]>
git.proxmox.com Git - pve-container.git/blob - src/lxc-pve-prestart-hook
3 package lxc_pve_prestart_hook
;
8 use Fcntl
qw(O_DIRECTORY :mode);
18 use PVE
::Syscall
qw(:fsmount);
19 use PVE
::Tools
qw(AT_FDCWD O_PATH);
21 PVE
::LXC
::Tools
::lxc_hook
('pre-start', 'lxc', sub {
22 my ($vmid, $vars, undef, undef) = @_;
24 my $skiplock_flag_fn = "/run/lxc/skiplock-$vmid";
25 my $skiplock = 1 if -e
$skiplock_flag_fn;
26 unlink $skiplock_flag_fn if $skiplock;
28 PVE
::Cluster
::check_cfs_quorum
(); # only start if we have quorum
30 return undef if ! -f PVE
::LXC
::Config-
>config_file($vmid);
32 my $conf = PVE
::LXC
::Config-
>load_config($vmid);
33 if (!$skiplock && !PVE
::LXC
::Config-
>has_lock($conf, 'mounted')) {
34 PVE
::LXC
::Config-
>check_lock($conf);
37 cleanup_cgroups
($vmid);
39 my $storage_cfg = PVE
::Storage
::config
();
41 my $vollist = PVE
::LXC
::Config-
>get_vm_volumes($conf);
42 my $loopdevlist = PVE
::LXC
::Config-
>get_vm_volumes($conf, 'rootfs');
44 PVE
::Storage
::activate_volumes
($storage_cfg, $vollist);
46 my $rootdir = $vars->{ROOTFS_PATH
};
48 # Delete any leftover reboot-trigger file
49 unlink("/var/lib/lxc/$vmid/reboot");
51 my $devlist_file = "/var/lib/lxc/$vmid/devices";
55 my (undef, $rootuid, $rootgid) = PVE
::LXC
::parse_id_maps
($conf);
57 # Unmount first when the user mounted the container with "pct mount".
59 PVE
::Tools
::run_command
(['umount', '--recursive', $rootdir], outfunc
=> sub {}, errfunc
=> sub {});
63 if (!PVE
::LXC
::Tools
::can_use_new_mount_api
()) {
64 # Legacy mode for old kernels:
65 $setup_mountpoint = sub {
66 my ($opt, $mountpoint) = @_;
68 my (undef, undef, $dev) = PVE
::LXC
::mountpoint_mount
(
76 push @$devices, $dev if $dev && $mountpoint->{quota
};
79 # With newer kernels we stage mount points and then use move_mount().
80 my $rootdir_fd = undef;
81 $setup_mountpoint = sub {
82 my ($opt, $mountpoint) = @_;
84 my $dir = PVE
::LXC
::get_staging_mount_path
($opt);
85 my (undef, undef, $dev, $mount_fd) = PVE
::LXC
::mountpoint_stage
(
94 my ($dest_dir, $dest_base_fd);
96 # Mount relative to the rootdir fd.
97 $dest_base_fd = $rootdir_fd;
98 $dest_dir = './' . $mountpoint->{mp
};
100 # Assert that 'rootfs' is the first one:
101 die "foreach_mount() error\n" if $opt ne 'rootfs';
103 # Mount the rootfs absolutely.
104 # $rootdir is not controlled by the container, so this is fine.
105 sysopen($dest_base_fd, '/', O_PATH
| O_DIRECTORY
)
106 or die "failed to open '.': $!\n";
107 $dest_dir = $rootdir;
110 PVE
::LXC
::mountpoint_insert_staged
(
119 # From now on we mount inside our rootfs:
121 $rootdir_fd = $mount_fd;
124 push @$devices, $dev if $dev && $mountpoint->{quota
};
128 PVE
::LXC
::Config-
>foreach_volume($conf, $setup_mountpoint);
130 my $lxc_setup = PVE
::LXC
::Setup-
>new($conf, $rootdir);
131 $lxc_setup->pre_start_hook();
135 foreach my $dev (@$devices) {
136 my ($mode, $rdev) = (stat($dev))[2,6];
137 next if !$mode || !S_ISBLK
($mode) || !$rdev;
138 my $major = PVE
::Tools
::dev_t_major
($rdev);
139 my $minor = PVE
::Tools
::dev_t_minor
($rdev);
140 $devlist .= "b:$major:$minor:$dev\n";
142 PVE
::Tools
::file_set_contents
($devlist_file, $devlist);
146 # Leftover cgroups prevent lxc from starting without any useful information
147 # showing up in the journal, it is also often unable to properly clean them up
148 # at shutdown, so we do this here.
149 sub cleanup_cgroups
($) {
152 if (PVE
::LXC
::CGroup
::cgroup_mode
() == 2) {
153 rmdir_recursive
("/sys/fs/cgroup/lxc/$vmid");
154 rmdir_recursive
("/sys/fs/cgroup/lxc.monitor/$vmid");
156 my ($v1, $v2) = PVE
::LXC
::get_cgroup_subsystems
();
158 my @controllers_cgv1 = keys %$v1;
159 foreach my $controller (@controllers_cgv1) {
160 $controller =~ s/^name=//; # `name=systemd` is mounted just as `systemd`
161 rmdir_recursive
("/sys/fs/cgroup/$controller/lxc/$vmid");
162 rmdir_recursive
("/sys/fs/cgroup/$controller/lxc.monitor/$vmid");
166 rmdir_recursive
("/sys/fs/cgroup/unified/lxc/$vmid");
167 rmdir_recursive
("/sys/fs/cgroup/unified/lxc.monitor/$vmid");
172 # FIXME: This is an ugly version without openat() because perl has no equivalent
173 # of fdopendir() so we cannot readdir from an openat() opened handle.
174 sub rmdir_recursive
{
178 if (!opendir($dh, $path)) {
179 return if $!{ENOENT
};
180 die "failed to open directory '$path': $!\n";
183 while (defined(my $entry = readdir($dh))) {
184 next if $entry eq '.' || $entry eq '..';
185 my $next = "$path/$entry";
187 rmdir_recursive
($next);
190 rmdir($path) or die "failed to remove directory '$path': $!\n";