Quoting Daniel P. Berrange (berrange(a)redhat.com):
On Mon, Feb 27, 2012 at 01:56:48PM -0600, Serge Hallyn wrote:
> The -mm tree has Daniel Lezcano's patch changing the handling of
> sys_reboot in a non-init pidns. That means that, with that
> support, (a) it is safe to grant CAP_SYS_BOOT to a container, and
> (b) it's possible to distinguish between reboot and shutdown.
>
> I've implemented partial support of this for libvirt in the patch
> below. If Daniel's patch is not in the running kernel, then
> CAP_SYS_BOOT will be dropped for the container. Otherwise, it will
> be kept in. When the container exits, if it was determined to
> be a shutdown, the container will terminate.
>
> However, I didn't know how to properly do the reboot part.
> The patch below shows how to detect it (and sets the static bool
> wantreboot to true in that case), but I didn't know quite what to
> do with that. It looks like the code flow between lxcControllerRun
> and lxcControllerMain would need to be changed a bit so that we
> could re-run the lxcContainerStart() without causing the
> monitor.serverFD (or whichever pipe sends monitor events to
> lxc_driver.c to trigger autodestroy) to be closed.
>
> So for now I'm sending this patch, and hoping the sorcerers on this
> list can hook reboot up as well, or show the best way how.
Thanks for sending this. I've got another outstanding patch that
does quite abit of change to the controller code, so I can
likely wire up the reboot hook as part of that work.
Awesome! thanks, Daniel.
-serge