[lxc-devel] [PATCH 1/1] preserve_ns: ignore open failures due to ENOENT

Stéphane Graber stgraber at ubuntu.com
Tue Nov 17 18:38:45 UTC 2015 

On Tue, Nov 17, 2015 at 06:30:59PM +0000, Serge Hallyn wrote:
> If some /proc/pid/ns/ns file we want is not supported by the kernel,
> then just don't do the preserve_ns: don't fail the whole container
> start.

Should we differentiate between the user actually requesting some
namespaces to be preserved, and fail in that case vs us preserving all
namespaces automatically (in which case, we should just skip silently)?

> 
> Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> ---
>  src/lxc/start.c | 23 +++++++++++++----------
>  1 file changed, 13 insertions(+), 10 deletions(-)
> 
> diff --git a/src/lxc/start.c b/src/lxc/start.c
> index a294d18..6ed4814 100644
> --- a/src/lxc/start.c
> +++ b/src/lxc/start.c
> @@ -125,7 +125,7 @@ static void close_ns(int ns_fd[LXC_NS_MAX]) {
>  }
>  
>  static int preserve_ns(int ns_fd[LXC_NS_MAX], int clone_flags, pid_t pid) {
> -	int i, saved_errno;
> +	int i;
>  	char path[MAXPATHLEN];
>  
>  	for (i = 0; i < LXC_NS_MAX; i++)
> @@ -143,18 +143,21 @@ static int preserve_ns(int ns_fd[LXC_NS_MAX], int clone_flags, pid_t pid) {
>  		snprintf(path, MAXPATHLEN, "/proc/%d/ns/%s", pid,
>  		         ns_info[i].proc_name);
>  		ns_fd[i] = open(path, O_RDONLY | O_CLOEXEC);
> -		if (ns_fd[i] < 0)
> -			goto error;
> +		if (ns_fd[i] < 0) {
> +			int ret;
> +			if (errno == ENOENT) {
> +				SYSERROR("failed to open '%s'; continuing", path);

Doesn't that mean that on pre-3.8 you'll be getting a scary looking
error per namespace?

> +				ret = 0;
> +			} else {
> +				SYSERROR("failed to open '%s'; aborting", path);
> +				ret = -1;
> +			}
> +			close_ns(ns_fd);
> +			return ret;
> +		}
>  	}
>  
>  	return 0;
> -
> -error:
> -	saved_errno = errno;
> -	close_ns(ns_fd);
> -	errno = saved_errno;
> -	SYSERROR("failed to open '%s'", path);
> -	return -1;
>  }
>  
>  static int attach_ns(const int ns_fd[LXC_NS_MAX]) {
> -- 
> 2.5.0
> 
> _______________________________________________
> lxc-devel mailing list
> lxc-devel at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-devel

-- 
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20151117/5fbcf3f9/attachment-0001.sig>

More information about the lxc-devel mailing list