mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-09-13 11:15:08 +00:00
cope with kernels where CLONE_NEWUSER is not supported
* src/lxc_container.c src/lxc_container.h: cope with kernels where CLONE_NEWUSER is not supported, patch by Serge Hallyn daniel
This commit is contained in:
parent
a4b1c0977a
commit
bfc48afa14
@ -1,3 +1,8 @@
|
|||||||
|
Mon Apr 20 14:25:41 CEST 2009 Daniel Veillard <veillard@redhat.com>
|
||||||
|
|
||||||
|
* src/lxc_container.c src/lxc_container.h: cope with kernels
|
||||||
|
where CLONE_NEWUSER is not supported, patch by Serge Hallyn
|
||||||
|
|
||||||
Mon Apr 20 12:54:02 GMT 2009 Mark McLoughlin <markmc@redhat.com>
|
Mon Apr 20 12:54:02 GMT 2009 Mark McLoughlin <markmc@redhat.com>
|
||||||
|
|
||||||
* docs/virsh.pod, virsh.1: fix typo reported by Robert P. J. Day
|
* docs/virsh.pod, virsh.1: fix typo reported by Robert P. J. Day
|
||||||
|
@ -277,7 +277,7 @@ static int lxcContainerChildMountSort(const void *a, const void *b)
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifndef MS_SLAVE
|
#ifndef MS_SLAVE
|
||||||
#define MS_SLAVE (1<<19)
|
#define MS_SLAVE (1<<19)
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
static int lxcContainerPivotRoot(virDomainFSDefPtr root)
|
static int lxcContainerPivotRoot(virDomainFSDefPtr root)
|
||||||
@ -666,6 +666,11 @@ static int lxcContainerChild( void *data )
|
|||||||
return lxcContainerExecInit(vmDef);
|
return lxcContainerExecInit(vmDef);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static int userns_supported(void)
|
||||||
|
{
|
||||||
|
return lxcContainerAvailable(LXC_CONTAINER_FEATURE_USER) == 0;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* lxcContainerStart:
|
* lxcContainerStart:
|
||||||
* @driver: pointer to driver structure
|
* @driver: pointer to driver structure
|
||||||
@ -694,7 +699,10 @@ int lxcContainerStart(virDomainDefPtr def,
|
|||||||
}
|
}
|
||||||
stacktop = stack + stacksize;
|
stacktop = stack + stacksize;
|
||||||
|
|
||||||
flags = CLONE_NEWPID|CLONE_NEWNS|CLONE_NEWUTS|CLONE_NEWUSER|CLONE_NEWIPC|SIGCHLD;
|
flags = CLONE_NEWPID|CLONE_NEWNS|CLONE_NEWUTS|CLONE_NEWIPC|SIGCHLD;
|
||||||
|
|
||||||
|
if (userns_supported())
|
||||||
|
flags |= CLONE_NEWUSER;
|
||||||
|
|
||||||
if (def->nets != NULL)
|
if (def->nets != NULL)
|
||||||
flags |= CLONE_NEWNET;
|
flags |= CLONE_NEWNET;
|
||||||
@ -719,13 +727,16 @@ static int lxcContainerDummyChild(void *argv ATTRIBUTE_UNUSED)
|
|||||||
|
|
||||||
int lxcContainerAvailable(int features)
|
int lxcContainerAvailable(int features)
|
||||||
{
|
{
|
||||||
int flags = CLONE_NEWPID|CLONE_NEWNS|CLONE_NEWUTS|CLONE_NEWUSER|
|
int flags = CLONE_NEWPID|CLONE_NEWNS|CLONE_NEWUTS|
|
||||||
CLONE_NEWIPC|SIGCHLD;
|
CLONE_NEWIPC|SIGCHLD;
|
||||||
int cpid;
|
int cpid;
|
||||||
char *childStack;
|
char *childStack;
|
||||||
char *stack;
|
char *stack;
|
||||||
int childStatus;
|
int childStatus;
|
||||||
|
|
||||||
|
if (features & LXC_CONTAINER_FEATURE_USER)
|
||||||
|
flags |= CLONE_NEWUSER;
|
||||||
|
|
||||||
if (features & LXC_CONTAINER_FEATURE_NET)
|
if (features & LXC_CONTAINER_FEATURE_NET)
|
||||||
flags |= CLONE_NEWNET;
|
flags |= CLONE_NEWNET;
|
||||||
|
|
||||||
|
@ -28,6 +28,7 @@
|
|||||||
|
|
||||||
enum {
|
enum {
|
||||||
LXC_CONTAINER_FEATURE_NET = (1 << 0),
|
LXC_CONTAINER_FEATURE_NET = (1 << 0),
|
||||||
|
LXC_CONTAINER_FEATURE_USER = (1 << 1),
|
||||||
};
|
};
|
||||||
|
|
||||||
#define LXC_DEV_MAJ_MEMORY 1
|
#define LXC_DEV_MAJ_MEMORY 1
|
||||||
|
Loading…
Reference in New Issue
Block a user