conf->hooks[LXCHOOK_START]) {
+		char *hookname = it->elem;
+		struct stat st;
+		int ret;
+
+		ret = snprintf(path, MAXPATHLEN, "%s%s",
+			conf->rootfs.mount, hookname);
+		if (ret < 0 || ret >= MAXPATHLEN)
+			return false;
+		ret = stat(path, &st);
+		if (ret) {
+			SYSERROR("Start hook %s not found in container rootfs",
+					hookname);
+			return false;
+		}
+	}
+
+	return true;
+}
+
 int lxc_setup(struct lxc_handler *handler)
 {
 	const char *name = handler->name;
@@ -3904,6 +3928,10 @@ int lxc_setup(struct lxc_handler *handler)
 		return -1;
 	}

+	/* Make sure any start hooks are in the rootfs */
+	if (!verify_start_hooks(lxc_conf))
+		return -1;
+
 	/* now mount only cgroup, if wanted;
 	 * before, /sys could not have been mounted
 	 * (is either mounted automatically or via fstab entries)