'virsh lxc-enter-namespace' does not have a way to reflect exit
status to the caller in single-command mode, but we might as well
at least report the exit status. Prior to this patch,
$ virsh -c lxc:/// lxc-enter-namespace shell /bin/sh 'exit 3'; echo $?
1
now it gives some details:
$ virsh -c lxc:/// lxc-enter-namespace shell /bin/sh -c 'exit 3'; echo $?
error: internal error: Child process (31557) unexpected exit status 3
1
Also useful:
$ virsh -c lxc:/// lxc-enter-namespace shell /bin/sh -c 'kill $$'; echo $?
error: internal error: Child process (31585) unexpected fatal signal 15
1
* tools/virsh-domain.c (cmdLxcEnterNamespace): Avoid magic numbers.
Dispatch any error.
* tools/virsh.pod: Document that non-zero exit status is collapsed.
Signed-off-by: Eric Blake <eblake@xxxxxxxxxx>
---
tools/virsh-domain.c | 21 ++++++++++++---------
tools/virsh.pod | 5 +++--
2 files changed, 15 insertions(+), 11 deletions(-)
diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c
index 4400d18..f9d85c3 100644
--- a/tools/virsh-domain.c
+++ b/tools/virsh-domain.c
@@ -8204,12 +8204,14 @@ cmdLxcEnterNamespace(vshControl *ctl, const vshCmd *cmd)
if ((pid = virFork()) < 0)
goto cleanup;
if (pid == 0) {
+ int status;
+
if (setlabel &&
virDomainLxcEnterSecurityLabel(secmodel,
seclabel,
NULL,
0) < 0)
- _exit(255);
+ _exit(EXIT_CANCELED);
if (virDomainLxcEnterNamespace(dom,
nfdlist,
@@ -8217,27 +8219,28 @@ cmdLxcEnterNamespace(vshControl *ctl, const vshCmd *cmd)
NULL,
NULL,
0) < 0)
- _exit(255);
+ _exit(EXIT_CANCELED);
/* Fork a second time because entering the
* pid namespace only takes effect after fork
*/
if ((pid = virFork()) < 0)
- _exit(255);
+ _exit(EXIT_CANCELED);
if (pid == 0) {
execv(cmdargv[0], cmdargv);
- _exit(255);
- } else {
- if (virProcessWait(pid, NULL, false) < 0)
- _exit(255);
+ _exit(errno == ENOENT ? EXIT_ENOENT : EXIT_CANNOT_INVOKE);
}
- _exit(0);
+ if (virProcessWait(pid, &status, true) < 0)
+ _exit(EXIT_CANNOT_INVOKE);
+ virProcessExitWithStatus(status);
} else {
for (i = 0; i < nfdlist; i++)
VIR_FORCE_CLOSE(fdlist[i]);
VIR_FREE(fdlist);
- if (virProcessWait(pid, NULL, false) < 0)
+ if (virProcessWait(pid, NULL, false) < 0) {
+ vshReportError(ctl);
goto cleanup;
+ }
}
ret = true;
diff --git a/tools/virsh.pod b/tools/virsh.pod
index f221475..49e1f63 100644
--- a/tools/virsh.pod
+++ b/tools/virsh.pod
@@ -3332,7 +3332,8 @@ Enter the namespace of I<domain> and execute the command C</path/to/binary>
passing the requested args. The binary path is relative to the container
root filesystem, not the host root filesystem. The binary will inherit the
environment variables / console visible to virsh. This command only works
-when connected to the LXC hypervisor driver.
+when connected to the LXC hypervisor driver. This command succeeds only
+if C</path/to/binary> has 0 exit status.
=back
@@ -3447,7 +3448,7 @@ Alternatively report bugs to your software distributor / vendor.
=head1 COPYRIGHT
-Copyright (C) 2005, 2007-2010 Red Hat, Inc., and the authors listed in the
+Copyright (C) 2005, 2007-2014 Red Hat, Inc., and the authors listed in the
libvirt AUTHORS file.
=head1 LICENSE
--
1.8.5.3
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list