[Devel] [PATCH] scripts: vz-rst-action -- Restore certain members before creating namespaces

[Cyrill Gorcunov]

When restoring tasks we call clone() and unshare() with flags needed
but some of VE settings such as @iptables_mask affects how create
proceed new namespace. Thus we need to restore this member at the
very early pre-restore stage. I put @features here as well, for
example sitX net_init action depends on it.

Signed-off-by: Cyrill Gorcunov <gorcunov at openvz.org>
---
Igor, don't apply it please until explicit Ack from CC'ed list.

 scripts/vz-rst-action.in | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/scripts/vz-rst-action.in b/scripts/vz-rst-action.in
index 4e408f2..f0b6aca 100755
--- a/scripts/vz-rst-action.in
+++ b/scripts/vz-rst-action.in
@@ -68,6 +68,12 @@ fi
 
 set -e
 case "$CRTOOLS_SCRIPT_ACTION" in
+"pre-restore")
+	if [ -n "$VEID" ]; then
+		[ -n "$VE_IPTABLES_MASK" ] && cgset -r ve.iptables_mask="$VE_IPTABLES_MASK" $VEID
+		[ -n "$VE_FEATURES" ] && cgset -r ve.features="$VE_FEATURES" $VEID
+	fi
+	;;
 "setup-namespaces")
 	pid=$(cat $VE_PIDFILE)
 	ln -s /proc/$pid/ns/net $VE_NETNS_FILE
@@ -75,8 +81,6 @@ case "$CRTOOLS_SCRIPT_ACTION" in
 	if [ -n "$VEID" ]; then
 		[ -n "$VE_CLOCK_BOOTBASED" ] && cgset -r ve.clock_bootbased="$VE_CLOCK_BOOTBASED" $VEID
 		[ -n "$VE_CLOCK_MONOTONIC" ] && cgset -r ve.clock_monotonic="$VE_CLOCK_MONOTONIC" $VEID
-		[ -n "$VE_IPTABLES_MASK" ] && cgset -r ve.iptables_mask="$VE_IPTABLES_MASK" $VEID
-		[ -n "$VE_FEATURES" ] && cgset -r ve.features="$VE_FEATURES" $VEID
 		[ -n "$VE_AIO_MAX_NR" ] && cgset -r ve.aio_max_nr="$VE_AIO_MAX_NR" $VEID
 		cgset -r ve.state="START $pid" $VEID || { echo "Failed to start $VEID"; exit 1; }
 	fi
-- 
2.5.5