[Devel] Re: [PATCH] restart: --mntns option restarts in a private mounts namespace

Mon Jan 25 21:34:20 PST 2010

Quoting Oren Laadan (orenl at cs.columbia.edu):
> When this new switch is specified, the coordinator will unshare the
> mounts namespace and restart will occur inside a private namespace.
> Without it the restarting tasks will share the current mounts
> namespace.
> 
> Signed-off-by: Oren Laadan <orenl at cs.columbia.edu>

Acked-by: Serge Hallyn <serue at us.ibm.com>

Note that CLONE_NEWNS automatically implies CLONE_FS (done in
check_unshare_flags()) so you don't need to specify it, but it
doesn't hurt anything.

thanks,
-serge

> ---
>  restart.c |   16 ++++++++++++++--
>  1 files changed, 14 insertions(+), 2 deletions(-)
> 
> diff --git a/restart.c b/restart.c
> index 9d1c1d1..f3d33de 100644
> --- a/restart.c
> +++ b/restart.c
> @@ -51,6 +51,7 @@ static char usage_str[] =
>  "  -r,--root=ROOT        restart under the directory ROOT instead of current\n"
>  "     --signal=SIG       send SIG to root task on SIGINT (default: SIGKILL\n"
>  "                        to container root, SIGINT otherwise)\n"
> +"     --mntns            restart under a private mounts namespace\n"
>  "  -w,--wait             wait for root task to termiate (default)\n"
>  "     --show-status      show exit status of root task (implies -w)\n"
>  "     --copy-status      imitate exit status of root task (implies -w)\n"
> @@ -337,6 +338,7 @@ struct args {
>  	int inspect;
>  	char *root;
>  	int wait;
> +	int mntns;
>  	int show_status;
>  	int copy_status;
>  	char *freezer;
> @@ -417,6 +419,7 @@ static void parse_args(struct args *args, int argc, char *argv[])
>  		{ "logfile",	required_argument,	NULL, 'l' },
>  		{ "logfile-fd",	required_argument,	NULL, 8 },
>  		{ "root",	required_argument,	NULL, 'r' },
> +		{ "mntns",	no_argument,		NULL, 11 },
>  		{ "wait",	no_argument,		NULL, 'w' },
>  		{ "show-status",	no_argument,	NULL, 1 },
>  		{ "copy-status",	no_argument,	NULL, 2 },
> @@ -529,6 +532,9 @@ static void parse_args(struct args *args, int argc, char *argv[])
>  		case 10:
>  			args->fail |= cond_to_mask(&opts[optind].name[5]);
>  			break;
> +		case 11:
> +			args->mntns = 1;
> +			break;
>  		default:
>  			usage(usage_str);
>  		}
> @@ -764,6 +770,12 @@ int main(int argc, char *argv[])
>  	if (args.freezer && freezer_prepare(&ctx) < 0)
>  		exit(1);
> 
> +	/* private mounts namespace ? */
> +	if (args.mntns && unshare(CLONE_NEWNS | CLONE_FS) < 0) {
> +		perror("unshare");
> +		exit(1);
> +	}
> +
>  	/* chroot ? */
>  	if (args.root && chroot(args.root) < 0) {
>  		perror("chroot");
> @@ -1011,8 +1023,8 @@ static int ckpt_coordinator_pidns(struct ckpt_ctx *ctx)
> 
>  	/*
>  	 * The coordinator report restart susccess/failure via pipe.
> -	 * (It cannot use return value, because the in the default
> -	 * --wait --copy-status case it is already used to report the
> +	 * (It cannot use return value, because in the default case
> +	 * of --wait --copy-status it is already used to report the
>  	 * root-task's return value).
>  	 */
>  	if (pipe(ctx->pipe_coord) < 0) {
> -- 
> 1.6.3.3
_______________________________________________
Containers mailing list
Containers at lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers