[lxc-devel] [PATCH 1/1] Remove mention of mountcgroups in ubuntu.common config

Serge Hallyn serge.hallyn at ubuntu.com
Thu Jul 17 22:21:31 UTC 2014 

Quoting Stéphane Graber (stgraber at ubuntu.com):
> On Thu, Jul 17, 2014 at 02:08:59PM +0000, Serge Hallyn wrote:
> > That mount hook predates the lxc.mount.auto = cgroup option.  So mention
> > that instead.
> > 
> > Perhaps we should simply drop the mountcgroup hook from the tree, but
> > I'm not doing that in this patch.
> > 
> > (This addresses https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1342960)
> > 
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> 
> And unless someone strongly feels otherwise, I'd +1 the removal of the
> hook from the tree too.

Ok, let's do it then:


Subject: [PATCH 1/1] remove mountcgroup hook entirely

Also fix the comment in lxc-cirros template (which I overlooked last time).

Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
---
 hooks/Makefile.am       |  1 -
 hooks/mountcgroups      | 69 -------------------------------------------------
 templates/lxc-cirros.in |  2 +-
 3 files changed, 1 insertion(+), 71 deletions(-)
 delete mode 100755 hooks/mountcgroups

diff --git a/hooks/Makefile.am b/hooks/Makefile.am
index 64bb26b..be55601 100644
--- a/hooks/Makefile.am
+++ b/hooks/Makefile.am
@@ -2,7 +2,6 @@ hooksdir=@LXCHOOKDIR@
 
 hooks_SCRIPTS = \
 	clonehostname \
-	mountcgroups \
 	mountecryptfsroot \
 	ubuntu-cloud-prep \
 	squid-deb-proxy-client
diff --git a/hooks/mountcgroups b/hooks/mountcgroups
deleted file mode 100755
index 073929c..0000000
--- a/hooks/mountcgroups
+++ /dev/null
@@ -1,69 +0,0 @@
-#!/bin/bash
-
-# (C) Copyright Canonical 2011,2012
-
-# This library is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser General Public
-# License as published by the Free Software Foundation; either
-# version 2.1 of the License, or (at your option) any later version.
-
-# This library is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-# Lesser General Public License for more details.
-
-# You should have received a copy of the GNU Lesser General Public
-# License along with this library; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-
-#
-# This is an example hook to mount all mounted cgroups in the
-# container.  Only the container's own cgroup (not parents) will be
-# accessible to the container.  You can enable this by adding
-# lxc.hook.mount = /usr/share/lxc/hooks/mountcgroups
-# to your container's configuration file.
-
-set -e
-
-c=$1
-configfile=$LXC_CONFIG_FILE
-d=/sys/fs/cgroup
-d2=$LXC_ROOTFS_MOUNT/${d}
-# name lxc hook lxcpath
-lxcpath=$4
-if [ ! -d "$d" ]; then
-    exit 0
-fi
-
-mount -n -t tmpfs tmpfs ${d2}
-
-do_devices_setup() {
-    local devdir="$1"
-    local c="$2"
-    local line
-    local w  # which (allow or deny)
-    local v  # value
-    # lxc.include provides common configuration options
-    local commonconfigfile=$(egrep "^lxc.include[ \t]*=" ${configfile} | awk -F= '{ print $2 }')
-    cat ${configfile} ${commonconfigfile} | egrep "^lxc.cgroup.devices.(allow|deny)[ \t]*=" | while read line; do
-        w=`echo $line | awk -F. '{ print $4 }' | awk '{ print $1 }'`
-        v=`echo $line | awk -F= '{ print $2 }'`
-        echo "$v" >> "$devdir"/devices.$w
-    done
-}
-
-# XXX TODO - we'll need to account for other cgroup groups beside 'lxc',
-# i.e. 'build' or 'users/joe'.
-for dir in `/bin/ls $d`; do
-    if [ "$dir" = "devices" ]; then
-        devicesdir="${d}/${dir}/lxc/${c}"
-        mkdir -p "$devicesdir"
-        # set the devices cgroup perms now - we can't change from blacklist to
-        # whitelist, or add perms, once we have children.
-        do_devices_setup "$devicesdir" "${c}"
-    fi
-    mkdir -p "${d}/${dir}/lxc/${c}/${c}.real"
-    echo 1 > "${d}/${dir}/lxc/${c}/${c}.real/tasks"
-    mkdir -p ${d2}/${dir}
-    mount -n --bind "${d}/${dir}/lxc/${c}/${c}.real" "${d2}/${dir}"
-done
diff --git a/templates/lxc-cirros.in b/templates/lxc-cirros.in
index 986b2b1..24b9210 100644
--- a/templates/lxc-cirros.in
+++ b/templates/lxc-cirros.in
@@ -121,7 +121,7 @@ lxc.cap.drop = sys_module mac_admin mac_override sys_time
 #lxc.aa_profile = unconfined
 # To support container nesting on an Ubuntu host, uncomment next two lines:
 #lxc.aa_profile = lxc-container-default-with-nesting
-#lxc.hook.mount = /usr/share/lxc/hooks/mountcgroups
+#lxc.mount.auto = cgroup
 
 lxc.cgroup.devices.deny = a
 # Allow any mknod (but not using the node)
-- 
1.9.1

More information about the lxc-devel mailing list