On Wed, Apr 27, 2016 at 01:48:00PM -0400, John Ferlan wrote:
>
>
> On 04/14/2016 11:22 AM, Daniel P. Berrange wrote:
> > Add the virDomainLxcEnterCGroup API to the libvirt-lxc.so
> > file. This method moves the calling process into the cgroups
> > associated with the container.
> >
> > Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx>
> > ---
> > include/libvirt/libvirt-lxc.h | 2 ++
> > src/libvirt-lxc.c | 47 +++++++++++++++++++++++++++++++++++++++++++
> > src/libvirt_lxc.syms | 5 +++++
> > 3 files changed, 54 insertions(+)
> >
> > diff --git a/include/libvirt/libvirt-lxc.h b/include/libvirt/libvirt-lxc.h
> > index 1901fce..0d16a5c 100644
> > --- a/include/libvirt/libvirt-lxc.h
> > +++ b/include/libvirt/libvirt-lxc.h
> > @@ -46,6 +46,8 @@ int virDomainLxcEnterSecurityLabel(virSecurityModelPtr model,
> > virSecurityLabelPtr label,
> > virSecurityLabelPtr oldlabel,
> > unsigned int flags);
> > +int virDomainLxcEnterCGroup(virDomainPtr domain,
> > + unsigned int flags);
> >
> > # ifdef __cplusplus
> > }
> > diff --git a/src/libvirt-lxc.c b/src/libvirt-lxc.c
> > index 8553570..16e08e9 100644
> > --- a/src/libvirt-lxc.c
> > +++ b/src/libvirt-lxc.c
> > @@ -36,6 +36,7 @@
> > #ifdef WITH_APPARMOR
> > # include <sys/apparmor.h>
> > #endif
> > +#include "vircgroup.h"
> >
> > #define VIR_FROM_THIS VIR_FROM_NONE
> >
> > @@ -269,3 +270,49 @@ virDomainLxcEnterSecurityLabel(virSecurityModelPtr model,
> > virDispatchError(NULL);
> > return -1;
> > }
> > +
> > +
> > +/**
> > + * virDomainLxcEnterCGroup:
> > + * @domain: a domain object
> > + * @flags: currently unused, pass 0
> > + *
> > + * This API is LXC specific, so it will only work with hypervisor
> > + * connections to the LXC driver.
> > + *
> > + * Attaches the process to the control cgroups associated
> > + * with the container @domain.
> > + *
> > + * Returns 0 on success, -1 on error
> > + */
> > +int virDomainLxcEnterCGroup(virDomainPtr domain,
> > + unsigned int flags)
> > +{
> > + virConnectPtr conn;
> > + virCgroupPtr cgroup = NULL;
> > +
> > + VIR_DOMAIN_DEBUG(domain, "flags=%x", flags);
> > +
> > + virResetLastError();
> > +
> > + virCheckDomainReturn(domain, -1);
> > + conn = domain->conn;
> > +
> > + virCheckReadOnlyGoto(conn->flags, error);
> > + virCheckFlagsGoto(0, error);
> > +
> > + if (virCgroupNewDetect(domain->id, -1, &cgroup) < 0)
>
> virCgroupNewDetect takes a pid as parameter 1
The domain->id is the pid of the libvirt_lxc process when using LXC
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list