[lxc-devel] [PATCH 2/2] c/r: re-open fds after clone()
Serge Hallyn
serge.hallyn at ubuntu.com
Tue Apr 21 15:18:16 UTC 2015
Quoting Tycho Andersen (tycho.andersen at canonical.com):
> If we don't re-open these after clone, the init process has a pointer to the
> parent's /dev/{zero,null}. CRIU seese these and wants to dump the parent's
> mount namespace, which is unnecessary. Instead, we should just re-open
> stdin/out/err after we do the clone and pivot root, to ensure that we have
> pointers to the devcies in init's rootfs instead of the host's.
>
> v2: Only close fds if the container was daemonized. This didn't turn out as
> nicely as described on the list because lxc_start() doesn't actually have
> the struct lxc_container,
No, but lxc_container has a pointer to the handler. I was suggesting adding a
flag to the handler and (un/)setting that in lxcapi_start.
More information about the lxc-devel
mailing list