Re: [libvirt] [PATCH 09/17] libvirt-lxc: add virDomainLxcEnterCGroup API

4 May 2016

On Wed, Apr 27, 2016 at 01:48:00PM -0400, John Ferlan wrote:
...
On 04/14/2016 11:22 AM, Daniel P. Berrange wrote:
...
Add the virDomainLxcEnterCGroup API to the libvirt-lxc.so
file. This method moves the calling process into the cgroups
associated with the container.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
 include/libvirt/libvirt-lxc.h |  2 ++
 src/libvirt-lxc.c             | 47 +++++++++++++++++++++++++++++++++++++++++++
 src/libvirt_lxc.syms          |  5 +++++
 3 files changed, 54 insertions(+)

diff --git a/include/libvirt/libvirt-lxc.h b/include/libvirt/libvirt-lxc.h
index 1901fce..0d16a5c 100644
--- a/include/libvirt/libvirt-lxc.h
+++ b/include/libvirt/libvirt-lxc.h
@@ -46,6 +46,8 @@ int virDomainLxcEnterSecurityLabel(virSecurityModelPtr model,
                                    virSecurityLabelPtr label,
                                    virSecurityLabelPtr oldlabel,
                                    unsigned int flags);
+int virDomainLxcEnterCGroup(virDomainPtr domain,
+                            unsigned int flags);
# ifdef __cplusplus
 }
diff --git a/src/libvirt-lxc.c b/src/libvirt-lxc.c
index 8553570..16e08e9 100644
--- a/src/libvirt-lxc.c
+++ b/src/libvirt-lxc.c
@@ -36,6 +36,7 @@
 #ifdef WITH_APPARMOR
 # include <sys/apparmor.h>
 #endif
+#include "vircgroup.h"
#define VIR_FROM_THIS VIR_FROM_NONE
@@ -269,3 +270,49 @@ virDomainLxcEnterSecurityLabel(virSecurityModelPtr model,
     virDispatchError(NULL);
     return -1;
 }
+
+
+/**
+ * virDomainLxcEnterCGroup:
+ * @domain: a domain object
+ * @flags: currently unused, pass 0
+ *
+ * This API is LXC specific, so it will only work with hypervisor
+ * connections to the LXC driver.
+ *
+ * Attaches the process to the control cgroups associated
+ * with the container @domain.
+ *
+ * Returns 0 on success, -1 on error
+ */
+int virDomainLxcEnterCGroup(virDomainPtr domain,
+                            unsigned int flags)
+{
+    virConnectPtr conn;
+    virCgroupPtr cgroup = NULL;
+
+    VIR_DOMAIN_DEBUG(domain, "flags=%x", flags);
+
+    virResetLastError();
+
+    virCheckDomainReturn(domain, -1);
+    conn = domain->conn;
+
+    virCheckReadOnlyGoto(conn->flags, error);
+    virCheckFlagsGoto(0, error);
+
+    if (virCgroupNewDetect(domain->id, -1, &cgroup) < 0)
virCgroupNewDetect takes a pid as parameter 1
The domain->id is the pid of the libvirt_lxc process when using LXC


Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

    