When we allow multiple instances of the driver for the same user account, using a separate root directory, we need to ensure mutual exclusion. Use a pidfile to guarantee this. In privileged libvirtd this ends up locking /var/run/libvirt/network/driver.pid In unprivileged libvirtd this ends up locking /run/user/$UID/libvirt/network/run/driver.pid NB, the latter can vary depending on $XDG_RUNTIME_DIR Signed-off-by: Daniel P. Berrangé <berrange@xxxxxxxxxx> --- src/network/bridge_driver.c | 10 ++++++++++ src/network/bridge_driver_platform.h | 3 +++ 2 files changed, 13 insertions(+) diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c index 19faf7d514..6292e3b90a 100644 --- a/src/network/bridge_driver.c +++ b/src/network/bridge_driver.c @@ -597,6 +597,7 @@ networkStateInitialize(bool privileged, if (VIR_ALLOC(network_driver) < 0) goto error; + network_driver->lockFD = -1; if (virMutexInit(&network_driver->lock) < 0) { VIR_FREE(network_driver); goto error; @@ -651,6 +652,11 @@ networkStateInitialize(bool privileged, goto error; } + if ((network_driver->lockFD = + virPidFileAcquire(network_driver->stateDir, "driver", + true, getpid())) < 0) + goto error; + /* if this fails now, it will be retried later with dnsmasqCapsRefresh() */ network_driver->dnsmasqCaps = dnsmasqCapsNewFromBinary(DNSMASQ); @@ -764,6 +770,10 @@ networkStateCleanup(void) /* free inactive networks */ virObjectUnref(network_driver->networks); + if (network_driver->lockFD != -1) + virPidFileRelease(network_driver->stateDir, "driver", + network_driver->lockFD); + VIR_FREE(network_driver->networkConfigDir); VIR_FREE(network_driver->networkAutostartDir); VIR_FREE(network_driver->stateDir); diff --git a/src/network/bridge_driver_platform.h b/src/network/bridge_driver_platform.h index 1efa0d2af4..95993c5e31 100644 --- a/src/network/bridge_driver_platform.h +++ b/src/network/bridge_driver_platform.h @@ -34,6 +34,9 @@ struct _virNetworkDriverState { /* Read-only */ bool privileged; + /* pid file FD, ensures two copies of the driver can't use the same root */ + int lockFD; + /* Immutable pointer, self-locking APIs */ virNetworkObjListPtr networks; -- 2.21.0 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list