[lxc-devel] [PATCH 1/1] container start: check for start hooks in container rootfs

Stéphane Graber stgraber at ubuntu.com
Tue Jun 10 03:38:37 UTC 2014 

On Tue, Jun 10, 2014 at 03:29:11AM +0000, Serge Hallyn wrote:
> Do so early enough that we can report a meaningful failure.
> 
> (This should with https://github.com/lxc/lxc/issues/225)
> 
> Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>

Acked-by: Stéphane Graber <stgraber at ubuntu.com>

> ---
>  src/lxc/conf.c | 28 ++++++++++++++++++++++++++++
>  1 file changed, 28 insertions(+)
> 
> diff --git a/src/lxc/conf.c b/src/lxc/conf.c
> index a631571..4b52550 100644
> --- a/src/lxc/conf.c
> +++ b/src/lxc/conf.c
> @@ -3896,6 +3896,30 @@ int do_rootfs_setup(struct lxc_conf *conf, const char *name, const char *lxcpath
>  	return 0;
>  }
>  
> +static bool verify_start_hooks(struct lxc_conf *conf)
> +{
> +	struct lxc_list *it;
> +	char path[MAXPATHLEN];
> +	lxc_list_for_each(it, &conf->hooks[LXCHOOK_START]) {
> +		char *hookname = it->elem;
> +		struct stat st;
> +		int ret;
> +
> +		ret = snprintf(path, MAXPATHLEN, "%s%s",
> +			conf->rootfs.mount, hookname);
> +		if (ret < 0 || ret >= MAXPATHLEN)
> +			return false;
> +		ret = stat(path, &st);
> +		if (ret) {
> +			SYSERROR("Start hook %s not found in container rootfs",
> +					hookname);
> +			return false;
> +		}
> +	}
> +
> +	return true;
> +}
> +
>  int lxc_setup(struct lxc_handler *handler)
>  {
>  	const char *name = handler->name;
> @@ -3949,6 +3973,10 @@ int lxc_setup(struct lxc_handler *handler)
>  		return -1;
>  	}
>  
> +	/* Make sure any start hooks are in the rootfs */
> +	if (!verify_start_hooks(lxc_conf))
> +		return -1;
> +
>  	if (lxc_conf->is_execute)
>  		lxc_execute_bind_init(lxc_conf);
>  
> -- 
> 1.9.1
> 
> _______________________________________________
> lxc-devel mailing list
> lxc-devel at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-devel

-- 
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20140609/ab9fea0a/attachment.sig>

More information about the lxc-devel mailing list