[lxc-devel] [PATCH] Use container specific domain socket name

[Serge Hallyn]

Quoting Daniel Lezcano (daniel.lezcano at free.fr):
> Sorry for jumping so late in the thread but I disagree to use DBUS with
> LXC because of the dependency with more packages, LXC has been designed
> to be stand alone, nothing prevent to add more complexity and
> dependencies but on top of LXC not inside.
> 
> To answer the previous email Serge sent me, I thought a bit about the
> mechanism in order to prevent a publish/subscribe approach. The first
> version used the af_netlink socket to use some kind of message multicast
> on processes. But it hacked a family of the netlink which was
> conflicting with the ip_route tool. In order to prevent this conflict I
> switched "temporarly" to the AF_UNIX socket while looking for a socket
> type matching our needs. The AF_IPN (Inter Process Network) could have
> been perfect but the patchset has been rejected.
> 
> I think the solution to solve this issue is to use the AF_INET protocol
> on the loopback using the loopback's broadcast address and filter the
> messages with the container name. The code should be 'trivial'.
> 
> One question remains with this approach : which communication port number ?

A consideration:  right now the the monitors are per-lxcpath.  So
if user joe is using lxcpath /home/joe/lxcbase, then his lxc-monitor
will only hear events for containers under /home/joe/lxcbase.  If
we use loopback, then events for alllxcpaths on the host will be
combined.

That may be preferred, or may not be.  But in the coming world of
per-unprivileged-user containers, where user joe has container c2
in /home/joe/lxcbase/c2, do we want user joe to hear all events
relating to system containers (under /var/lib/lxc) or jane's
/home/jane/lxcbase containers?

It's not so much a noise issue, as we can just make sure to add
the lxcpath to each message.  It's more a security/privacy concern.

-serge