[lxc-devel] [lxc/master] conf: small cleanups
brauner on Github
lxc-bot at linuxcontainers.org
Mon May 28 23:05:45 UTC 2018
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 364 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20180528/a659b0ba/attachment.bin>
-------------- next part --------------
From 80308d07b37387f718405a87fe908064c1969cdf Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 29 May 2018 00:48:15 +0200
Subject: [PATCH 1/4] start: add reboot macros
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/lxccontainer.c | 8 ++++----
src/lxc/start.c | 27 ++++++++++++++-------------
src/lxc/state.h | 6 ++++++
3 files changed, 24 insertions(+), 17 deletions(-)
diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index 8a21d97e4..04a6050f1 100644
--- a/src/lxc/lxccontainer.c
+++ b/src/lxc/lxccontainer.c
@@ -1036,7 +1036,7 @@ static bool do_lxcapi_start(struct lxc_container *c, int useinit, char * const a
}
}
- conf->reboot = 0;
+ conf->reboot = REBOOT_NONE;
/* Unshare the mount namespace if requested */
if (conf->monitor_unshare) {
@@ -1058,7 +1058,7 @@ static bool do_lxcapi_start(struct lxc_container *c, int useinit, char * const a
}
reboot:
- if (conf->reboot == 2) {
+ if (conf->reboot == REBOOT_INIT) {
/* initialize handler */
handler = lxc_init_handler(c->name, conf, c->config_path, c->daemonize);
if (!handler) {
@@ -1085,9 +1085,9 @@ static bool do_lxcapi_start(struct lxc_container *c, int useinit, char * const a
ret = lxc_start(c->name, argv, handler, c->config_path,
c->daemonize, &c->error_num);
- if (conf->reboot == 1) {
+ if (conf->reboot == REBOOT_REQ) {
INFO("Container requested reboot");
- conf->reboot = 2;
+ conf->reboot = REBOOT_INIT;
goto reboot;
}
diff --git a/src/lxc/start.c b/src/lxc/start.c
index 7ec151e1c..a8cd82771 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -646,7 +646,7 @@ void lxc_free_handler(struct lxc_handler *handler)
lxc_put_nsfds(handler);
- if (handler->conf && handler->conf->reboot == 0)
+ if (handler->conf && handler->conf->reboot == REBOOT_NONE)
if (handler->conf->maincmd_fd >= 0)
close(handler->conf->maincmd_fd);
@@ -684,7 +684,7 @@ struct lxc_handler *lxc_init_handler(const char *name, struct lxc_conf *conf,
handler->sigfd = -EBADF;
handler->init_died = false;
handler->state_socket_pair[0] = handler->state_socket_pair[1] = -1;
- if (handler->conf->reboot == 0)
+ if (handler->conf->reboot == REBOOT_NONE)
lxc_list_init(&handler->conf->state_clients);
for (i = 0; i < LXC_NS_MAX; i++)
@@ -692,7 +692,7 @@ struct lxc_handler *lxc_init_handler(const char *name, struct lxc_conf *conf,
handler->name = name;
- if (daemonize && !handler->conf->reboot) {
+ if (daemonize && handler->conf->reboot == REBOOT_NONE) {
/* Create socketpair() to synchronize on daemonized startup.
* When the container reboots we don't need to synchronize
* again currently so don't open another socketpair().
@@ -708,7 +708,7 @@ struct lxc_handler *lxc_init_handler(const char *name, struct lxc_conf *conf,
handler->state_socket_pair[1]);
}
- if (handler->conf->reboot == 0) {
+ if (handler->conf->reboot == REBOOT_NONE) {
handler->conf->maincmd_fd = lxc_cmd_init(name, lxcpath, "command");
if (handler->conf->maincmd_fd < 0) {
ERROR("Failed to set up command socket");
@@ -918,14 +918,14 @@ void lxc_fini(const char *name, struct lxc_handler *handler)
}
namespaces[namespace_count] = NULL;
- if (handler->conf->reboot) {
+ if (handler->conf->reboot > REBOOT_NONE) {
ret = setenv("LXC_TARGET", "reboot", 1);
if (ret < 0)
SYSERROR("Failed to set environment variable: "
"LXC_TARGET=reboot");
}
- if (!handler->conf->reboot) {
+ if (handler->conf->reboot == REBOOT_NONE) {
ret = setenv("LXC_TARGET", "stop", 1);
if (ret < 0)
SYSERROR("Failed to set environment variable: "
@@ -945,7 +945,7 @@ void lxc_fini(const char *name, struct lxc_handler *handler)
cgroup_ops->destroy(cgroup_ops, handler);
cgroup_exit(cgroup_ops);
- if (handler->conf->reboot == 0) {
+ if (handler->conf->reboot == REBOOT_NONE) {
/* For all new state clients simply close the command socket.
* This will inform all state clients that the container is
* STOPPED and also prevents a race between a open()/close() on
@@ -973,9 +973,9 @@ void lxc_fini(const char *name, struct lxc_handler *handler)
ret = run_lxc_hooks(name, "post-stop", handler->conf, NULL);
if (ret < 0) {
ERROR("Failed to run lxc.hook.post-stop for container \"%s\"", name);
- if (handler->conf->reboot) {
+ if (handler->conf->reboot > REBOOT_NONE) {
WARN("Container will be stopped instead of rebooted");
- handler->conf->reboot = 0;
+ handler->conf->reboot = REBOOT_NONE;
ret = setenv("LXC_TARGET", "stop", 1);
if (ret < 0)
@@ -999,7 +999,8 @@ void lxc_fini(const char *name, struct lxc_handler *handler)
struct lxc_state_client *client = cur->elem;
/* Keep state clients that want to be notified about reboots. */
- if ((handler->conf->reboot > 0) && (client->states[RUNNING] == 2))
+ if ((handler->conf->reboot > REBOOT_NONE) &&
+ (client->states[RUNNING] == 2))
continue;
/* close state client socket */
@@ -1009,7 +1010,7 @@ void lxc_fini(const char *name, struct lxc_handler *handler)
free(cur);
}
- if (handler->conf->ephemeral == 1 && handler->conf->reboot != 1)
+ if (handler->conf->ephemeral == 1 && handler->conf->reboot != REBOOT_REQ)
lxc_destroy_container_on_signal(handler, name);
lxc_free_handler(handler);
@@ -1892,7 +1893,7 @@ int __lxc_start(const char *name, struct lxc_handler *handler,
close(handler->data_sock[1]);
handler->data_sock[1] = -1;
- handler->conf->reboot = 0;
+ handler->conf->reboot = REBOOT_NONE;
ret = lxc_poll(name, handler);
if (ret) {
@@ -1915,7 +1916,7 @@ int __lxc_start(const char *name, struct lxc_handler *handler,
break;
case SIGHUP: /* reboot */
DEBUG("Container \"%s\" is rebooting", name);
- handler->conf->reboot = 1;
+ handler->conf->reboot = REBOOT_REQ;
break;
case SIGSYS: /* seccomp */
DEBUG("Container \"%s\" violated its seccomp policy", name);
diff --git a/src/lxc/state.h b/src/lxc/state.h
index f34efd992..dc5b34af3 100644
--- a/src/lxc/state.h
+++ b/src/lxc/state.h
@@ -35,6 +35,12 @@ typedef enum {
MAX_STATE,
} lxc_state_t;
+enum {
+ REBOOT_NONE,
+ REBOOT_REQ,
+ REBOOT_INIT
+};
+
extern lxc_state_t lxc_getstate(const char *name, const char *lxcpath);
extern lxc_state_t lxc_str2state(const char *state);
From 5173b71073dbb6b3290f969fab5ccd7a304d3c4f Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 29 May 2018 00:52:37 +0200
Subject: [PATCH 2/4] conf: make root idmap structs const
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/conf.c | 5 +++--
src/lxc/conf.h | 4 ++--
2 files changed, 5 insertions(+), 4 deletions(-)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 76cb255d6..2c6efe71f 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1499,7 +1499,7 @@ static int setup_pivot_root(const struct lxc_rootfs *rootfs)
return 0;
}
-static struct id_map *find_mapped_nsid_entry(struct lxc_conf *conf, unsigned id,
+static const struct id_map *find_mapped_nsid_entry(struct lxc_conf *conf, unsigned id,
enum idtype idtype)
{
struct lxc_list *it;
@@ -3965,7 +3965,8 @@ static int run_userns_fn(void *data)
static struct id_map *mapped_nsid_add(struct lxc_conf *conf, unsigned id,
enum idtype idtype)
{
- struct id_map *map, *retmap;
+ const struct id_map *map;
+ struct id_map *retmap;
map = find_mapped_nsid_entry(conf, id, idtype);
if (!map)
diff --git a/src/lxc/conf.h b/src/lxc/conf.h
index e8fb4d0ec..e28f54b85 100644
--- a/src/lxc/conf.h
+++ b/src/lxc/conf.h
@@ -233,13 +233,13 @@ struct lxc_conf {
* Pointer to the idmap entry for the container's root uid in
* the id_map list. Do not free!
*/
- struct id_map *root_nsuid_map;
+ const struct id_map *root_nsuid_map;
/*
* Pointer to the idmap entry for the container's root gid in
* the id_map list. Do not free!
*/
- struct id_map *root_nsgid_map;
+ const struct id_map *root_nsgid_map;
};
struct lxc_list network;
From 7a0bcca3105ca9c9987d5572bf72f02e35a28bcb Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 29 May 2018 00:54:16 +0200
Subject: [PATCH 3/4] conf: make tmp_umount_proc bool
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/conf.c | 10 +++++-----
src/lxc/conf.h | 2 +-
2 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 2c6efe71f..dcbee2868 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -2676,7 +2676,7 @@ struct lxc_conf *lxc_conf_init(void)
lxc_list_init(&new->state_clients);
new->lsm_aa_profile = NULL;
new->lsm_se_context = NULL;
- new->tmp_umount_proc = 0;
+ new->tmp_umount_proc = false;
/* if running in a new user namespace, init and COMMAND
* default to running as UID/GID 0 when using lxc-execute */
@@ -3158,7 +3158,7 @@ int lxc_create_tmp_proc_mount(struct lxc_conf *conf)
if (conf->rootfs.path)
return -1;
} else if (mounted == 1) {
- conf->tmp_umount_proc = 1;
+ conf->tmp_umount_proc = true;
}
return 0;
@@ -3166,11 +3166,11 @@ int lxc_create_tmp_proc_mount(struct lxc_conf *conf)
void tmp_proc_unmount(struct lxc_conf *lxc_conf)
{
- if (lxc_conf->tmp_umount_proc != 1)
+ if (!lxc_conf->tmp_umount_proc)
return;
- umount("/proc");
- lxc_conf->tmp_umount_proc = 0;
+ (void)umount2("/proc", MNT_DETACH);
+ lxc_conf->tmp_umount_proc = false;
}
/* Walk /proc/mounts and change any shared entries to slave. */
diff --git a/src/lxc/conf.h b/src/lxc/conf.h
index e28f54b85..1565cdef9 100644
--- a/src/lxc/conf.h
+++ b/src/lxc/conf.h
@@ -271,7 +271,7 @@ struct lxc_conf {
char *lsm_aa_profile;
unsigned int lsm_aa_allow_incomplete;
char *lsm_se_context;
- int tmp_umount_proc;
+ bool tmp_umount_proc;
char *seccomp; /* filename with the seccomp rules */
#if HAVE_SCMP_FILTER_CTX
scmp_filter_ctx seccomp_ctx;
From 32fd6cf390e04ebc43ca94d6df8ca99ce4cd2ecd Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 29 May 2018 00:57:13 +0200
Subject: [PATCH 4/4] conf: non-functional changes
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/conf.h | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/src/lxc/conf.h b/src/lxc/conf.h
index 1565cdef9..ea3a71dfb 100644
--- a/src/lxc/conf.h
+++ b/src/lxc/conf.h
@@ -260,7 +260,10 @@ struct lxc_conf {
/* maximum pty devices allowed by devpts mount */
size_t pty_max;
+ /* set to true when rootfs has been setup */
+ bool rootfs_setup;
struct lxc_rootfs rootfs;
+
bool close_all_fds;
struct {
@@ -301,9 +304,6 @@ struct lxc_conf {
/* unshare the mount namespace in the monitor */
unsigned int monitor_unshare;
- /* set to true when rootfs has been setup */
- bool rootfs_setup;
-
/* list of included files */
struct lxc_list includes;
/* config entries which are not "lxc.*" are aliens */
@@ -315,7 +315,8 @@ struct lxc_conf {
/* text representation of the config file */
char *unexpanded_config;
- size_t unexpanded_len, unexpanded_alloced;
+ size_t unexpanded_len;
+ size_t unexpanded_alloced;
/* default command for lxc-execute */
char *execute_cmd;
More information about the lxc-devel
mailing list