On Mon, May 20, 2013 at 06:12:19PM +0800, Gao feng wrote:
> The comments is for virLXCControllerSetupPrivateNS.
>
> Signed-off-by: Gao feng <gaofeng@xxxxxxxxxxxxxx>
> ---
> src/lxc/lxc_controller.c | 41 +++++++++++++++++++++--------------------
> 1 file changed, 21 insertions(+), 20 deletions(-)
>
> diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
> index e311f38..b3fc598 100644
> --- a/src/lxc/lxc_controller.c
> +++ b/src/lxc/lxc_controller.c
> @@ -1259,6 +1259,27 @@ virLXCControllerSetupPrivateNS(void)
> {
> int ret = -1;
>
> + /*
> + * If doing a chroot style setup, we need to prepare
> + * a private /dev/pts for the child now, which they
> + * will later move into position.
> + *
> + * This is complex because 'virsh console' needs to
> + * use /dev/pts from the host OS, and the guest OS
> + * needs to use /dev/pts from the guest.
> + *
> + * This means that we (libvirt_lxc) need to see and
> + * use both /dev/pts instances. We're running in the
> + * host OS context though and don't want to expose
> + * the guest OS /dev/pts there.
> + *
> + * Thus we call unshare(CLONE_NS) so that we can see
> + * the guest's new /dev/pts, without it becoming
> + * visible to the host OS. We also put the root FS
> + * into slave mode, just in case it was currently
> + * marked as shared
> + */
> +
> if (unshare(CLONE_NEWNS) < 0) {
> virReportSystemError(errno, "%s",
> _("Cannot unshare mount namespace"));
> @@ -1287,26 +1308,6 @@ virLXCControllerSetupDevPTS(virLXCControllerPtr ctrl)
>
> VIR_DEBUG("Setting up private /dev/pts");
>
> - /*
> - * If doing a chroot style setup, we need to prepare
> - * a private /dev/pts for the child now, which they
> - * will later move into position.
> - *
> - * This is complex because 'virsh console' needs to
> - * use /dev/pts from the host OS, and the guest OS
> - * needs to use /dev/pts from the guest.
> - *
> - * This means that we (libvirt_lxc) need to see and
> - * use both /dev/pts instances. We're running in the
> - * host OS context though and don't want to expose
> - * the guest OS /dev/pts there.
> - *
> - * Thus we call unshare(CLONE_NS) so that we can see
> - * the guest's new /dev/pts, without it becoming
> - * visible to the host OS. We also put the root FS
> - * into slave mode, just in case it was currently
> - * marked as shared
> - */
> mount_options = virSecurityManagerGetMountOptions(ctrl->securityManager,
> ctrl->def);
ACK
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list