3rd pass at virt-login-shell for joining an LXC Container

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



All comments applied except for comments below.  Also additional cleanup of 
error handling.

> You'll need to call virGetUserDirectory() before any fork(), since it
> calls code which is not async-signal safe.

The reason I did this is I needed to call it after the shell setuid, if I 
call it earlier it sees the UID=0 and gives me /root.  I added a new interface 
char *virGetUserDirectoryByUID(uid_t uid);  Since the original interface does not
take a UID.


> Hmm, looking at this again, I'm wondering you need to fork()
> at all. In virsh we do the double-fork dance, because virsh
> is an interactive shell & we don't want to affect other parts
> of virsh.

> This login shell though is different - its only job is to run
> inside the namespace. So can't the main process just enter
> the namespace directly ?

I think you still need to do the second fork to make sure the /bin/sh PID 
gets put in the container.  Otherwise you will have a process running within
the container without a local PID.

[PATCH] virt-login-shell joins users into lxc container.

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]