[lxc-devel] [PATCH] move monitor-fifo and monitor-sock to /run
Serge Hallyn
serge.hallyn at ubuntu.com
Wed Sep 11 18:45:48 UTC 2013
Quoting Dwight Engen (dwight.engen at oracle.com):
> On Wed, 11 Sep 2013 12:06:47 -0500
> Serge Hallyn <serge.hallyn at ubuntu.com> wrote:
>
> > Quoting Dwight Engen (dwight.engen at oracle.com):
> > > Moving these files should allow $lxcpath to be a read-only fs.
> >
> > Thanks, nice cleanup too. One concern though -
> > lxc_monitor_sock_name() just keeps making a longer and longer path,
> > and it's limited to 108 bytes. Is there any reason not to use an
> > abstract unix sock for it? The monitor-fifo doesn't have the length
> > restriction so $rundir/lxc/$lxcpath/monitor-fifo is ok for it.
>
> Yeah I thought about that, but going to abstract doesn't actually
> give us a bigger sun_path though so its not a huge savings right? It
> would mean we could get rid of the "/run" + "/lxc/" == 9 bytes that this
But if I'm not root /run becomes i.e. /run/user/serge - we're over 10%
now.
> patch adds in the root case (or potentially a lot more with
> XDG_RUNTIME_DIR case). Maybe because of XDG_RUNTIME_DIR it does make
> sense to do, if you think so let me know and I'll update the patch.
Nah, let's apply it as is (with
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
) but let's discuss the real fix for this "soon". I forget what the
reasons were to not use use md5sum(lxcpath). We've known this was
going to be a problem for a long time now :)
> "/monitor-fifo" == 13 so currently that leaves (in the root case):
>
> 108 - 9 - 13 - 1 (null) --> 85 for lxcpath which isn't great
>
> I guess we can also chop down monitor-fifo to just f :) I think if we
> do go abstract we probably still want at least an "lxc/" prefix to
> avoid accidental name collisions?
thanks,
-serge
More information about the lxc-devel
mailing list