[lxc-devel] [PATCH RFC] lxclock: move container locks into /run/lock
Stéphane Graber
stgraber at stgraber.org
Tue Jun 11 17:18:30 UTC 2013
On Wed, Jun 05, 2013 at 05:37:03PM -0500, Serge Hallyn wrote:
> Currently the lxc API mutexes configuration file read/writes with a
> lock called $lxcpath/locks/$lxcname. This fails if the container
> is on a rofs.
>
> This patch moves those locks under /run/lock/lxc.
>
> The $lxcpath/$lxcname/partial file is not moved - if you can't
> create it, you probably can't create the container either.
>
> Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Looks good, for the record I asked for that change as I'm now running
containers on read-only systems where /var/lib/lxc as well as pretty
much everything but /run is read-only.
/run/lock should be pretty standard nowadays, if some distros are still
stuck with /var/lock we can always add some configure magic.
The paths are obviously getting a bit longer, though people aren't really
supposed to directly interact with those locks on the fs, so it shouldn't
matter.
Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> ---
> src/lxc/lxclock.c | 19 +++++++++++++++----
> src/tests/locktests.c | 5 ++++-
> 2 files changed, 19 insertions(+), 5 deletions(-)
>
> diff --git a/src/lxc/lxclock.c b/src/lxc/lxclock.c
> index d004cc5..31bedd8 100644
> --- a/src/lxc/lxclock.c
> +++ b/src/lxc/lxclock.c
> @@ -40,12 +40,14 @@ pthread_mutex_t thread_mutex = PTHREAD_MUTEX_INITIALIZER;
> static char *lxclock_name(const char *p, const char *n)
> {
> int ret;
> - // $lxcpath/locks/$lxcname + '\0'
> - int len = strlen(p) + strlen(n) + strlen("/locks/") + 1;
> + // /run/lock/lxc/$lxcpath/$lxcname + '\0'
> + int len = strlen(p) + strlen(n) + strlen("/run/lock/lxc/") + 2;
> char *dest = malloc(len);
> + struct stat sb;
> +
> if (!dest)
> return NULL;
> - ret = snprintf(dest, len, "%s/locks", p);
> + ret = snprintf(dest, len, "/run/lock/lxc/%s", p);
> if (ret < 0 || ret >= len) {
> free(dest);
> return NULL;
> @@ -58,7 +60,16 @@ static char *lxclock_name(const char *p, const char *n)
> return NULL;
> }
>
> - ret = snprintf(dest, len, "%s/locks/%s", p, n);
> + ret = stat(p, &sb);
> + if (ret == 0) {
> + // best effort. If this fails, ignore it
> + if (chown(dest, sb.st_uid, sb.st_gid) < 0)
> + ERROR("Failed ot set owner for lockdir %s\n", dest);
> + if (chmod(dest, sb.st_mode) < 0)
> + ERROR("Failed to set mode for lockdir %s\n", dest);
> + }
> +
> + ret = snprintf(dest, len, "/run/lock/lxc/%s/%s", p, n);
> if (ret < 0 || ret >= len) {
> free(dest);
> return NULL;
> diff --git a/src/tests/locktests.c b/src/tests/locktests.c
> index 96df946..360851f 100644
> --- a/src/tests/locktests.c
> +++ b/src/tests/locktests.c
> @@ -121,7 +121,10 @@ int main(int argc, char *argv[])
> exit(1);
> }
> struct stat sb;
> - char *pathname = "/var/lib/lxc/locks/" mycontainername;
> + // we don't create the file until the container is running, so this
> + // bit of the test needs to be changed
> + //char *pathname = "/run/lock/lxc/var/lib/lxc/" mycontainername;
> + char *pathname = "/run/lock/lxc/var/lib/lxc/";
> ret = stat(pathname, &sb);
> if (ret != 0) {
> fprintf(stderr, "%d: filename %s not created\n", __LINE__,
> --
> 1.8.1.2
>
>
> ------------------------------------------------------------------------------
> How ServiceNow helps IT people transform IT departments:
> 1. A cloud service to automate IT design, transition and operations
> 2. Dashboards that offer high-level views of enterprise services
> 3. A single system of record for all IT processes
> http://p.sf.net/sfu/servicenow-d2d-j
> _______________________________________________
> Lxc-devel mailing list
> Lxc-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/lxc-devel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20130611/cd7d4b9a/attachment.pgp>
More information about the lxc-devel
mailing list