[lxc-devel] [PATCH] lxc_spawn: don't close pinfd until container is stopped

Stéphane Graber stgraber at ubuntu.com
Fri Sep 6 17:35:06 UTC 2013 

On Fri, Sep 06, 2013 at 12:28:48PM -0500, Serge Hallyn wrote:
> Otherwise containers may be able to remount -o ro their rootfs
> at shutdown.
> 
> Reported-by: Harald Dunkel <harri at afaics.de>
> Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>

Acked-by: Stéphane Graber <stgraber at ubuntu.com>

> ---
>  src/lxc/start.c | 14 +++++++++++---
>  1 file changed, 11 insertions(+), 3 deletions(-)
> 
> diff --git a/src/lxc/start.c b/src/lxc/start.c
> index 7ee67ec..e841bac 100644
> --- a/src/lxc/start.c
> +++ b/src/lxc/start.c
> @@ -274,6 +274,7 @@ struct lxc_handler *lxc_init(const char *name, struct lxc_conf *conf, const char
>  
>  	handler->conf = conf;
>  	handler->lxcpath = lxcpath;
> +	handler->pinfd = -1;
>  
>  	apparmor_handler_init(handler);
>  	handler->name = strdup(name);
> @@ -740,9 +741,6 @@ int lxc_spawn(struct lxc_handler *handler)
>  
>  	lxc_sync_fini(handler);
>  
> -	if (handler->pinfd >= 0)
> -		close(handler->pinfd);
> -
>  	return 0;
>  
>  out_delete_net:
> @@ -751,6 +749,11 @@ out_delete_net:
>  out_abort:
>  	lxc_abort(name, handler);
>  	lxc_sync_fini(handler);
> +	if (handler->pinfd >= 0) {
> +		close(handler->pinfd);
> +		handler->pinfd = -1;
> +	}
> +
>  	return -1;
>  }
>  
> @@ -818,6 +821,11 @@ int __lxc_start(const char *name, struct lxc_conf *conf,
>  
>  	lxc_rename_phys_nics_on_shutdown(handler->conf);
>  
> +	if (handler->pinfd >= 0) {
> +		close(handler->pinfd);
> +		handler->pinfd = -1;
> +	}
> +
>  	err =  lxc_error_set_and_log(handler->pid, status);
>  out_fini:
>  	lxc_delete_network(handler);
> -- 
> 1.8.3.2
> 
> 
> ------------------------------------------------------------------------------
> Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
> Discover the easy way to master current and previous Microsoft technologies
> and advance your career. Get an incredible 1,500+ hours of step-by-step
> tutorial videos with LearnDevNow. Subscribe today and save!
> http://pubads.g.doubleclick.net/gampad/clk?id=58041391&iu=/4140/ostg.clktrk
> _______________________________________________
> Lxc-devel mailing list
> Lxc-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/lxc-devel

-- 
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20130906/b3454c49/attachment.pgp>

More information about the lxc-devel mailing list