Andrey Mazo [Tue, 24 Dec 2013 10:44:53 +0000 (14:44 +0400)]
Remove process_lock() except where actually needed
Functions like open(), close(), socket(), socketpair(), pipe() and mkdir()
are generally thin wrappers around kernel-provided system calls.
It's the kernel not libc, who ensures race-free handling of file
descriptors.
Thus locking around these functions is unnecessary even on somewhat buggy libcs.
fopen(), fclose() and other stdio functions may maintain internal lists
of open file handles and thus can be prone to race-conditions.
Hopefully, most libcs utilize proper locking or other ways to ensure
thread-safety of these functions.
Bionic used to have non-thread-safe stdio [2] but that must be fixed
since android 4.3 [3, 4].
S.Çağlar Onur showed [1] that openpty() (because of nsswitch) is not thread-safe though.
So we workaround it by protecting openpty() calls with process_lock()/process_unlock().
Because of the need to guard openpty() with process_lock()/process_unlock(),
process_unlock() is still used after fork().
KATOH Yasufumi [Tue, 24 Dec 2013 06:56:23 +0000 (15:56 +0900)]
doc: Fix the description of -n option in lxc-info(1)
Commit 5444216 revised -n option from allowing to specify multiple
containers using regex to specifying only one container. But
lxc-info(1) remains original. so
- mark -n required
- remove the description of -n that is included in common options
Serge Hallyn [Mon, 23 Dec 2013 16:23:38 +0000 (10:23 -0600)]
lxc-stop: don't set timeout if user requested -s
A timeout means wait this long before killing the container.
-s means don't kill the container. timeout defaults to 60
seconds. So if a shutdown is requested, then set timeout to
0.
Stéphane Graber [Fri, 20 Dec 2013 13:28:32 +0000 (14:28 +0100)]
Set default paths for unprivileged use (v2)
When running unprivileged (euid != 0), LXC will now use the following paths:
- Default lxc path: ~/.local/share/lxc/
- Default config path: ~/.config/lxc/lxc.conf
Those two paths are based on standard XDG paths (though ignoring all the
possible override paths for now at least) and so probably don't need to
be configurable at build time.
Serge Hallyn [Thu, 19 Dec 2013 21:33:22 +0000 (15:33 -0600)]
conf.c: fix unprivileged network case
If unprivileged users are using a veth nic, then ifindex is still 0
at lxc_assign_network() (because lxc_create_network() was skipped).
So check for that case before we use lxc->ifindex to decide if we
have an empty network namespace.
We probably should change the !netdev->ifindex check to a
netdev->type == LXC_NET_EMPTY check, but I've been making enough
mistakes today not to risk that.
Serge Hallyn [Thu, 19 Dec 2013 21:18:24 +0000 (15:18 -0600)]
cgroup: don't set clone_children when it is already 1
In particular, if it's already 1, and we can't change it, we currently
fail out. That's silly.
I was going to just always continue, but if clone_children is not 1,
then the container *will* fail to start later on, so I'd rather stop
earlier on so the original cause doesn't get lost in the noise.
Stéphane Graber [Mon, 16 Dec 2013 20:32:47 +0000 (15:32 -0500)]
Add lxc-autostart
This introduces a new lxc-autostart binary (and associated manpage)
which will let you start/shutdown/kill/restart any container that's
marked as lxc.start.auto=1. It respects the lxc.start.delay value,
sorts by lxc.start.order and filters by lxc.group.
By default it'll affect all containers that DO NOT have lxc.group
set. If -g is specified, ONLY containers in those group will be
affected. To have a command applied to all containers, the -a
argument can be used.
A -L flag is also offered for distributions wishing to start the
containers themselves while still using LXC's calculated order and
wait delays. Instead of performing the action, it'll print the container
name and (if relevant for the action) the wait time.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com> Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
Serge Hallyn [Thu, 19 Dec 2013 19:59:30 +0000 (13:59 -0600)]
fix lxc-usernsexec regression
In what should have been a straightforward fix for a bug found by
priority, I sent 1 instead of '1' from parent to child, while the
child checked for '1'. Fix.
S.Çağlar Onur [Thu, 19 Dec 2013 05:08:51 +0000 (00:08 -0500)]
remove static_lock()/static_unlock() and start to use thread local storage (v2)
While testing https://github.com/lxc/lxc/pull/106, I found that concurrent starts
are hanging time to time. I then reproduced the same problem in master and got following;
[caglar@oOo:~] sudo gdb -p 16221
(gdb) bt
#0 __lll_lock_wait () at ../nptl/sysdeps/unix/sysv/linux/x86_64/lowlevellock.S:135
#1 0x00007f495526515c in _L_lock_982 () from /lib/x86_64-linux-gnu/libpthread.so.0
#2 0x00007f4955264fab in __GI___pthread_mutex_lock (mutex=0x7f49556d4600 <static_mutex>) at pthread_mutex_lock.c:64
#3 0x00007f49554b27a6 in lock_mutex (l=l@entry=0x7f49556d4600 <static_mutex>) at lxclock.c:78
#4 0x00007f49554b2dac in static_lock () at lxclock.c:330
#5 0x00007f4955498f71 in lxc_global_config_value (option_name=option_name@entry=0x7f49554c02cf "cgroup.use") at utils.c:273
#6 0x00007f495549926c in default_cgroup_use () at utils.c:366
#7 0x00007f49554953bd in lxc_cgroup_load_meta () at cgroup.c:94
#8 0x00007f495548debc in lxc_spawn (handler=handler@entry=0x7f49200af300) at start.c:783
#9 0x00007f495548e7a7 in __lxc_start (name=name@entry=0x7f49200b48a0 "lxc-test-concurrent-4", conf=conf@entry=0x7f49200b2030, ops=ops@entry=0x7f49556d3900 <start_ops>, data=data@entry=0x7f495487db90,
lxcpath=lxcpath@entry=0x7f49200b2010 "/var/lib/lxc") at start.c:951
#10 0x00007f495548eb9c in lxc_start (name=0x7f49200b48a0 "lxc-test-concurrent-4", argv=argv@entry=0x7f495487dbe0, conf=conf@entry=0x7f49200b2030, lxcpath=0x7f49200b2010 "/var/lib/lxc") at start.c:1048
#11 0x00007f49554b68f1 in lxcapi_start (c=0x7f49200b1dd0, useinit=<optimized out>, argv=0x7f495487dbe0) at lxccontainer.c:648
#12 0x0000000000401317 in do_function (arguments=0x1aa80b0) at concurrent.c:94
#13 0x0000000000401499 in concurrent (arguments=<optimized out>) at concurrent.c:130
#14 0x00007f4955262f6e in start_thread (arg=0x7f495487e700) at pthread_create.c:311
#15 0x00007f4954f8d9cd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113
It looks like both parent and child end up with locked mutex thus deadlocks.
I ended up placing values in the thread local storage pool, instead of doing "unlock the lock in the child" dance
Signed-off-by: S.Çağlar Onur <caglar@10ur.org> Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
S.Çağlar Onur [Sat, 14 Dec 2013 05:41:25 +0000 (00:41 -0500)]
introduce lxcapi_rename for renaming containers
lxcapi_rename implemented as a convenience function as lately
I find myself in a need to rename a container due to a
typo in its name. I could have started over but didn't want
to spend more time (to installing extra packages and changing
their configuration) on it.
c->clone() followed by c->destroy() did the trick for me and I
though it could be helpful to the other people, so here it is.
Serge Hallyn [Mon, 16 Dec 2013 13:50:58 +0000 (07:50 -0600)]
stop: add nolock option
If the system gets into a bad state, it may become impossible to get
the lxc container locks. We should still be able to stop containers
in that case. Add a -L/--nolock option to specify this behavior.
S.Çağlar Onur [Sun, 15 Dec 2013 05:06:30 +0000 (00:06 -0500)]
make mountcgroups hook to lxc.include aware (v2)
[resending the patch from correct branch]
commit 09ad624693cb0ef41cf246e2876b5f356783b34d introduced lxc.include option
to include other config files. This patch uses it in mountcgroups hook otherwise
lxc-start fails with following error message for the nested containers;
root@oOo:/var/lib/lxc/raring# lxc-start -l debug -o l -n raring -d
lxc-start: command get_cgroup failed to receive response
Stéphane Graber [Sun, 15 Dec 2013 23:48:38 +0000 (18:48 -0500)]
configure.ac: Make our configure more consistent
This commit does the following changes:
- Disable rpath by default
- Switch all of our options to --enable-FEATURE in the help
- Add auto-detection of libcap availability
- Add auto-detection of python3 availability
- Always specify the default value in --help
- Add a configuration overview at the end
Serge Hallyn [Fri, 13 Dec 2013 18:46:28 +0000 (12:46 -0600)]
make 'empty network' the default
Currently if no lxc.network.type section is in the container
configuration, the container ends up sharing the host's network.
This is a dangerous default.
Instead, add 'lxc.network.type = none' as a valid type, and make
en empty network the default.
If none as well as another network type are specified, then the
none type will be ignored.
Stéphane Graber [Tue, 10 Dec 2013 23:04:07 +0000 (18:04 -0500)]
ubuntu: Make vim part of base template
This moves vim back to the default list of packages, drops the duplicate
ssh entry which means that unless extra packages are passed through
--packages, container creation won't invoke apt-get anymore.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com> Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
S.Çağlar Onur [Sat, 7 Dec 2013 22:52:14 +0000 (17:52 -0500)]
use $LOCALSTATEDIR/lock/subsys/lxc-ubuntu$release as lock filename
Otherwise one cannot create two containers with different releases
(let's say saucy [cached] and raring [not caced]) if both are not
cached on the local filesystem already. The lock blocks cached
one to move forward until not cached one finishes it's downloads.
While char is a signed type and should have no trouble
storing a "-1" value, getopt_long() will return a value of 255
instead of -1. This has been noticed on powerpc; there's also
some upstream talk about it at [1].
Change variable type from char to int, since it's also the
documented use.
Dwight Engen [Fri, 6 Dec 2013 20:36:50 +0000 (15:36 -0500)]
let lxc-monitor command ask a lxc-monitord instance to quit
Once lxc-monitord receives a quit request from lxc-monitor, it will then
return from the mainloop every time an event occurs on any of its fds and
check if it has any clients left. When there are no more it exits. This
allows lxc-monitord to quit immediately instead of waiting the normal 30
seconds for more clients, potentially freeing up lxcpath for unmounting.
Stéphane Graber [Sat, 30 Nov 2013 00:19:09 +0000 (19:19 -0500)]
Move some common Ubuntu config
This introduces a new /usr/share/lxc/config directory containing common
configuration snippets.
The two Ubuntu templates are then simplified to just include the
relevant entries avoiding a whole lot of hardcoded cgroup, capabilities
and mount points configuration.
An extra comment is also added at the top of all generated configuration
files telling the user to look at lxc.conf(5) for more information.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com> Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
Stéphane Graber [Thu, 5 Dec 2013 20:37:56 +0000 (15:37 -0500)]
Add support for new create=(dir,file) mount option
Just like we already had "optional", this adds two new LXC-specific
mount flags:
- create=dir (will do a mkdir_p on the path)
- create=file (will do a mkdir_p on the dirname + a fopen on the path)
This was motivated by some of the needed bind-mounts for the
unprivileged containers.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com> Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
Stéphane Graber [Tue, 3 Dec 2013 21:45:13 +0000 (16:45 -0500)]
python3: Drop duplicate add_device_node function
It is now natively implemented in C, the new function takes the same
arguments (same order, different names) and has been confirmed to work
with lxc-device.
Andrey Mazo [Thu, 28 Nov 2013 12:45:47 +0000 (16:45 +0400)]
run_buffer(): unblock all signals for spawned scripts.
Currently, all scripts, specified as "lxc.network.script.up", inherit
lxc-execute's signal mask.
This, for example, includes blocked SIGALRM signal which, in turn, makes
alarm(2), sleep(3) and setitimer(2) functions silently unusable in all programs,
invoked in turn by the "lxc.network.script.up".
To fix this, run_buffer() should restore default signal mask prior to
executing "lxc.network.script.up".
A naive implementation would temprorary unblock all signals just before
calling popen() and block them back immediately after it.
But that would result in an immediate delivery of all pending signals just
after their unblocking.
Thus, we should restore default signal mask exactly in child (after fork())
just before calling exec().
To achieve this, a home-brewed popen() alternative is needed.
The added lxc_popen() and lxc_pclose() are mostly taken from glibc with
several simplifications (as we currently need only "re" mode).
The implementation uses Linux-specific pipe2() system-call,
which is only available since Linux 2.6.27 and supported by glibc since
version 2.9 (according to pipe(2) man-page), but this shouldn't be a
problem as lxc requires a fairly recent kernel too.
lxc_popen()/lxc_pclose() are meant to be direct replacements for their
stdio counterparts, so they perform no process_lock() locking
themselves. (as fopen_cloexec() does)
All existing users of popen()/pclose() are converted to the new
lxc_popen()/lxc_pclose().
(mazo: don't clear close-on-exec flag for parent's end;
place the new functions in utils.c;
convert bdev.c to use the new functions;
coding style fixes;
comments fixes;
commit message tweaks)
Signed-off-by: Ivan Bolsunov <bolsunov@telum.ru> Signed-off-by: Andrey Mazo <mazo@telum.ru>
Serge Hallyn [Mon, 2 Dec 2013 19:17:34 +0000 (13:17 -0600)]
confile.c: clear entries if no value
For list configuration entries like capabilities and cgroups
entries, if there is a 'key =' value (i.e. "lxc.cap.drop =")
then clear any loaded entries.
projects / mirror_lxc.git / log