mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-01-11 15:27:47 +00:00
nwfilter: acquire a pidfile in the driver root directory
When we allow multiple instances of the driver for the same user account, using a separate root directory, we need to ensure mutual exclusion. Use a pidfile to guarantee this. In privileged libvirtd this ends up locking /var/run/libvirt/nwfilter/driver.pid In unprivileged libvirtd this ends up locking /run/user/$UID/libvirt/nwfilter/run/driver.pid NB, the latter can vary depending on $XDG_RUNTIME_DIR Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
parent
09d37f9d65
commit
6fc378c10e
@ -36,10 +36,14 @@ struct _virNWFilterDriverState {
|
|||||||
virMutex lock;
|
virMutex lock;
|
||||||
bool privileged;
|
bool privileged;
|
||||||
|
|
||||||
|
/* pid file FD, ensures two copies of the driver can't use the same root */
|
||||||
|
int lockFD;
|
||||||
|
|
||||||
virNWFilterObjListPtr nwfilters;
|
virNWFilterObjListPtr nwfilters;
|
||||||
|
|
||||||
virNWFilterBindingObjListPtr bindings;
|
virNWFilterBindingObjListPtr bindings;
|
||||||
|
|
||||||
|
char *stateDir;
|
||||||
char *configDir;
|
char *configDir;
|
||||||
char *bindingDir;
|
char *bindingDir;
|
||||||
};
|
};
|
||||||
|
@ -38,6 +38,7 @@
|
|||||||
#include "nwfilter_gentech_driver.h"
|
#include "nwfilter_gentech_driver.h"
|
||||||
#include "configmake.h"
|
#include "configmake.h"
|
||||||
#include "virfile.h"
|
#include "virfile.h"
|
||||||
|
#include "virpidfile.h"
|
||||||
#include "virstring.h"
|
#include "virstring.h"
|
||||||
#include "viraccessapicheck.h"
|
#include "viraccessapicheck.h"
|
||||||
|
|
||||||
@ -188,6 +189,7 @@ nwfilterStateInitialize(bool privileged,
|
|||||||
if (VIR_ALLOC(driver) < 0)
|
if (VIR_ALLOC(driver) < 0)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
|
driver->lockFD = -1;
|
||||||
if (virMutexInit(&driver->lock) < 0)
|
if (virMutexInit(&driver->lock) < 0)
|
||||||
goto err_free_driverstate;
|
goto err_free_driverstate;
|
||||||
|
|
||||||
@ -203,6 +205,19 @@ nwfilterStateInitialize(bool privileged,
|
|||||||
|
|
||||||
nwfilterDriverLock();
|
nwfilterDriverLock();
|
||||||
|
|
||||||
|
if (VIR_STRDUP(driver->stateDir, LOCALSTATEDIR "/run/libvirt/nwfilter") < 0)
|
||||||
|
goto error;
|
||||||
|
|
||||||
|
if (virFileMakePathWithMode(driver->stateDir, S_IRWXU) < 0) {
|
||||||
|
virReportSystemError(errno, _("cannot create state directory '%s'"),
|
||||||
|
driver->stateDir);
|
||||||
|
goto error;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ((driver->lockFD =
|
||||||
|
virPidFileAcquire(driver->stateDir, "driver", true, getpid())) < 0)
|
||||||
|
goto error;
|
||||||
|
|
||||||
if (virNWFilterIPAddrMapInit() < 0)
|
if (virNWFilterIPAddrMapInit() < 0)
|
||||||
goto err_free_driverstate;
|
goto err_free_driverstate;
|
||||||
if (virNWFilterLearnInit() < 0)
|
if (virNWFilterLearnInit() < 0)
|
||||||
@ -346,6 +361,10 @@ nwfilterStateCleanup(void)
|
|||||||
|
|
||||||
nwfilterDriverRemoveDBusMatches();
|
nwfilterDriverRemoveDBusMatches();
|
||||||
|
|
||||||
|
if (driver->lockFD != -1)
|
||||||
|
virPidFileRelease(driver->stateDir, "driver", driver->lockFD);
|
||||||
|
|
||||||
|
VIR_FREE(driver->stateDir);
|
||||||
VIR_FREE(driver->configDir);
|
VIR_FREE(driver->configDir);
|
||||||
VIR_FREE(driver->bindingDir);
|
VIR_FREE(driver->bindingDir);
|
||||||
nwfilterDriverUnlock();
|
nwfilterDriverUnlock();
|
||||||
|
Loading…
Reference in New Issue
Block a user