[PATCH 1/7] LXC: Setup disks for container on host side

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Since mknod in container is forbidden, we should setup disks
on host side.

Signed-off-by: Gao feng <gaofeng@xxxxxxxxxxxxxx>
---
 src/lxc/lxc_container.c  | 98 ------------------------------------------------
 src/lxc/lxc_controller.c | 94 ++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 94 insertions(+), 98 deletions(-)

diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index fcd9b74..caad02b 100644
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -1367,100 +1367,6 @@ static int lxcContainerMountAllFS(virDomainDefPtr vmDef,
 }
 
 
-static int lxcContainerSetupDisk(virDomainDefPtr vmDef,
-                                 virDomainDiskDefPtr def,
-                                 virSecurityManagerPtr securityDriver)
-{
-    char *src = NULL;
-    char *dst = NULL;
-    int ret = -1;
-    struct stat sb;
-    mode_t mode;
-    char *tmpsrc = def->src;
-
-    if (def->type != VIR_DOMAIN_DISK_TYPE_BLOCK) {
-        virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
-                       _("Can't setup disk for non-block device"));
-        goto cleanup;
-    }
-    if (def->src == NULL) {
-        virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
-                       _("Can't setup disk without media"));
-        goto cleanup;
-    }
-
-    if (virAsprintf(&src, "/.oldroot/%s", def->src) < 0)
-        goto cleanup;
-
-    if (virAsprintf(&dst, "/dev/%s", def->dst) < 0)
-        goto cleanup;
-
-    if (stat(src, &sb) < 0) {
-        virReportSystemError(errno,
-                             _("Unable to access %s"), def->src);
-        goto cleanup;
-    }
-
-    if (!S_ISCHR(sb.st_mode) && !S_ISBLK(sb.st_mode)) {
-        virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
-                       _("Disk source %s must be a character/block device"),
-                       def->src);
-        goto cleanup;
-    }
-
-    mode = 0700;
-    if (S_ISCHR(sb.st_mode))
-        mode |= S_IFCHR;
-    else
-        mode |= S_IFBLK;
-
-    /* Yes, the device name we're creating may not
-     * actually correspond to the major:minor number
-     * we're using, but we've no other option at this
-     * time. Just have to hope that containerized apps
-     * don't get upset that the major:minor is different
-     * to that normally implied by the device name
-     */
-    VIR_DEBUG("Creating dev %s (%d,%d) from %s",
-              dst, major(sb.st_rdev), minor(sb.st_rdev), src);
-    if (mknod(dst, mode, sb.st_rdev) < 0) {
-        virReportSystemError(errno,
-                             _("Unable to create device %s"),
-                             dst);
-        goto cleanup;
-    }
-    /* Labelling normally operates on src, but we need
-     * to actally label the dst here, so hack the config */
-    def->src = dst;
-    if (virSecurityManagerSetImageLabel(securityDriver, vmDef, def) < 0)
-        goto cleanup;
-
-    ret = 0;
-
-cleanup:
-    def->src = tmpsrc;
-    VIR_FREE(src);
-    VIR_FREE(dst);
-    return ret;
-}
-
-static int lxcContainerSetupAllDisks(virDomainDefPtr vmDef,
-                                     virSecurityManagerPtr securityDriver)
-{
-    size_t i;
-    VIR_DEBUG("Setting up disks");
-
-    for (i = 0; i < vmDef->ndisks; i++) {
-        if (lxcContainerSetupDisk(vmDef, vmDef->disks[i],
-                                  securityDriver) < 0)
-            return -1;
-    }
-
-    VIR_DEBUG("Setup all disks");
-    return 0;
-}
-
-
 static int lxcContainerSetupHostdevSubsysUSB(virDomainDefPtr vmDef,
                                              virDomainHostdevDefPtr def,
                                              virSecurityManagerPtr securityDriver)
@@ -1837,10 +1743,6 @@ static int lxcContainerSetupPivotRoot(virDomainDefPtr vmDef,
     if (lxcContainerMountAllFS(vmDef, sec_mount_options) < 0)
         goto cleanup;
 
-    /* Sets up any extra disks from guest config */
-    if (lxcContainerSetupAllDisks(vmDef, securityDriver) < 0)
-        goto cleanup;
-
     /* Sets up any extra host devices from guest config */
     if (lxcContainerSetupAllHostdevs(vmDef, securityDriver) < 0)
         goto cleanup;
diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
index 3f3d93b..e9d2848 100644
--- a/src/lxc/lxc_controller.c
+++ b/src/lxc/lxc_controller.c
@@ -1309,6 +1309,97 @@ cleanup:
 }
 
 
+static int virLXCControllerSetupDisk(virLXCControllerPtr ctrl,
+                                     virDomainDiskDefPtr def,
+                                     virSecurityManagerPtr securityDriver)
+{
+    char *dst = NULL;
+    int ret = -1;
+    struct stat sb;
+    mode_t mode;
+    char *tmpsrc = def->src;
+
+    if (def->type != VIR_DOMAIN_DISK_TYPE_BLOCK) {
+        virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                       _("Can't setup disk for non-block device"));
+        goto cleanup;
+    }
+    if (def->src == NULL) {
+        virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                       _("Can't setup disk without media"));
+        goto cleanup;
+    }
+
+    if (virAsprintf(&dst, "/%s/%s.dev/%s",
+                    LXC_STATE_DIR, ctrl->def->name, def->dst) < 0)
+        goto cleanup;
+
+    if (stat(def->src, &sb) < 0) {
+        virReportSystemError(errno,
+                             _("Unable to access %s"), def->src);
+        goto cleanup;
+    }
+
+    if (!S_ISCHR(sb.st_mode) && !S_ISBLK(sb.st_mode)) {
+        virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                       _("Disk source %s must be a character/block device"),
+                       def->src);
+        goto cleanup;
+    }
+
+    mode = 0700;
+    if (S_ISCHR(sb.st_mode))
+        mode |= S_IFCHR;
+    else
+        mode |= S_IFBLK;
+
+    /* Yes, the device name we're creating may not
+     * actually correspond to the major:minor number
+     * we're using, but we've no other option at this
+     * time. Just have to hope that containerized apps
+     * don't get upset that the major:minor is different
+     * to that normally implied by the device name
+     */
+    VIR_DEBUG("Creating dev %s (%d,%d) from %s",
+              dst, major(sb.st_rdev), minor(sb.st_rdev), def->src);
+    if (mknod(dst, mode, sb.st_rdev) < 0) {
+        virReportSystemError(errno,
+                             _("Unable to create device %s"),
+                             dst);
+        goto cleanup;
+    }
+
+    /* Labelling normally operates on src, but we need
+     * to actally label the dst here, so hack the config */
+    def->src = dst;
+    if (virSecurityManagerSetImageLabel(securityDriver, ctrl->def, def) < 0)
+        goto cleanup;
+
+    ret = 0;
+
+cleanup:
+    def->src = tmpsrc;
+    VIR_FREE(dst);
+    return ret;
+}
+
+static int virLXCControllerSetupAllDisks(virLXCControllerPtr ctrl)
+{
+    size_t i;
+    VIR_DEBUG("Setting up disks");
+
+    for (i = 0; i < ctrl->def->ndisks; i++) {
+        if (virLXCControllerSetupDisk(ctrl, ctrl->def->disks[i],
+                                      ctrl->securityManager) < 0)
+            return -1;
+    }
+
+    VIR_DEBUG("Setup all disks");
+    return 0;
+}
+
+
+
 /**
  * virLXCControllerMoveInterfaces
  * @nveths: number of interfaces
@@ -1724,6 +1815,9 @@ virLXCControllerRun(virLXCControllerPtr ctrl)
     if (virLXCControllerPopulateDevices(ctrl) < 0)
         goto cleanup;
 
+    if (virLXCControllerSetupAllDisks(ctrl) < 0)
+        goto cleanup;
+
     if (virLXCControllerSetupFuse(ctrl) < 0)
         goto cleanup;
 
-- 
1.8.3.1

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux