On Fri, Jul 27, 2012 at 10:18:48AM +0200, Jiri Denemark wrote: > On Tue, Jul 24, 2012 at 14:22:53 +0100, Daniel P. Berrange wrote: > > +static int > > +virLXCProcessReboot(virLXCDriverPtr driver, > > + virDomainObjPtr vm) > > +{ > > + virConnectPtr conn = virLXCProcessAutoDestroyGetConn(driver, vm); > > + int reason = vm->state.reason; > > + bool autodestroy = false; > > + int ret = -1; > > + virDomainDefPtr savedDef; > > + > > + if (conn) { > > + virConnectRef(conn); > > + autodestroy = true; > > + } else { > > + conn = virConnectOpen("lxc:///"); > > + /* Ignoring NULL conn which is mostly harmless here */ > > So why do we even try to connect here? This is basically the same logic we use in the autostart codepath. We need the connection available, if the container has any network interfaces to be configured with type=network. I think we should probably change autostart in all drivers to treat this as fatal though. For now I think this is OK until we do a global cleanup of this pattern. > > @@ -496,19 +571,38 @@ static void virLXCProcessMonitorEOFNotify(virLXCMonitorPtr mon ATTRIBUTE_UNUSED, > > { > > virLXCDriverPtr driver = lxc_driver; > > virDomainEventPtr event = NULL; > > + virLXCDomainObjPrivatePtr priv; > > > > lxcDriverLock(driver); > > virDomainObjLock(vm); > > lxcDriverUnlock(driver); > > > > - virLXCProcessStop(driver, vm, VIR_DOMAIN_SHUTOFF_SHUTDOWN); > > - event = virDomainEventNewFromObj(vm, > > - VIR_DOMAIN_EVENT_STOPPED, > > - VIR_DOMAIN_EVENT_STOPPED_SHUTDOWN); > > - virDomainAuditStop(vm, "shutdown"); > > - if (!vm->persistent) { > > - virDomainRemoveInactive(&driver->domains, vm); > > - vm = NULL; > > + priv = vm->privateData; > > + if (!priv->wantReboot) { > > + virLXCProcessStop(driver, vm, VIR_DOMAIN_SHUTOFF_SHUTDOWN); > > + event = virDomainEventNewFromObj(vm, > > + VIR_DOMAIN_EVENT_STOPPED, > > + VIR_DOMAIN_EVENT_STOPPED_SHUTDOWN); > > + virDomainAuditStop(vm, "shutdown"); > > + if (!vm->persistent) { > > + virDomainRemoveInactive(&driver->domains, vm); > > + vm = NULL; > > + } > > + } else { > > + int ret =virLXCProcessReboot(driver, vm); > > s/=/= / > > > + virDomainAuditStop(vm, "reboot"); > > Should we audit stopped domain before calling virLXCProcessReboot? The audit logs describe what has already happened, as opposed to what is going to happen. If virLXCProcessReboot SEGV'd for some reason, we'd get a bogus audit entry that the container had been stopped, when in fact it was still running. Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list