[PATCH 3/3] Revert "lxc: Prevent shutting down the host"

"Daniel P. Berrange" <berrange@xxxxxxxxxx> · Wed, 3 Apr 2013 17:02:29 +0100

From: "Daniel P. Berrange" <berrange@xxxxxxxxxx>

This reverts commit c9c87376f2b2197ad774533ad6a6dd2f631ca105.

Now that we force all containers to have a root filesystem,
there is no way the host's /dev is ever exposed

Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx>
---
 src/lxc/lxc_driver.c | 43 ++++++++++++++++---------------------------
 1 file changed, 16 insertions(+), 27 deletions(-)

diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
index ba14db7..654ab99 100644
--- a/src/lxc/lxc_driver.c
+++ b/src/lxc/lxc_driver.c
@@ -2778,19 +2778,13 @@ lxcDomainShutdownFlags(virDomainPtr dom,
     virLXCDriverPtr driver = dom->conn->privateData;
     virLXCDomainObjPrivatePtr priv;
     virDomainObjPtr vm;
-    virDomainFSDefPtr root;
     char *vroot = NULL;
     int ret = -1;
-    int rc = 0;
-    bool methodSignal;
-    bool methodInitctl;
+    int rc;
 
     virCheckFlags(VIR_DOMAIN_SHUTDOWN_INITCTL |
                   VIR_DOMAIN_SHUTDOWN_SIGNAL, -1);
 
-    methodSignal = !!(flags & VIR_DOMAIN_SHUTDOWN_SIGNAL);
-    methodInitctl = !!(flags & VIR_DOMAIN_SHUTDOWN_INITCTL);
-
     lxcDriverLock(driver);
     vm = virDomainObjListFindByUUID(driver->domains, dom->uuid);
     lxcDriverUnlock(driver);
@@ -2804,7 +2798,6 @@ lxcDomainShutdownFlags(virDomainPtr dom,
     }
 
     priv = vm->privateData;
-    root = virDomainGetRootFilesystem(vm->def);
 
     if (!virDomainObjIsActive(vm)) {
         virReportError(VIR_ERR_OPERATION_INVALID,
@@ -2824,31 +2817,27 @@ lxcDomainShutdownFlags(virDomainPtr dom,
         goto cleanup;
     }
 
-    if (root && root->src) {
-        if (flags == 0)
-            methodSignal = methodInitctl = true;
-    } else if (methodInitctl) {
-        virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
-                       _("Cannot shutdown container using initctl "
-                         "without separated namespace"));
-        goto cleanup;
-    } else {
-        methodSignal = true;
-    }
-
-    if (methodInitctl) {
-        rc = virInitctlSetRunLevel(VIR_INITCTL_RUNLEVEL_POWEROFF, vroot);
-        if (rc < 0)
+    if (flags == 0 ||
+        (flags & VIR_DOMAIN_SHUTDOWN_INITCTL)) {
+        if ((rc = virInitctlSetRunLevel(VIR_INITCTL_RUNLEVEL_POWEROFF,
+                                        vroot)) < 0) {
             goto cleanup;
-        if (rc == 0 && !methodSignal) {
+        }
+        if (rc == 0 && flags != 0 &&
+            ((flags & ~VIR_DOMAIN_SHUTDOWN_INITCTL) == 0)) {
             virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
                            _("Container does not provide an initctl pipe"));
             goto cleanup;
         }
+    } else {
+        rc = 0;
     }
-    if (rc == 0 && methodSignal) {
-        ret = kill(priv->initpid, SIGTERM);
-        if (ret < 0 && errno != ESRCH) {
+
+    if (rc == 0 &&
+        (flags == 0 ||
+         (flags & VIR_DOMAIN_SHUTDOWN_SIGNAL))) {
+        if (kill(priv->initpid, SIGTERM) < 0 &&
+            errno != ESRCH) {
             virReportSystemError(errno,
                                  _("Unable to send SIGTERM to init pid %llu"),
                                  (unsigned long long)priv->initpid);
-- 
1.7.11.7

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list







