]> git.proxmox.com Git - mirror_lxc.git/commitdiff
projects / mirror_lxc.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9aff2c8)
start: reap intermediate process
authorChristian Brauner <christian.brauner@ubuntu.com>
Mon, 18 Dec 2017 13:08:02 +0000 (14:08 +0100)
committerChristian Brauner <christian.brauner@ubuntu.com>
Mon, 18 Dec 2017 13:08:54 +0000 (14:08 +0100)
When we inherit namespaces we need to reap the attaching process.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
src/lxc/error.h patch | blob | blame | history
src/lxc/start.c patch | blob | blame | history

diff --git a/src/lxc/error.h b/src/lxc/error.h
index d5d60de0f0ae6c4960ab0853e3a9f921057ecfc2..6fe474a13de89c03fe840abd7566968c5b55833d 100644 (file)
--- a/src/lxc/error.h
+++ b/src/lxc/error.h
@@ -23,6 +23,8 @@
 #ifndef __LXC_ERROR_H
 #define __LXC_ERROR_H
 
+#define LXC_CLONE_ERROR "Failed to clone a new set of namespaces"
+
 extern int  lxc_error_set_and_log(int pid, int status);
 
 #endif
diff --git a/src/lxc/start.c b/src/lxc/start.c
index e175076068c433f353fe4cbfa1f918a83bdf7fe2..c53d43656d2b3c0cdd9fc23be5dc65a34baef2bb 100644 (file)
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -1399,14 +1399,28 @@ static int lxc_spawn(struct lxc_handler *handler)
        /* The cgroup namespace gets unshare()ed not clone()ed. */
        handler->on_clone_flags &= ~CLONE_NEWCGROUP;
 
-       if (share_ns)
-               ret = lxc_clone(do_share_ns, handler, CLONE_VFORK | CLONE_VM | CLONE_FILES);
-       else
+       if (share_ns) {
+               pid_t attacher_pid;
+
+               attacher_pid = lxc_clone(do_share_ns, handler, CLONE_VFORK | CLONE_VM | CLONE_FILES);
+               if (attacher_pid < 0) {
+                       SYSERROR(LXC_CLONE_ERROR);
+                       goto out_delete_net;
+               }
+
+               ret = wait_for_pid(attacher_pid);
+               if (ret < 0) {
+                       SYSERROR("Intermediate process failed");
+                       goto out_delete_net;
+               }
+       } else {
                handler->pid = lxc_clone(do_start, handler, handler->on_clone_flags);
-       if (handler->pid < 0 || ret < 0) {
-               SYSERROR("Failed to clone a new set of namespaces.");
+       }
+       if (handler->pid < 0) {
+               SYSERROR(LXC_CLONE_ERROR);
                goto out_delete_net;
        }
+
        TRACE("Cloned child process %d", handler->pid);
 
        for (i = 0; i < LXC_NS_MAX; i++)
LXC mirror