On Thu, Jul 21, 2016 at 03:37:24PM +0000, Katerina Koukiou wrote:
> This patch forces container's init process, to become a session leader,
> that is its session ID is made the same as its process ID.
> That might seem unnecessary in general, but if we want to checkpoint a
> container with CRIU, which is needed for container migration,
> we must ensure that the SID of each process inside the container points
> to a process that lives in the same PID namespace as the container.
> Therefore, we force that the session leader is the init.
>
> Signed-off-by: Katerina Koukiou <k.koukiou@xxxxxxxxx>
> ---
> src/lxc/lxc_container.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
> diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
> index 916a37b..b857431 100644
> --- a/src/lxc/lxc_container.c
> +++ b/src/lxc/lxc_container.c
> @@ -2245,6 +2245,14 @@ static int lxcContainerChild(void *data)
> argv->npassFDs, argv->passFDs) < 0)
> goto cleanup;
>
> + /* Make init process of the container the leader of the new session.
> + * That is needed when checkpointing container.
> + */
> + if (setsid() < 0) {
> + virReportSystemError(errno, "%s",
> + _("Unable to become session leader"));
> + }
Needs a goto cleanup, otherwise the error code gets set to 0
> +
> ret = 0;
> cleanup:
> VIR_FREE(ttyPath);
This is a clear bugfix we need even ignoring CRIU reqiurements, so I've
pushed this with the fix mentioned. For example, it fixes running of
a shell as pid 1 which previously reported
sh: cannot set terminal process group (-1): Inappropriate ioctl for device
sh: no job control in this shell
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list