]> git.proxmox.com Git - mirror_lxc.git/blob - src/lxc/start.c
projects / mirror_lxc.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Create the cgroup proxy before trying to set it up.
[mirror_lxc.git] / src / lxc / start.c
1 /*
2 * lxc: linux Container library
3 *
4 * (C) Copyright IBM Corp. 2007, 2008
5 *
6 * Authors:
7 * Daniel Lezcano <dlezcano at fr.ibm.com>
8 *
9 * This library is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU Lesser General Public
11 * License as published by the Free Software Foundation; either
12 * version 2.1 of the License, or (at your option) any later version.
13 *
14 * This library is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 * Lesser General Public License for more details.
18 *
19 * You should have received a copy of the GNU Lesser General Public
20 * License along with this library; if not, write to the Free Software
21 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
22 */
23
24 #define _GNU_SOURCE
25 #include <stdio.h>
26 #undef _GNU_SOURCE
27 #include <string.h>
28 #include <stdlib.h>
29 #include <dirent.h>
30 #include <errno.h>
31 #include <unistd.h>
32 #include <signal.h>
33 #include <sys/param.h>
34 #include <sys/file.h>
35 #include <sys/mount.h>
36 #include <sys/types.h>
37 #include <sys/prctl.h>
38 #include <sys/wait.h>
39
40 #include <lxc/lxc.h>
41
42 LXC_TTY_HANDLER(SIGINT);
43 LXC_TTY_HANDLER(SIGQUIT);
44
45 int opentty(const char *ttyname)
46 {
47 int i, fd, flags;
48
49 fd = open(ttyname, O_RDWR | O_NONBLOCK);
50 if (fd == -1) {
51 lxc_log_syserror("open '%s'", ttyname);
52 return -1;
53 }
54
55 flags = fcntl(fd, F_GETFL);
56 flags &= ~O_NONBLOCK;
57 fcntl(fd, F_SETFL, flags);
58
59 for (i = 0; i < fd; i++)
60 close(i);
61 for (i = 0; i < 3; i++)
62 if (fd != i)
63 dup2(fd, i);
64 if (fd >= 3)
65 close(fd);
66
67 return 0;
68 }
69
70 int lxc_start(const char *name, int argc, char *argv[],
71 lxc_callback_t prestart, void *data)
72 {
73 char init[MAXPATHLEN];
74 char *val = NULL;
75 char ttyname[MAXPATHLEN];
76 int fd, lock, sv[2], sync = 0, err = -1;
77 pid_t pid;
78 int clone_flags;
79
80 lock = lxc_get_lock(name);
81 if (!lock) {
82 lxc_log_error("'%s' is busy", name);
83 return -1;
84 }
85
86 if (lock < 0) {
87 lxc_log_error("failed to acquire lock on '%s':%s",
88 name, strerror(-lock));
89 return -1;
90 }
91
92 /* Begin the set the state to STARTING*/
93 if (lxc_setstate(name, STARTING)) {
94 lxc_log_error("failed to set state %s", lxc_state2str(STARTING));
95 goto out;
96 }
97
98 if (readlink("/proc/self/fd/0", ttyname, sizeof(ttyname)) < 0) {
99 lxc_log_syserror("failed to read '/proc/self/fd/0'");
100 goto out;
101 }
102
103
104 /* Synchro socketpair */
105 if (socketpair(AF_LOCAL, SOCK_STREAM, 0, sv)) {
106 lxc_log_syserror("failed to create communication socketpair");
107 goto out;
108 }
109
110 /* Avoid signals from terminal */
111 LXC_TTY_ADD_HANDLER(SIGINT);
112 LXC_TTY_ADD_HANDLER(SIGQUIT);
113
114 clone_flags = CLONE_NEWPID|CLONE_NEWIPC|CLONE_NEWNS;
115 if (conf_has_utsname(name))
116 clone_flags |= CLONE_NEWUTS;
117 if (conf_has_network(name))
118 clone_flags |= CLONE_NEWNET;
119
120 /* Create a process in a new set of namespaces */
121 pid = fork_ns(clone_flags);
122 if (pid < 0) {
123 lxc_log_syserror("failed to fork into a new namespace");
124 goto err_fork_ns;
125 }
126
127 if (!pid) {
128
129 close(sv[1]);
130
131 /* Be sure we don't inherit this after the exec */
132 fcntl(sv[0], F_SETFD, FD_CLOEXEC);
133
134 /* Tell our father he can begin to configure the container */
135 if (write(sv[0], &sync, sizeof(sync)) < 0) {
136 lxc_log_syserror("failed to write socket");
137 return 1;
138 }
139
140 /* Wait for the father to finish the configuration */
141 if (read(sv[0], &sync, sizeof(sync)) < 0) {
142 lxc_log_syserror("failed to read socket");
143 return 1;
144 }
145
146 /* Setup the container, ip, names, utsname, ... */
147 if (lxc_setup(name)) {
148 lxc_log_error("failed to setup the container");
149 if (write(sv[0], &sync, sizeof(sync)) < 0)
150 lxc_log_syserror("failed to write the socket");
151 return -1;
152 }
153
154 /* Open the tty */
155 if (opentty(ttyname)) {
156 lxc_log_syserror("failed to open the tty");
157 return -1;
158 }
159
160 if (mount(ttyname, "/dev/console", "none", MS_BIND, 0)) {
161 lxc_log_syserror("failed to mount '/dev/console'");
162 return -1;
163 }
164
165 /* If a callback has been passed, call it before doing exec */
166 if (prestart)
167 if (prestart(name, argc, argv, data)) {
168 lxc_log_error("prestart callback has failed");
169 return -1;
170 }
171
172 execvp(argv[0], argv);
173 lxc_log_syserror("failed to exec %s", argv[0]);
174
175 /* If the exec fails, tell that to our father */
176 if (write(sv[0], &sync, sizeof(sync)) < 0)
177 lxc_log_syserror("failed to write the socket");
178
179 exit(1);
180 }
181
182 close(sv[0]);
183
184 /* Wait for the child to be ready */
185 if (read(sv[1], &sync, sizeof(sync)) < 0) {
186 lxc_log_syserror("failed to read the socket");
187 goto err_pipe_read;
188 }
189
190 if (lxc_link_nsgroup(name, pid))
191 lxc_log_warning("cgroupfs not found: cgroup disabled");
192
193 /* Create the network configuration */
194 if (clone_flags & CLONE_NEWNET && conf_create_network(name, pid)) {
195 lxc_log_error("failed to create the configured network");
196 goto err_create_network;
197 }
198
199 /* Tell the child to continue its initialization */
200 if (write(sv[1], &sync, sizeof(sync)) < 0) {
201 lxc_log_syserror("failed to write the socket");
202 goto err_pipe_write;
203 }
204
205 /* Wait for the child to exec or returning an error */
206 err = read(sv[1], &sync, sizeof(sync));
207 if (err < 0) {
208 lxc_log_error("failed to read the socket");
209 goto err_pipe_read2;
210 }
211
212 if (err > 0) {
213 lxc_log_error("something went wrong with %d", pid);
214 /* TODO : check status etc ... */
215 waitpid(pid, NULL, 0);
216 goto err_child_failed;
217 }
218
219 asprintf(&val, "%d\n", pid);
220
221 snprintf(init, MAXPATHLEN, LXCPATH "/%s/init", name);
222
223 fd = open(init, O_WRONLY|O_CREAT|O_TRUNC, S_IRUSR|S_IWUSR);
224 if (fd < 0) {
225 lxc_log_syserror("failed to open '%s'", init);
226 goto err_write;
227 }
228
229 if (write(fd, val, strlen(val)) < 0) {
230 lxc_log_syserror("failed to write the init pid");
231 goto err_write;
232 }
233
234 close(fd);
235
236 if (lxc_setstate(name, RUNNING)) {
237 lxc_log_error("failed to set state to %s",
238 lxc_state2str(RUNNING));
239 goto err_state_failed;
240 }
241
242 wait_again:
243 if (waitpid(pid, NULL, 0) < 0) {
244 if (errno == EINTR)
245 goto wait_again;
246 lxc_log_syserror("failed to wait the pid %d", pid);
247 goto err_waitpid_failed;
248 }
249
250 if (lxc_setstate(name, STOPPING))
251 lxc_log_error("failed to set state %s", lxc_state2str(STOPPING));
252
253 if (clone_flags & CLONE_NEWNET && conf_destroy_network(name))
254 lxc_log_error("failed to destroy the network");
255
256 err = 0;
257 out:
258 if (lxc_setstate(name, STOPPED))
259 lxc_log_error("failed to set state %s", lxc_state2str(STOPPED));
260
261 lxc_unlink_nsgroup(name);
262 unlink(init);
263 free(val);
264 lxc_put_lock(lock);
265
266 return err;
267
268 err_write:
269 close(fd);
270
271 err_state_failed:
272 err_child_failed:
273 err_pipe_read2:
274 err_pipe_write:
275 if (clone_flags & CLONE_NEWNET)
276 conf_destroy_network(name);
277 err_create_network:
278 err_pipe_read:
279 err_waitpid_failed:
280 if (lxc_setstate(name, ABORTING))
281 lxc_log_error("failed to set state %s", lxc_state2str(STOPPED));
282
283 kill(pid, SIGKILL);
284 err_fork_ns:
285 LXC_TTY_DEL_HANDLER(SIGQUIT);
286 LXC_TTY_DEL_HANDLER(SIGINT);
287 close(sv[0]);
288 close(sv[1]);
289 goto out;
290 }
LXC mirror