[Lxc-users] Hide container processes on the host...
David Touzeau
david at touzeau.eu
Wed May 4 22:54:48 UTC 2011
Le jeudi 05 mai 2011 à 00:35 +0200, Papp Tamas a écrit :
> On 05/05/2011 12:14 AM, David Touzeau wrote:
> > Dear,
> >
> > I have an issue about hide processes on the host
> >
> > I have a watchdog script on the host that ensure slapd is up
> >
> > there is different behavior using pidof or pgrep
> >
> > the ps aux output
> >
> > # ps aux|grep slapd
> > root 2444 0.0 0.2 149296 6816 ? Ssl May03
> > 1:21 /usr/sbin/slapd -4 -u root -g root -f /etc/ldap/slapd.conf -h
> > ldap://127.0.0.1:389/
> > root 23279 0.0 0.1 29040 6176 ? Ssl 23:40
> > 0:00 /usr/sbin/slapd -4 -u root -g root -f /etc/openldap/slapd.conf -h
> > ldap://127.0.0.1:389/
> >
> > Has we can see: The process 23279 running inside the container
> >
> > the pgrep output the same output
> > # pgrep -l -f "/usr/sbin/slapd"
> > 2444 /usr/sbin/slapd -4 -u root -g root -f /etc/ldap/slapd.conf -h
> > ldap://127.0.0.1:389/
> > 23279 /usr/sbin/slapd -4 -u root -g root -f /etc/openldap/slapd.conf -h
> > ldap://127.0.0.1:389
> >
> > Only the pidof point to the right process
> > # pidof /usr/sbin/slapd
> > 2444
> >
> > The problem is when the slapd process on the host is down, my script
> > detect the container process, it think that slpad is up and did not
> > react.
> >
> > I have searched if there is some "pointers" on the host inside
> > the /proc/xxx directory (eg /proc/status, /proc/cmdline ) that shgould
> > helps my script to detecting that the process is not a "host" process
> > but no luck.
>
> host:
> $ cat /proc/744/cgroup
> 1:blkio,net_cls,freezer,devices,memory,cpuacct,cpu,ns,cpuset:/
>
>
> container:
> $ cat /proc/25924/cgroup
> 1:blkio,net_cls,freezer,devices,memory,cpuacct,cpu,ns,cpuset:/svn
>
> In other word, if /proc/PID/cgroup exists and in it / is not the last
> character, then it's a container process.
>
> tamas
ho!
Very good point !
i will try it in my script
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20110505/b713e3be/attachment.html>
More information about the lxc-users
mailing list