<div dir="ltr">Okey doke, thanks. I've worked around the problem myself by shelling out to the lxc_start executable, but I've filed <a href="https://github.com/lxc/lxc/issues/191">https://github.com/lxc/lxc/issues/191</a> so this doesn't get lost. Would be nice to not pay the cost of starting an executable, but I doubt that's going to be my bottleneck for a long time :)</div>
<div class="gmail_extra"><br><br><div class="gmail_quote">On Thu, Mar 27, 2014 at 3:35 PM, Serge Hallyn <span dir="ltr"><<a href="mailto:serge.hallyn@ubuntu.com" target="_blank">serge.hallyn@ubuntu.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">The container doesn't do it bc it's a daemon, but because we don't<br>
want the container init to inherit (and be able to use) fds.<br>
<br>
The lxc-monitor has quite a few fds which it legitimately needs to have<br>
open - for instance signalfd, command socket, etc. So while it should<br>
be possible and would be nice to do, it won't be particularly easy to<br>
get right. I'll happily look at any patch you come up with though.<br>
<div class="HOEnZb"><div class="h5"><br>
Quoting John Keiser (<a href="mailto:jkeiser@getchef.com">jkeiser@getchef.com</a>):<br>
> Ah! Should it? Like, should it do all the daemon things that the<br>
> container itself does?<br>
><br>
><br>
> On Thu, Mar 27, 2014 at 12:30 PM, Serge Hallyn <<a href="mailto:serge.hallyn@ubuntu.com">serge.hallyn@ubuntu.com</a>>wrote:<br>
><br>
> > Quoting John Keiser (<a href="mailto:jkeiser@getchef.com">jkeiser@getchef.com</a>):<br>
> > > Hi all,<br>
> > ><br>
> > > I am trying to use lxc_container->start() from within a process that<br>
> > > happens to have started a TCP server, and even when my program exits, the<br>
> > > server socket stays alive. This can be tested by running this program<br>
> > > (which starts a server and then starts a container) twice--the second<br>
> > time<br>
> > > resulting in a bind() error:<br>
> > ><br>
> > > #include <sys/socket.h><br>
> > > #include <netinet/in.h><br>
> > > #include <stdio.h><br>
> > > #include <errno.h><br>
> > > #include <strings.h><br>
> > > #include <stdlib.h><br>
> > > #include <lxc/lxccontainer.h><br>
> > ><br>
> > > int main(int argc, char**argv)<br>
> > > {<br>
> > > struct lxc_container *c;<br>
> > > int listenfd,connfd,n;<br>
> > > struct sockaddr_in servaddr;<br>
> > > int port;<br>
> > ><br>
> > > // Start server<br>
> > > port = atoi(argv[2]);<br>
> > > printf("Listening on port %d ...\n", port);<br>
> > > listenfd=socket(AF_INET,SOCK_STREAM,0);<br>
> > > bzero(&servaddr,sizeof(servaddr));<br>
> > > servaddr.sin_family = AF_INET;<br>
> > > servaddr.sin_addr.s_addr=htonl(INADDR_ANY);<br>
> > > servaddr.sin_port=htons(port);<br>
> > > if (bind(listenfd,(struct sockaddr *)&servaddr,sizeof(servaddr)))<br>
> > > {<br>
> > > perror("Error calling bind()");<br>
> > > exit(1);<br>
> > > }<br>
> > > listen(listenfd,1024);<br>
> > ><br>
> > > // Start<br>
> > > printf("Starting container ...\n");<br>
> > > c = lxc_container_new(argv[1], NULL);<br>
> > > c->want_daemonize(c, true);<br>
> > > c->want_close_all_fds(c, true);<br>
> > > c->start(c, 0, NULL);<br>
> > ><br>
> > > return 0;<br>
> > > }<br>
> > ><br>
> > ><br>
> > > *> gcc test.c -llxc -o test*<br>
> > > *> lxc-create -n blarghle -t ubuntu*<br>
> > ><br>
> > > *> ./test blarghle 9050*<br>
> > > Listening on port 9050 ...<br>
> > > Starting container ...<br>
> > > *> ./test blarghle 9050*<br>
> > > Listening on port 9050 ...<br>
> > > Error calling bind(): Address already in use<br>
> > ><br>
> > > As you can see, even though ./test finished the first time, the second<br>
> > > ./test cannot bind to the port because it is still in use.<br>
> > ><br>
> > > This appears to be because the lxc init process has a ghost "./test" as<br>
> > its<br>
> > > parent:<br>
> > ><br>
> > > *> ps -ef | grep 30276*<br>
> > > root 30276 1 0 18:37 ? 00:00:00 ./test blarghle 9050<br>
> > > root 30285 30276 0 18:37 ? 00:00:00 /sbin/init<br>
> > > *> lsof | grep 9050*<br>
> > > test 30276 root 3u IPv4 366649<br>
> > > 0t0 TCP *:9050 (LISTEN)<br>
> ><br>
> > Hm. That's the container monitor. It doesn't close all fds like<br>
> > container init does.<br>
> ><br>
> > > I am stymied on how to investigate further. My best guess is it has to<br>
> > do<br>
> > > with the double forking in<br>
> > > lxccontainer.h<<br>
> > <a href="https://github.com/lxc/lxc/blob/master/src/lxc/lxccontainer.c#L608-L621" target="_blank">https://github.com/lxc/lxc/blob/master/src/lxc/lxccontainer.c#L608-L621</a>>,<br>
> > > though I don't really understand what that is for yet :) Any thoughts?<br>
> > ><br>
> > > Thanks!<br>
> > ><br>
> > > --John<br>
> ><br>
> > > _______________________________________________<br>
> > > lxc-devel mailing list<br>
> > > <a href="mailto:lxc-devel@lists.linuxcontainers.org">lxc-devel@lists.linuxcontainers.org</a><br>
> > > <a href="http://lists.linuxcontainers.org/listinfo/lxc-devel" target="_blank">http://lists.linuxcontainers.org/listinfo/lxc-devel</a><br>
> ><br>
> > _______________________________________________<br>
> > lxc-devel mailing list<br>
> > <a href="mailto:lxc-devel@lists.linuxcontainers.org">lxc-devel@lists.linuxcontainers.org</a><br>
> > <a href="http://lists.linuxcontainers.org/listinfo/lxc-devel" target="_blank">http://lists.linuxcontainers.org/listinfo/lxc-devel</a><br>
> ><br>
<br>
> _______________________________________________<br>
> lxc-devel mailing list<br>
> <a href="mailto:lxc-devel@lists.linuxcontainers.org">lxc-devel@lists.linuxcontainers.org</a><br>
> <a href="http://lists.linuxcontainers.org/listinfo/lxc-devel" target="_blank">http://lists.linuxcontainers.org/listinfo/lxc-devel</a><br>
<br>
_______________________________________________<br>
lxc-devel mailing list<br>
<a href="mailto:lxc-devel@lists.linuxcontainers.org">lxc-devel@lists.linuxcontainers.org</a><br>
<a href="http://lists.linuxcontainers.org/listinfo/lxc-devel" target="_blank">http://lists.linuxcontainers.org/listinfo/lxc-devel</a><br>
</div></div></blockquote></div><br></div>