[Devel] [RFC rh7 v2] ve/tty: vt -- Implement per VE support for virtual consoles
Cyrill Gorcunov
gorcunov at virtuozzo.com
Thu Jul 30 07:51:19 PDT 2015
On Thu, Jul 30, 2015 at 05:28:48PM +0300, Vladimir Davydov wrote:
> >
> > - scan node's /proc/tty/drivers and find the numbers for
> > "vzt_slave" driver, for example
> >
> > | [root at pcs7 ~]# cat /proc/tty/drivers
> > | ...
> > | vzt_slave /dev/vzts 252 0-11 console
> > | vzt_master /dev/vztm 253 0-11 console
> > | ...
>
> How is vzctl supposed to find which vztm corresponds to which VE?
The distinguishing between VEs is happening on "opener" context,
ie join to VE cgroup, and open /dev/vztm1 the kernel calls
for get_exec_env and allocates appropriate vzt pair.
> > - add major:minor pairs into allowed devices, for example
> >
> > | echo 'c 253:* rwm' > /sys/fs/cgroup/devices/$ctid/devices.allow
> >
> > Once the bullets above is done the userspace utility may
> > open up slave peer and read/write data to/from. Note the
> > slave may be opened if only if a master peer been previously
> > opened.
>
> I.e. our VNC viewer (or whatever it is using /dev/console), needs to
> mknod somewhere c 252 0 and then read/write it?
Yes, something like that. /dev/console is always mapped to /dev/vzvtm0,
and "reader" may access it via slave peer /dev/vzvts0. On container
startup vzctl simply should allow these devices in security cgroup.
Cyrill
More information about the Devel
mailing list