[lxc-devel] [PATCH 2/2] c/r: re-open fds after clone()

Serge Hallyn serge.hallyn at ubuntu.com
Tue Apr 21 15:18:16 UTC 2015

Quoting Tycho Andersen (tycho.andersen at canonical.com):
> If we don't re-open these after clone, the init process has a pointer to the
> parent's /dev/{zero,null}. CRIU seese these and wants to dump the parent's
> mount namespace, which is unnecessary. Instead, we should just re-open
> stdin/out/err after we do the clone and pivot root, to ensure that we have
> pointers to the devcies in init's rootfs instead of the host's.
> v2: Only close fds if the container was daemonized. This didn't turn out as
>     nicely as described on the list because lxc_start() doesn't actually have
>     the struct lxc_container,

No, but lxc_container has a pointer to the handler.  I was suggesting adding a
flag to the handler and (un/)setting that in lxcapi_start.

More information about the lxc-devel mailing list