src/lxc/start.c

   1 /*
   2  * lxc: linux Container library
   3  *
   4  * (C) Copyright IBM Corp. 2007, 2008
   5  *
   6  * Authors:
   7  * Daniel Lezcano <dlezcano at fr.ibm.com>
   8  *
   9  * This library is free software; you can redistribute it and/or
  10  * modify it under the terms of the GNU Lesser General Public
  11  * License as published by the Free Software Foundation; either
  12  * version 2.1 of the License, or (at your option) any later version.
  13  *
  14  * This library is distributed in the hope that it will be useful,
  15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  17  * Lesser General Public License for more details.
  18  *
  19  * You should have received a copy of the GNU Lesser General Public
  20  * License along with this library; if not, write to the Free Software
  21  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
  22  */
  23
  24 #define _GNU_SOURCE
  25 #include <stdio.h>
  26 #undef _GNU_SOURCE
  27 #include <string.h>
  28 #include <stdlib.h>
  29 #include <dirent.h>
  30 #include <errno.h>
  31 #include <unistd.h>
  32 #include <signal.h>
  33 #include <sys/param.h>
  34 #include <sys/file.h>
  35 #include <sys/types.h>
  36 #include <sys/prctl.h>
  37 #include <sys/wait.h>
  38
  39 #include <lxc.h>
  40
  41 LXC_TTY_HANDLER(SIGINT);
  42 LXC_TTY_HANDLER(SIGQUIT);
  43
  44 int lxc_start(const char *name, int argc, char *argv[],
  45               lxc_callback_t prestart, void *data)
  46 {
  47         char *init = NULL, *val = NULL;
  48         int fd, lock, sv[2], sync = 0, err = -1;
  49         pid_t pid;
  50         int clone_flags;
  51
  52         lock = lxc_get_lock(name);
  53         if (!lock) {
  54                 lxc_log_error("'%s' is busy", name);
  55                 return -1;
  56         }
  57
  58         if (lock < 0) {
  59                 lxc_log_error("failed to acquire lock on '%s':%s",
  60                               name, strerror(-lock));
  61                 return -1;
  62         }
  63
  64         fcntl(lock, F_SETFD, FD_CLOEXEC);
  65
  66         /* Begin the set the state to STARTING*/
  67         if (lxc_setstate(name, STARTING)) {
  68                 lxc_log_error("failed to set state %s", lxc_state2str(STARTING));
  69                 goto out;
  70         }
  71
  72         /* Synchro socketpair */
  73         if (socketpair(AF_LOCAL, SOCK_STREAM, 0, sv)) {
  74                 lxc_log_syserror("failed to create communication socketpair");
  75                 goto err;
  76         }
  77
  78         /* Avoid signals from terminal */
  79         LXC_TTY_ADD_HANDLER(SIGINT);
  80         LXC_TTY_ADD_HANDLER(SIGQUIT);
  81
  82         clone_flags = CLONE_NEWPID|CLONE_NEWIPC;
  83         if (conf_has_fstab(name))
  84                 clone_flags |= CLONE_NEWNS;
  85         if (conf_has_utsname(name))
  86                 clone_flags |= CLONE_NEWUTS;
  87         if (conf_has_network(name))
  88                 clone_flags |= CLONE_NEWNET;
  89
  90         /* Create a process in a new set of namespaces */
  91         pid = fork_ns(clone_flags);
  92         if (pid < 0) {
  93                 lxc_log_syserror("failed to fork into a new namespace");
  94                 goto err_fork_ns;
  95         }
  96
  97         if (!pid) {
  98
  99                 close(sv[1]);
 100
 101                 /* Be sure we don't inherit this after the exec */
 102                 fcntl(sv[0], F_SETFD, FD_CLOEXEC);
 103
 104                 /* Tell our father he can begin to configure the container */
 105                 if (write(sv[0], &sync, sizeof(sync)) < 0) {
 106                         lxc_log_syserror("failed to write socket");
 107                         return 1;
 108                 }
 109
 110                 /* Wait for the father to finish the configuration */
 111                 if (read(sv[0], &sync, sizeof(sync)) < 0) {
 112                         lxc_log_syserror("failed to read socket");
 113                         return 1;
 114                 }
 115
 116                 /* Setup the container, ip, names, utsname, ... */
 117                 if (lxc_setup(name)) {
 118                         lxc_log_error("failed to setup the container");
 119                         if (write(sv[0], &sync, sizeof(sync)) < 0)
 120                                 lxc_log_syserror("failed to write the socket");
 121                         return -1;
 122                 }
 123
 124                 /* If a callback has been passed, call it before doing exec */
 125                 if (prestart)
 126                         if (prestart(name, argc, argv, data)) {
 127                                 lxc_log_error("prestart callback has failed");
 128                                 return -1;
 129                         }
 130
 131                 execvp(argv[0], argv);
 132                 lxc_log_syserror("failed to exec %s", argv[0]);
 133
 134                 /* If the exec fails, tell that to our father */
 135                 if (write(sv[0], &sync, sizeof(sync)) < 0)
 136                         lxc_log_syserror("failed to write the socket");
 137
 138                 exit(1);
 139         }
 140
 141         close(sv[0]);
 142
 143         /* Wait for the child to be ready */
 144         if (read(sv[1], &sync, sizeof(sync)) < 0) {
 145                 lxc_log_syserror("failed to read the socket");
 146                 goto err_pipe_read;
 147         }
 148
 149         /* Create the network configuration */
 150         if (clone_flags & CLONE_NEWNET && conf_create_network(name, pid)) {
 151                 lxc_log_error("failed to create the configured network");
 152                 goto err_create_network;
 153         }
 154
 155         /* Tell the child to continue its initialization */
 156         if (write(sv[1], &sync, sizeof(sync)) < 0) {
 157                 lxc_log_syserror("failed to write the socket");
 158                 goto err_pipe_write;
 159         }
 160
 161         /* Wait for the child to exec or returning an error */
 162         err = read(sv[1], &sync, sizeof(sync));
 163         if (err < 0) {
 164                 lxc_log_error("failed to read the socket");
 165                 goto err_pipe_read2;
 166         }
 167
 168         if (err > 0) {
 169                 lxc_log_error("something went wrong with %d", pid);
 170                 /* TODO : check status etc ... */
 171                 waitpid(pid, NULL, 0);
 172                 goto err_child_failed;
 173         }
 174
 175         asprintf(&val, "%d\n", pid);
 176         asprintf(&init, LXCPATH "/%s/init", name);
 177         fd = open(init, O_WRONLY|O_CREAT|O_TRUNC, S_IRUSR|S_IWUSR);
 178         if (fd < 0) {
 179                 lxc_log_syserror("failed to open '%s'", init);
 180                 goto err_write;
 181         }
 182
 183         if (write(fd, val, strlen(val)) < 0) {
 184                 lxc_log_syserror("failed to write the init pid");
 185                 goto err_write;
 186         }
 187
 188         close(fd);
 189
 190         if (lxc_link_nsgroup(name, pid))
 191                 lxc_log_warning("cgroupfs not found: cgroup disabled");
 192
 193         if (lxc_setstate(name, RUNNING)) {
 194                 lxc_log_error("failed to set state to %s",
 195                               lxc_state2str(RUNNING));
 196                 goto err_state_failed;
 197         }
 198
 199 wait_again:
 200         if (waitpid(pid, NULL, 0) < 0) {
 201                 if (errno == EINTR)
 202                         goto wait_again;
 203                 lxc_log_syserror("failed to wait the pid %d", pid);
 204                 goto err_waitpid_failed;
 205         }
 206
 207         if (lxc_setstate(name, STOPPING))
 208                 lxc_log_error("failed to set state %s", lxc_state2str(STOPPING));
 209
 210         if (clone_flags & CLONE_NEWNET && conf_destroy_network(name))
 211                 lxc_log_error("failed to destroy the network");
 212
 213         err = 0;
 214 out:
 215         if (lxc_setstate(name, STOPPED))
 216                 lxc_log_error("failed to set state %s", lxc_state2str(STOPPED));
 217
 218         lxc_unlink_nsgroup(name);
 219         unlink(init);
 220         free(init);
 221         free(val);
 222         lxc_put_lock(lock);
 223
 224         return err;
 225
 226 err_write:
 227         close(fd);
 228
 229 err_state_failed:
 230 err_child_failed:
 231 err_pipe_read2:
 232 err_pipe_write:
 233         if (clone_flags & CLONE_NEWNET)
 234                 conf_destroy_network(name);
 235 err_create_network:
 236 err_pipe_read:
 237 err_waitpid_failed:
 238         if (lxc_setstate(name, ABORTING))
 239                 lxc_log_error("failed to set state %s", lxc_state2str(STOPPED));
 240
 241         kill(pid, SIGKILL);
 242 err_fork_ns:
 243         LXC_TTY_DEL_HANDLER(SIGQUIT);
 244         LXC_TTY_DEL_HANDLER(SIGINT);
 245         close(sv[0]);
 246         close(sv[1]);
 247 err:
 248         goto out;
 249 }