Skip to content

L
lxc
Switch branch/tag
  1. 09 Jan, 2013 2 commits
  3. 08 Jan, 2013 4 commits
  5. 04 Jan, 2013 3 commits
  7. 03 Jan, 2013 2 commits
  9. 02 Jan, 2013 14 commits
  11. 25 Dec, 2012 7 commits
  13. 22 Dec, 2012 1 commit
  15. 20 Dec, 2012 1 commit
    • Support MS_SHARED / · cc28d0b0
      Serge Hallyn authored 
      (I'll be out until Jan 2, but in the meantime, here is hopefully a
little newyears gift - this seems to allow lxc-start with / being
MS_SHARED on the host)

When / is MS_SHARED (for instance with f18 and modern arch), lxc-start
fails on pivot_root.  The kernel enforces that, when doing pivot_root,
the parent of current->fs->root (as well as the new root and the putold
location) not be MS_SHARED.

To work around this, check /proc/self/mountinfo for a 'shared:' in
the '/' line.  If it is there, then create a tiny MS_SLAVE tmpfs dir to
serve as parent of /, recursively bind mount / into /root under that dir,
make it rslave, and chroot into it.

Tested with ubuntu raring image after doing 'mount --make-rshared /'.
Signed-off-by: 's avatarSerge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: 's avatarStéphane Graber <stgraber@ubuntu.com>
  17. 19 Dec, 2012 1 commit
  19. 14 Dec, 2012 3 commits
    • Version 0.9.0.alpha2 · 56655134
      Daniel Lezcano authored
    • Merge git://github.com/lxc/lxc · 2a061f55
      Daniel Lezcano authored
    • Fix race/corruption with multiple lxc-start, lxc-execute · d2e30e99
      Dwight Engen authored 
      If you start more than one lxc-start/lxc-execute with the same name at the
same time, or just do an lxc-start/lxc-execute with the name of a container
that is already running, lxc doesn't figure out that the container with this
name is already running until fairly late in the initialization process: ie
when __lxc_start() -> lxc_poll() -> lxc_command_mainloop_add() attempts to
create the same abstract socket name.

By this point a fair amount of initialization has been done that actually
messes up the running container. For example __lxc_start() -> lxc_spawn() ->
lxc_cgroup_create() -> lxc_one_cgroup_create() -> try_to_move_cgname() moves
the running container's cgroup to a name of deadXXXXXX.

The solution in this patch is to use the atomic existence of the abstract
socket name as the indicator that the container is already running.  To do
so, I just refactored lxc_command_mainloop_add() into an lxc_command_init()
routine that attempts to bind the socket, and ensure this is called earlier
before much initialization has been done.

In testing, I verified that maincmd_fd was still open at the time of lxc_fini,
so the entire lifetime of the container's run should be covered. The only
explicit close of this fd was in the reboot case of lxcapi_start(), which is
now moved to lxc_fini(), which I think is more appropriate.

Even though it is not checked any more, set maincmd_fd to -1 instead of 0 to
indicate its not open since 0 could be a valid fd.
Signed-off-by: 's avatarDwight Engen <dwight.engen@oracle.com>
Acked-by: 's avatarSerge E. Hallyn <serge.hallyn@ubuntu.com>
  21. 13 Dec, 2012 2 commits