Create --share-ipc option

author Marek Majkowski <marek@cloudflare.com>

Tue, 12 Nov 2013 13:14:25 +0000 (05:14 -0800)

committer Marek Majkowski <marek@cloudflare.com>

Tue, 12 Nov 2013 13:14:25 +0000 (05:14 -0800)
author Marek Majkowski <marek@cloudflare.com>
Tue, 12 Nov 2013 13:14:25 +0000 (05:14 -0800)
committer Marek Majkowski <marek@cloudflare.com>
Tue, 12 Nov 2013 13:14:25 +0000 (05:14 -0800)
diff --git a/doc/lxc-start.sgml.in b/doc/lxc-start.sgml.in

index 756ea9c49cf94e1e260387a7612df1b07e02e2d4..86024f66d626560279be012aa2926c1a51ba7d73 100644 (file)
--- a/doc/lxc-start.sgml.in
+++ b/doc/lxc-start.sgml.in
@@ -58,6 +58,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
        <arg choice="opt">-s KEY=VAL</arg>
        <arg choice="opt">-C</arg>
        <arg choice="opt">--share-net <replaceable>name|pid</replaceable></arg>
+      <arg choice="opt">--share-ipc <replaceable>name|pid</replaceable></arg>
        <arg choice="opt">command</arg>
      </cmdsynopsis>
    </refsynopsisdiv>
@@ -203,6 +204,15 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
         </listitem>
        </varlistentry>
  
+      <varlistentry>
+       <term>
+         <option>--share-ipc <replaceable>name|pid</replaceable></option>
+       </term>
+       <listitem>
+         <para>
+            Inherit an IPC namespace from
+           a <replaceable>name</replaceable> container or
+           a <replaceable>pid</replaceable>.
           </para>
         </listitem>
        </varlistentry>
diff --git a/src/lxc/arguments.h b/src/lxc/arguments.h

index bf262f859034d21e10b1b9cb5813ad82b6b60503..1befc8da02762d3bb17eca24cb14c7e50bbe5016 100644 (file)
--- a/src/lxc/arguments.h
+++ b/src/lxc/arguments.h
@@ -55,6 +55,7 @@ struct lxc_arguments {
  
         /* for lxc-start */
         const char *share_net;
+       const char *share_ipc;
  
         /* for lxc-checkpoint/restart */
         const char *statefile;
diff --git a/src/lxc/lxc_start.c b/src/lxc/lxc_start.c

index ca88940aa87291fd55d0e0716ec384c81b20f3ff..28c84cb40b2f2aad9767c43dac16b4cdb8a7c48c 100644 (file)
--- a/src/lxc/lxc_start.c
+++ b/src/lxc/lxc_start.c
@@ -52,6 +52,7 @@
  #include "arguments.h"
  
  #define OPT_SHARE_NET OPT_USAGE+1
+#define OPT_SHARE_IPC OPT_USAGE+2
  
  lxc_log_define(lxc_start_ui, lxc_start);
  
@@ -146,6 +147,7 @@ static int my_parser(struct lxc_arguments* args, int c, char* arg)
         case 's': return lxc_config_define_add(&defines, arg);
         case 'p': args->pidfile = arg; break;
         case OPT_SHARE_NET: args->share_net = arg; break;
+       case OPT_SHARE_IPC: args->share_ipc = arg; break;
         }
         return 0;
  }
@@ -159,6 +161,7 @@ static const struct option my_longopts[] = {
         {"close-all-fds", no_argument, 0, 'C'},
         {"pidfile", required_argument, 0, 'p'},
         {"share-net", required_argument, 0, OPT_SHARE_NET},
+       {"share-ipc", required_argument, 0, OPT_SHARE_IPC},
         LXC_COMMON_OPTIONS
  };
  
@@ -181,6 +184,7 @@ Options :\n\
                          Note: --daemon implies --close-all-fds\n\
    -s, --define KEY=VAL   Assign VAL to configuration variable KEY\n\
        --share-net=NAME   Share a network namespace with another container or pid\n\
+      --share-ipc=NAME   Share an IPC namespace with another container or pid\n\
  ",
         .options   = my_longopts,
         .parser    = my_parser,
@@ -308,6 +312,17 @@ int main(int argc, char *argv[])
                 conf->inherit_ns_fd[LXC_NS_NET] = fd;
         }
  
+       if (my_args.share_ipc != NULL) {
+               int pid = pid_from_lxcname(my_args.share_ipc, lxcpath);
+               if (pid < 1)
+                       goto out;
+
+               int fd = open_ns(pid, "ipc");
+               if (fd < 0)
+                       goto out;
+               conf->inherit_ns_fd[LXC_NS_IPC] = fd;
+       }
+
         if (my_args.daemonize) {
                 c->want_daemonize(c);
         }
diff --git a/src/lxc/start.c b/src/lxc/start.c

index 425fa1dbf25b1f59e6f36e290328ac6835d9224f..f591ad7dab429e6a23966408e3348cfc3ec5c9a6 100644 (file)
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -727,7 +727,7 @@ int lxc_spawn(struct lxc_handler *handler)
         if (lxc_sync_init(handler))
                 return -1;
  
-       handler->clone_flags = CLONE_NEWUTS|CLONE_NEWPID|CLONE_NEWIPC|CLONE_NEWNS;
+       handler->clone_flags = CLONE_NEWUTS|CLONE_NEWPID|CLONE_NEWNS;
         if (!lxc_list_empty(&handler->conf->id_map)) {
                 INFO("Cloning a new user namespace");
                 handler->clone_flags |= CLONE_NEWUSER;
@@ -766,6 +766,12 @@ int lxc_spawn(struct lxc_handler *handler)
                 INFO("Inheriting a net namespace");
         }
  
+       if (handler->conf->inherit_ns_fd[LXC_NS_IPC] == -1) {
+               handler->clone_flags |= CLONE_NEWIPC;
+       } else {
+               INFO("Inheriting an IPC namespace");
+       }
+
  
         cgroup_meta = lxc_cgroup_load_meta();
         if (!cgroup_meta) {
author	Marek Majkowski <marek@cloudflare.com>
	Tue, 12 Nov 2013 13:14:25 +0000 (05:14 -0800)
committer	Marek Majkowski <marek@cloudflare.com>
	Tue, 12 Nov 2013 13:14:25 +0000 (05:14 -0800)
doc/lxc-start.sgml.in		patch \| blob \| blame \| history
src/lxc/arguments.h		patch \| blob \| blame \| history
src/lxc/lxc_start.c		patch \| blob \| blame \| history
src/lxc/start.c		patch \| blob \| blame \| history