On Wed, Apr 15, 2009 at 01:55:18PM -0500, Serge E. Hallyn wrote:
> ...
> > Index: src/lxc_container.c
> > ===================================================================
> ...
>
> This all looks good, though I haven't tested it yet.
>
> > + /*
> > + * If doing a chroot style setup, we need to prepare
> > + * a private /dev/pts for the child now, which they
> > + * will later move into position.
> > + *
> > + * This is complex because 'virsh console' needs to
> > + * use /dev/pts from the host OS, and the guest OS
> > + * needs to use /dev/pts from the guest.
> > + *
> > + * This means that we (libvirt_lxc) need to see and
> > + * use both /dev/pts instances. We're running in the
> > + * host OS context though and don't want to expose
> > + * the guest OS /dev/pts there.
> > + *
> > + * Thus we call unshare(CLONE_NS) so that we can see
> > + * the guest's new /dev/pts, without it becoming
> > + * visible to the host OS.
> > + */
>
> Calling unshare(CLONE_NEWNS) will not prevent the host OS from
> seeing the new /dev/pts if / was MS_SHARED. That isn't taken
> care of anywhere else for this process's namespace, is it?
Yeah, so this is the place where I think we must still have a difference
in our host setups. I'm testing this patch on a Fedora 11 host, and with
my current code, the new /dev/pts is not visible in the host.
So I can only assume this means my host / is *not* MS_SHARED, while
yours is. I'm struggling to find out why this is different because
I'm testing on an Fedora 11 up2date system.
Anyway, would it be sufficiently to add in a call
if (mount("", "/", NULL, MS_PRIVATE|MS_REC, NULL) < 0) {
virReportSystemError(NULL, errno, "%s",
_("failed to make root private"));
goto cleanup;
}
Just after the 'unshare' call, to make sure our / is private before
we setup the new /dev/pts
> I assume the reason you want the new devpts not visible in the
> host OS is so that it will be auto-umounted when the container is
> released?
Yes, that's the primary reason, although I also just don't want anything
accessing the container's PTYs directly from the host. I wanted them to
remain a hidden impl detail, used only by the libvirt controller process.
So its preferrable that this new dev/pts instance is not visible in the
host (at least not easily).
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
--
Libvir-list mailing list
Libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list