Skip to content

L
lxc
Commit 2b31f553 by Michel Normand Committed by Daniel Lezcano
Options

lxc-execute or lxc-start to fail if cgroup not mounted

Before this patch a container was able to be started without mounted cgroup. (only a warning was logged) But the lxc-ps is using the /proc/<pid>/cgroup to identify the lxc container in which pid is running. So to be consistent between all lxc command I force an error if cgroup is not mounted at time of lxc-execute or lxc-start. Signed-off-by: 's avatarMichel Normand <normand@fr.ibm.com> Signed-off-by: 's avatarDaniel Lezcano <dlezcano@fr.ibm.com>
parent 74741dcc
Showing with 9 additions and 4 deletions
src/lxc/cgroup.c
...@@ -75,16 +75,21 @@ int lxc_rename_nsgroup(const char *name, pid_t pid) ...@@ -75,16 +75,21 @@ int lxc_rename_nsgroup(const char *name, pid_t pid)
char oldname[MAXPATHLEN]; char oldname[MAXPATHLEN];
char newname[MAXPATHLEN]; char newname[MAXPATHLEN];
char cgroup[MAXPATHLEN]; char cgroup[MAXPATHLEN];
int ret;
if (get_cgroup_mount(MTAB, cgroup)) { if (get_cgroup_mount(MTAB, cgroup)) {
INFO("cgroup is not mounted"); ERROR("cgroup is not mounted");
return -1; return -1;
} }
snprintf(oldname, MAXPATHLEN, "%s/%d", cgroup, pid); snprintf(oldname, MAXPATHLEN, "%s/%d", cgroup, pid);
snprintf(newname, MAXPATHLEN, "%s/%s", cgroup, name); snprintf(newname, MAXPATHLEN, "%s/%s", cgroup, name);
return rename(oldname, newname); ret = rename(oldname, newname);
if (ret)
SYSERROR("failed to rename cgroup %s->%s",
oldname, newname);
return ret;
} }
int lxc_link_nsgroup(const char *name) int lxc_link_nsgroup(const char *name)
...@@ -95,7 +100,7 @@ int lxc_link_nsgroup(const char *name) ...@@ -95,7 +100,7 @@ int lxc_link_nsgroup(const char *name)
int ret; int ret;
if (get_cgroup_mount(MTAB, cgroup)) { if (get_cgroup_mount(MTAB, cgroup)) {
INFO("cgroup is not mounted"); ERROR("cgroup is not mounted");
return -1; return -1;
} }
......
src/lxc/start.c
...@@ -552,7 +552,7 @@ int lxc_spawn(const char *name, struct lxc_handler *handler, char *const argv[]) ...@@ -552,7 +552,7 @@ int lxc_spawn(const char *name, struct lxc_handler *handler, char *const argv[])
} }
if (lxc_rename_nsgroup(name, handler->pid) || lxc_link_nsgroup(name)) if (lxc_rename_nsgroup(name, handler->pid) || lxc_link_nsgroup(name))
WARN("cgroupfs not found: cgroup disabled"); goto out_abort;
/* Create the network configuration */ /* Create the network configuration */
if (clone_flags & CLONE_NEWNET && if (clone_flags & CLONE_NEWNET &&
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment