git.proxmox.com Git - mirror_lxc.git/commit

author	Tycho Andersen <tycho.andersen@canonical.com>
	Mon, 20 Apr 2015 23:34:31 +0000 (17:34 -0600)
committer	Stéphane Graber <stgraber@ubuntu.com>
	Wed, 22 Apr 2015 16:30:32 +0000 (12:30 -0400)
commit	507cee3618237d3776441c882be57429795fee08
tree	8b4251577ce09a4c58cf1a96cd818cefe76380a4	tree
parent	dd62857af3f7a267f14bf5769560daea6c3e8dec	commit \| diff

c/r: re-open fds after clone()

If we don't re-open these after clone, the init process has a pointer to the
parent's /dev/{zero,null}. CRIU seese these and wants to dump the parent's
mount namespace, which is unnecessary. Instead, we should just re-open
stdin/out/err after we do the clone and pivot root, to ensure that we have
pointers to the devcies in init's rootfs instead of the host's.

v2: Only close fds if the container was daemonized. This didn't turn out as
    nicely as described on the list because lxc_start() doesn't actually have
    the struct lxc_container, so it cant see the flag. Instead, we just pass it
    down everywhere.

Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

src/lxc/execute.c		diff \| blob \| blame \| history
src/lxc/lxc.h		diff \| blob \| blame \| history
src/lxc/lxc_execute.c		diff \| blob \| blame \| history
src/lxc/lxccontainer.c		diff \| blob \| blame \| history
src/lxc/start.c		diff \| blob \| blame \| history
src/lxc/start.h		diff \| blob \| blame \| history