git.proxmox.com Git - mirror_lxc.git/commit

start: fix cgroup namespace preservation

Prior to this patch we raced with a very short-lived init process. Essentially,
the init process could exit before we had time to record the cgroup namespace
causing the container to abort and report ABORTING to the caller when it
actually started just fine. Let's not do this.

(This uses syscall(SYS_getpid) in the the child to retrieve the pid just in case
we're on an older glibc version and we end up in the namespace sharing branch
of the actual lxc_clone() call.)

Additionally this fixes the shortlived tests. They were faulty so far and
should have actually failed because of the cgroup namespace recording race but
the ret variable used to return from the function was not correctly
initialized. This fixes it.
Furthermore, the shortlived tests used the c->error_num variable to determine
success or failure but this is actually not correct when the container is
started daemonized.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

author	Christian Brauner <christian.brauner@ubuntu.com>
	Tue, 12 Dec 2017 23:22:47 +0000 (00:22 +0100)
committer	Christian Brauner <christian.brauner@ubuntu.com>
	Tue, 12 Dec 2017 23:28:30 +0000 (00:28 +0100)
commit	5af9369bf39931908f87fd6ad1a55e15041fe5c6
tree	cd81eccfec2fedbfd8ffe8a9d14d070e88c0159e	tree
parent	f449521ce675ba1b5c9a8a8ffc559016844dcec6	commit \| diff

src/lxc/criu.c		diff \| blob \| blame \| history
src/lxc/start.c		diff \| blob \| blame \| history
src/lxc/start.h		diff \| blob \| blame \| history
src/tests/shortlived.c		diff \| blob \| blame \| history