proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-08-09 14:40:07 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #3865 from brauner/2021-06-14.listen_fds

Browse Source 
Add support for LISTEN_FDS environment variable.
This commit is contained in:
Christian Brauner 2021-06-14 13:29:20 +02:00 committed by GitHub
commit a065524e28
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 36 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/lxc/lxccontainer.h
View File

@ -223,7 +223,8 @@ struct lxc_container {
/*!
* \brief Change whether the container wishes all file descriptors
* to be closed on startup.
* to be closed on startup. The LISTEN_FDS environment variable
* can be set to keep inherited file descriptors open.
*
* \param c Container.
* \param state Value for the close_all_fds bit (0 or 1).

34
src/lxc/start.c
View File

@ -212,6 +212,31 @@ static bool match_dlog_fds(struct dirent *direntp)
}
#endif
/* Parses the LISTEN_FDS environment variable value.
* The returned value is the highest fd number up to which the
* file descriptors must be passed to the container process.
*
* For example, if LISTEN_FDS=2 then 4 is returned and file descriptors 3 and 4
* MUST be passed to the container process (in addition to the standard streams)
* to support [socket activation][systemd-listen-fds].
*/
static unsigned int get_listen_fds_max(void)
{
int ret;
unsigned int num_fds;
const char *val;
val = getenv("LISTEN_FDS");
if (!val)
return 0;
ret = lxc_safe_uint(val, &num_fds);
if (ret < 0)
return syserror_ret(0, "Failed to parse \"LISTEN_FDS=%s\" environment variable", val);
return log_trace(num_fds, "Parsed \"LISTEN_FDS=%s\" environment variable", val);
}
int lxc_check_inherited(struct lxc_conf *conf, bool closeall,
int *fds_to_ignore, size_t len_fds)
{
@ -219,10 +244,13 @@ int lxc_check_inherited(struct lxc_conf *conf, bool closeall,
size_t i;
DIR *dir;
struct dirent *direntp;
unsigned int listen_fds_max;
if (conf && conf->close_all_fds)
closeall = true;
listen_fds_max = get_listen_fds_max();
/*
* Disable syslog at this point to avoid the above logging
* function to open a new fd and make the check_inherited function
@ -289,6 +317,12 @@ restart:
continue;
#endif
if (fd <= listen_fds_max) {
INFO("Inheriting fd %d (using the LISTEN_FDS environment variable)", fd);
continue;
}
if (closeall) {
if (close(fd))
SYSINFO("Closed inherited fd %d", fd);