On 02/17/2014 09:38 AM, Daniel P. Berrange wrote: > Implement virProcessRunInMountNamespace, which runs callback of type > virProcessNamespaceCallback in a container namespace. This uses a > child process to run the callback, since you can't change the mount > namespace of a thread. This implies that callbacks have to be careful > about what code they run due to async safety rules. > > Idea by Dan Berrange, based on an initial report by Reco > <recoverym4n@xxxxxxxxx> at > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732394 > > Signed-off-by: Daniel Berrange <berrange@xxxxxxxxxx> > Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> > --- > src/libvirt_private.syms | 1 + > src/util/virprocess.c | 107 +++++++++++++++++++++++++++++++++++++++++++++++ > src/util/virprocess.h | 11 +++++ > 3 files changed, 119 insertions(+) ACK. > +++ b/src/util/virprocess.c > @@ -50,6 +50,8 @@ > #include "virlog.h" > #include "virutil.h" > #include "virstring.h" > +#include "virthread.h" Do we still need virthread.h, or is that leftover from your experiments? > + > +/* Run cb(opaque) in the mount namespace of pid. Return -1 with error > + * message raised if we fail to run the child, if the child dies from > + * a signal, or if the child has status 1; otherwise return the exit > + * status of the child. Still not quite accurate - we now require that the child has exit status 0 to succeed. But I'll clean that up when rebasing my virFork cleanups. -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list