mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-01-18 10:35:20 +00:00
virprocess: Introduce virProcessSetupPrivateMountNS
This part of code that LXC currently uses will be reused so move to a generic function. Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
This commit is contained in:
parent
de8607d77d
commit
48a12d3b25
@ -272,7 +272,7 @@ dnl and various less common threadsafe functions
|
||||
AC_CHECK_FUNCS_ONCE([cfmakeraw fallocate geteuid getgid getgrnam_r \
|
||||
getmntent_r getpwuid_r getrlimit getuid kill mmap newlocale posix_fallocate \
|
||||
posix_memalign prlimit regexec sched_getaffinity setgroups setns \
|
||||
setrlimit symlink sysctlbyname getifaddrs sched_setscheduler])
|
||||
setrlimit symlink sysctlbyname getifaddrs sched_setscheduler unshare])
|
||||
|
||||
dnl Availability of pthread functions. Because of $LIB_PTHREAD, we
|
||||
dnl cannot use AC_CHECK_FUNCS_ONCE. LIB_PTHREAD and LIBMULTITHREAD
|
||||
|
@ -2263,6 +2263,7 @@ virProcessSetMaxMemLock;
|
||||
virProcessSetMaxProcesses;
|
||||
virProcessSetNamespaces;
|
||||
virProcessSetScheduler;
|
||||
virProcessSetupPrivateMountNS;
|
||||
virProcessTranslateStatus;
|
||||
virProcessWait;
|
||||
|
||||
|
@ -2092,8 +2092,6 @@ lxcCreateTty(virLXCControllerPtr ctrl, int *ttymaster,
|
||||
static int
|
||||
virLXCControllerSetupPrivateNS(void)
|
||||
{
|
||||
int ret = -1;
|
||||
|
||||
/*
|
||||
* If doing a chroot style setup, we need to prepare
|
||||
* a private /dev/pts for the child now, which they
|
||||
@ -2115,21 +2113,7 @@ virLXCControllerSetupPrivateNS(void)
|
||||
* marked as shared
|
||||
*/
|
||||
|
||||
if (unshare(CLONE_NEWNS) < 0) {
|
||||
virReportSystemError(errno, "%s",
|
||||
_("Cannot unshare mount namespace"));
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
if (mount("", "/", NULL, MS_SLAVE|MS_REC, NULL) < 0) {
|
||||
virReportSystemError(errno, "%s",
|
||||
_("Failed to switch root mount into slave mode"));
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
ret = 0;
|
||||
cleanup:
|
||||
return ret;
|
||||
return virProcessSetupPrivateMountNS();
|
||||
}
|
||||
|
||||
|
||||
|
@ -28,6 +28,9 @@
|
||||
#include <stdlib.h>
|
||||
#include <sys/wait.h>
|
||||
#include <unistd.h>
|
||||
#if HAVE_SYS_MOUNT_H
|
||||
# include <sys/mount.h>
|
||||
#endif
|
||||
#if HAVE_SETRLIMIT
|
||||
# include <sys/time.h>
|
||||
# include <sys/resource.h>
|
||||
@ -1146,6 +1149,41 @@ virProcessRunInMountNamespace(pid_t pid,
|
||||
}
|
||||
|
||||
|
||||
#if defined(HAVE_SYS_MOUNT_H) && defined(HAVE_UNSHARE)
|
||||
int
|
||||
virProcessSetupPrivateMountNS(void)
|
||||
{
|
||||
int ret = -1;
|
||||
|
||||
if (unshare(CLONE_NEWNS) < 0) {
|
||||
virReportSystemError(errno, "%s",
|
||||
_("Cannot unshare mount namespace"));
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
if (mount("", "/", NULL, MS_SLAVE|MS_REC, NULL) < 0) {
|
||||
virReportSystemError(errno, "%s",
|
||||
_("Failed to switch root mount into slave mode"));
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
ret = 0;
|
||||
cleanup:
|
||||
return ret;
|
||||
}
|
||||
|
||||
#else /* !defined(HAVE_SYS_MOUNT_H) || !defined(HAVE_UNSHARE) */
|
||||
|
||||
int
|
||||
virProcessSetupPrivateMountNS(void)
|
||||
{
|
||||
virReportSystemError(ENOSYS, "%s",
|
||||
_("Namespaces are not supported on this platform."));
|
||||
return -1;
|
||||
}
|
||||
#endif /* !defined(HAVE_SYS_MOUNT_H) || !defined(HAVE_UNSHARE) */
|
||||
|
||||
|
||||
/**
|
||||
* virProcessExitWithStatus:
|
||||
* @status: raw status to be reproduced when this process dies
|
||||
|
@ -90,6 +90,8 @@ int virProcessRunInMountNamespace(pid_t pid,
|
||||
virProcessNamespaceCallback cb,
|
||||
void *opaque);
|
||||
|
||||
int virProcessSetupPrivateMountNS(void);
|
||||
|
||||
int virProcessSetScheduler(pid_t pid,
|
||||
virProcessSchedPolicy policy,
|
||||
int priority);
|
||||
|
Loading…
x
Reference in New Issue
Block a user