lxc: acquire a pidfile in the driver root directory

When we allow multiple instances of the driver for the same user
account, using a separate root directory, we need to ensure mutual
exclusion. Use a pidfile to guarantee this.

In privileged libvirtd this ends up locking

   /var/run/libvirt/lxc/driver.pid

In unprivileged libvirtd this ends up locking

  /run/user/$UID/libvirt/lxc/run/driver.pid

NB, the latter can vary depending on $XDG_RUNTIME_DIR

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

src/lxc/lxc_conf.h

@@ -70,6 +70,9 @@ struct _virLXCDriver {
      * then lockless thereafter */
     virLXCDriverConfigPtr config;
 
+    /* pid file FD, ensures two copies of the driver can't use the same root */
+    int lockFD;
+
     /* Require lock to get a reference on the object,
      * lockless access thereafter */
     virCapsPtr caps;

src/lxc/lxc_driver.c

@@ -1559,6 +1559,7 @@ static int lxcStateInitialize(bool privileged,
 
     if (VIR_ALLOC(lxc_driver) < 0)
         return -1;
+    lxc_driver->lockFD = -1;
     if (virMutexInit(&lxc_driver->lock) < 0) {
         VIR_FREE(lxc_driver);
         return -1;
@@ -1605,6 +1606,10 @@ static int lxcStateInitialize(bool privileged,
         goto cleanup;
     }
 
+    if ((lxc_driver->lockFD =
+         virPidFileAcquire(cfg->stateDir, "driver", true, getpid())) < 0)
+        goto cleanup;
+
     /* Get all the running persistent or transient configs first */
     if (virDomainObjListLoadAllConfigs(lxc_driver->domains,
                                        cfg->stateDir,
@@ -1696,6 +1701,10 @@ static int lxcStateCleanup(void)
     virObjectUnref(lxc_driver->caps);
     virObjectUnref(lxc_driver->securityManager);
     virObjectUnref(lxc_driver->xmlopt);
+
+    if (lxc_driver->lockFD != -1)
+        virPidFileRelease(lxc_driver->config->stateDir, "driver", lxc_driver->lockFD);
+
     virObjectUnref(lxc_driver->config);
     virMutexDestroy(&lxc_driver->lock);
     VIR_FREE(lxc_driver);