[lxc-devel] [PATCH 1/1] container start: check for start hooks in container rootfs

[Serge Hallyn]

Do so early enough that we can report a meaningful failure.

(This should with https://github.com/lxc/lxc/issues/225)

Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
---
 src/lxc/conf.c | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index a631571..4b52550 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -3896,6 +3896,30 @@ int do_rootfs_setup(struct lxc_conf *conf, const char *name, const char *lxcpath
 	return 0;
 }
 
+static bool verify_start_hooks(struct lxc_conf *conf)
+{
+	struct lxc_list *it;
+	char path[MAXPATHLEN];
+	lxc_list_for_each(it, &conf->hooks[LXCHOOK_START]) {
+		char *hookname = it->elem;
+		struct stat st;
+		int ret;
+
+		ret = snprintf(path, MAXPATHLEN, "%s%s",
+			conf->rootfs.mount, hookname);
+		if (ret < 0 || ret >= MAXPATHLEN)
+			return false;
+		ret = stat(path, &st);
+		if (ret) {
+			SYSERROR("Start hook %s not found in container rootfs",
+					hookname);
+			return false;
+		}
+	}
+
+	return true;
+}
+
 int lxc_setup(struct lxc_handler *handler)
 {
 	const char *name = handler->name;
@@ -3949,6 +3973,10 @@ int lxc_setup(struct lxc_handler *handler)
 		return -1;
 	}
 
+	/* Make sure any start hooks are in the rootfs */
+	if (!verify_start_hooks(lxc_conf))
+		return -1;
+
 	if (lxc_conf->is_execute)
 		lxc_execute_bind_init(lxc_conf);
 
-- 
1.9.1