libvirt/src/lxc
Michal Privoznik 1051c23b51 lxc: Let the driver detect CGroups earlier
This is the bug I'm facing. I deliberately configured a container
so that the source of a <filesystem/> to passthrough doesn't
exist. The start fails with:

  lxcContainerPivotRoot:669 : Failed to create /non-existent/path/.oldroot: Permission denied

which is expected. But what is NOT expected is that CGroup
hierarchy is left behind. This is because the controller sets up
the CGroup hierarchy, user namespace, moves interfaces, etc. and
finally checks whether container setup (done in a separate
process) succeeded. Only after all this the error is propagated
to the LXC driver. The driver aborts the startup and tries to
perform the cleanup, but this is missing CGroups because those
weren't detected yet.

Ideally, whenever a function fails, it tries to unroll back so
that is has no artifacts left behind (look at all those frees/FD
closes/etc. at end of functions). But with CGroups it is
different - the controller process can't clean up after itself,
because it is still running inside that CGroup.

Therefore, what we have to do is to let the driver detect CGroups
as soon as they are created, and proceed with controller
execution only after that.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2021-04-22 14:10:47 +02:00
..
libvirtd_lxc.aug src: fix word spell typos 2020-07-09 10:01:41 +02:00
lxc_cgroup.c Replace AbsPath judgement method with g_path_is_absolute() 2021-04-21 10:02:09 +02:00
lxc_cgroup.h lib: Drop internal virXXXPtr typedefs 2021-04-13 17:00:38 +02:00
lxc_conf.c lib: Drop internal virXXXPtr typedefs 2021-04-13 17:00:38 +02:00
lxc_conf.h lib: Drop internal virXXXPtr typedefs 2021-04-13 17:00:38 +02:00
lxc_container.c lib: Drop internal virXXXPtr typedefs 2021-04-13 17:00:38 +02:00
lxc_container.h lib: Drop internal virXXXPtr typedefs 2021-04-13 17:00:38 +02:00
lxc_controller.c lxc: Let the driver detect CGroups earlier 2021-04-22 14:10:47 +02:00
lxc_domain.c lib: Drop internal virXXXPtr typedefs 2021-04-13 17:00:38 +02:00
lxc_domain.h lib: Drop internal virXXXPtr typedefs 2021-04-13 17:00:38 +02:00
lxc_driver.c lib: Drop internal virXXXPtr typedefs 2021-04-13 17:00:38 +02:00
lxc_driver.h src/lxc: use #pragma once in headers 2019-06-19 17:12:30 +02:00
lxc_fuse.c lib: Drop internal virXXXPtr typedefs 2021-04-13 17:00:38 +02:00
lxc_fuse.h lib: Drop internal virXXXPtr typedefs 2021-04-13 17:00:38 +02:00
lxc_hostdev.c lib: Drop internal virXXXPtr typedefs 2021-04-13 17:00:38 +02:00
lxc_hostdev.h lib: Drop internal virXXXPtr typedefs 2021-04-13 17:00:38 +02:00
lxc_monitor_protocol.x
lxc_monitor.c lib: Drop internal virXXXPtr typedefs 2021-04-13 17:00:38 +02:00
lxc_monitor.h lib: Drop internal virXXXPtr typedefs 2021-04-13 17:00:38 +02:00
lxc_native.c Replace AbsPath judgement method with g_path_is_absolute() 2021-04-21 10:02:09 +02:00
lxc_native.h lib: Drop internal virXXXPtr typedefs 2021-04-13 17:00:38 +02:00
lxc_process.c lxc: Let the driver detect CGroups earlier 2021-04-22 14:10:47 +02:00
lxc_process.h lib: Drop internal virXXXPtr typedefs 2021-04-13 17:00:38 +02:00
lxc.conf
meson.build build: Remove unused 'conflicts' key from virt_daemon_unit 2021-02-10 09:30:41 -07:00
test_libvirtd_lxc.aug.in build: use @CONFIG@ instead of ::CONFIG:: in augeas tests 2019-08-09 14:06:31 +01:00
virtlxcd.init.in configure: Provide OpenRC scripts for sub-daemons 2019-12-16 10:11:22 +01:00
virtlxcd.service.in systemd: Move timeout from service files to sysconf files 2020-04-03 11:50:50 +02:00
virtlxcd.sysconf systemd: Move timeout from service files to sysconf files 2020-04-03 11:50:50 +02:00