[lxc-devel] [PATCH] move monitor-fifo and monitor-sock to /run

Serge Hallyn serge.hallyn at ubuntu.com
Wed Sep 11 21:50:18 UTC 2013


Quoting Christian Seiler (christian at iwakd.de):
> Hi Serge,
> 
> > Thanks, nice cleanup too.  One concern though - lxc_monitor_sock_name()
> > just keeps making a longer and longer path, and it's limited to 108
> > bytes.  Is there any reason not to use an abstract unix sock for it?
> > The monitor-fifo doesn't have the length restriction so
> > $rundir/lxc/$lxcpath/monitor-fifo is ok for it.
> 
> FWIW, the following can be used to 'circumvent' this problem:
>   1. chdir()
>   2. bind()/connect() with relative path
>   3. chdir() back
> 
> Only problem: it's not thread-safe... And in contrast to openat() or the

We could just do process_lock() around the whole shebang if we had to.

But I can't think offhand of any reason why we'd ever need to go from
the socketname back to the lxcpath, so using md5sum really shouldn't
have any downsides.

> such, there's no bindat() and connectat() in Linux as far as I can tell,
> although FreeBSD is apparently discussing it...
> 
> (Of course, the following would also work if you want thread safety,
> although it's a bit crazy (sketch):
> 
> sock = socket(AF_UNIX, SOCK_STREAM, 0);
> 
> pid = fork();
> if (pid == 0) {
>   struct sockaddr_un un;
>   un.sun_family = AF_UNIX;
>   strcpy(un.sun_path, "monitor-fifo");
>   chdir(dirname);
>   r = bind(sock, (struct sockaddr *)&un,
>        offsetof(struct sockaddr_un, sun_path) + 13); // or connect();
>   exit(r);
> } else if (pid > 0) {
>   r = waitpid(pid, ...);
>   if (WIFEXITED(r))
>     r = WEXITSTATUS(r);
>   else
>     r = -1;
> } else {
>   // fork failed...
> }
> 
> if (r == -1)
>   // bind/connect failed
> 
> r = listen(sock, ...);
> 
> One doesn't even need socket passing for this, since the socket can be

socket passing I'd understand, and that could be a neat solution.  But I
don't understand why the above would work.  Since the pids had forked,
the fd numbered r would be meaningless to the original task, wouldn't
it?  I must be missing something cool, though.

> pre-created in the parent process before the fork and the bind affects
> the entire socket, including the version of the parent's process.
> 
> But as I said, might be a bit crazy. On the other hand, one could
> encapsulate this in the UNIX socket creation routines to only do this if
> the length of the path is longer than 107 bytes... I don't know, just
> throwing stuff out there.)
> 
> -- Christian




More information about the lxc-devel mailing list