proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-07-10 00:56:33 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
177f2cd2c2
mirror_lxc/hooks/mountcgroups
S.Çağlar Onur fa7fced878 make mountcgroups hook to lxc.include aware (v2) 
[resending the patch from correct branch]

commit 09ad624693 introduced lxc.include option
to include other config files. This patch uses it in mountcgroups hook otherwise
lxc-start fails with following error message for the nested containers;

root@oOo:/var/lib/lxc/raring# lxc-start -l debug -o l -n raring -d
lxc-start: command get_cgroup failed to receive response

Signed-off-by: S.Çağlar Onur <caglar@10ur.org>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2013-12-16 08:44:32 -06:00

70 lines
2.4 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# (C) Copyright Canonical 2011,2012
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
# You should have received a copy of the GNU Lesser General Public
# License along with this library; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
#
# This is an example hook to mount all mounted cgroups in the
# container. Only the container's own cgroup (not parents) will be
# accessible to the container. You can enable this by adding
# lxc.hook.mount = /usr/share/lxc/hooks/mountcgroups
# to your container's configuration file.
set -e
c=$1
configfile=$LXC_CONFIG_FILE
d=/sys/fs/cgroup
d2=$LXC_ROOTFS_MOUNT/${d}
# name lxc hook lxcpath
lxcpath=$4
if [ ! -d "$d" ]; then
exit 0
fi
mount -n -t tmpfs tmpfs ${d2}
do_devices_setup() {
local devdir="$1"
local c="$2"
local line
local w # which (allow or deny)
local v # value
# lxc.include provides common configuration options
local commonconfigfile=$(egrep "^lxc.include[ \t]*=" ${configfile} | awk -F= '{ print $2 }')
cat ${configfile} ${commonconfigfile} | egrep "^lxc.cgroup.devices.(allow|deny)[ \t]*=" | while read line; do
w=`echo $line | awk -F. '{ print $4 }' | awk '{ print $1 }'`
v=`echo $line | awk -F= '{ print $2 }'`
echo "$v" >> "$devdir"/devices.$w
done
}
# XXX TODO - we'll need to account for other cgroup groups beside 'lxc',
# i.e. 'build' or 'users/joe'.
for dir in `/bin/ls $d`; do
if [ "$dir" = "devices" ]; then
devicesdir="${d}/${dir}/lxc/${c}"
mkdir -p "$devicesdir"
# set the devices cgroup perms now - we can't change from blacklist to
# whitelist, or add perms, once we have children.
do_devices_setup "$devicesdir" "${c}"
fi
mkdir -p "${d}/${dir}/lxc/${c}/${c}.real"
echo 1 > "${d}/${dir}/lxc/${c}/${c}.real/tasks"
mkdir -p ${d2}/${dir}
mount -n --bind "${d}/${dir}/lxc/${c}/${c}.real" "${d2}/${dir}"
done
Reference in New Issue View Git Blame Copy Permalink