[lxc-devel] [PATCH] don't leak the rootfs.pin fd into the container
Ward, David - 0663 - MITLL
david.ward at ll.mit.edu
Mon Mar 11 13:02:18 UTC 2013
On 03/10/2013 11:45 PM, Serge Hallyn wrote:
> Quoting Ward, David - 0663 - MITLL (david.ward at ll.mit.edu):
>> Hi Serge,
>>
>> This patch seems to have introduced a regression. When I use
>> lxc-execute with a very simple container (which only sets the
>> utsname), the terminal input is not forwarded to the application
>> anymore. In particular, running "lxc-execute -n $CONTAINER -- bash"
>> returns immediately without opening a shell. (This is with Fedora
>> 18 and kernel 3.8.2.)
> Thanks, David. The following patch definately looks like it is
> needed. It may or may not fix the bug you're seeing. Can you
> confirm?
Serge,
Yes, the patch below fixes the issue for me. Thanks!
Acked-by: David Ward <david.ward at ll.mit.edu>
> Subject: [PATCH 1/1] rootfs pin: fix two bugs
>
> 1. if there's no rootfs, return -2, not 0.
> 2. don't close pinfd unconditionally in do_start().
>
> Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> ---
> src/lxc/conf.c | 2 +-
> src/lxc/start.c | 3 ++-
> 2 files changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/src/lxc/conf.c b/src/lxc/conf.c
> index add3c74..97b4ae4 100644
> --- a/src/lxc/conf.c
> +++ b/src/lxc/conf.c
> @@ -578,7 +578,7 @@ int pin_rootfs(const char *rootfs)
> int ret, fd;
>
> if (rootfs == NULL || strlen(rootfs) == 0)
> - return 0;
> + return -2;
>
> if (!realpath(rootfs, absrootfs)) {
> SYSERROR("failed to get real path for '%s'", rootfs);
> diff --git a/src/lxc/start.c b/src/lxc/start.c
> index 75d1fd6..51b2f06 100644
> --- a/src/lxc/start.c
> +++ b/src/lxc/start.c
> @@ -652,7 +652,8 @@ static int do_start(void *data)
> lxc_sync_fini_parent(handler);
>
> /* don't leak the pinfd to the container */
> - close(handler->pinfd);
> + if (handler->pinfd >= 0)
> + close(handler->pinfd);
>
> /* Tell the parent task it can begin to configure the
> * container and wait for it to finish
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4571 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20130311/50ea34e1/attachment.bin>
More information about the lxc-devel
mailing list