Re: [libvirt] [PATCH v3 05/12] LXC: Creating devices for container on host side
On Thu, May 23, 2013 at 12:06:49PM +0800, Gao feng wrote:
user namespace doesn't allow to create devices in
uninit userns. We should create devices on host side.
We first mount tmpfs on dev directroy under state dir
of container. then create devices under this dev dir.
Finally in container, mount the dev directroy created
on host to the /dev/ directroy of container.
Signed-off-by: Gao feng <gaofeng(a)cn.fujitsu.com>
---
src/lxc/lxc_container.c | 96 +++++++++++++---------------------
src/lxc/lxc_controller.c | 130 +++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 166 insertions(+), 60 deletions(-)
@@ -903,15 +884,6 @@ static int lxcContainerPopulateDevices(char **ttyPaths, size_t
nttyPaths)
_("Failed to bind /dev/pts/ptmx on to
/dev/ptmx"));
return -1;
}
- } else {
- /* Legacy devpts, so we need to just use shared one */
- dev_t dev = makedev(LXC_DEV_MAJ_TTY, LXC_DEV_MIN_PTMX);
- if (mknod("/dev/ptmx", S_IFCHR, dev) < 0 ||
- chmod("/dev/ptmx", 0666)) {
- virReportSystemError(errno, "%s",
- _("Failed to make device /dev/ptmx"));
- return -1;
- }
}
Opps, that code should have been deleted already. I've just sent a
patch to kill this legacy code....
diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
index 0a2e3ac..e9808f3 100644
--- a/src/lxc/lxc_controller.c
+++ b/src/lxc/lxc_controller.c
+static int virLXCControllerPopulateDevices(virLXCControllerPtr ctrl)
+{
+ size_t i;
+ int ret = -1;
+ char *ptmx = NULL;
+ char *path = NULL;
+ const struct {
+ int maj;
+ int min;
+ mode_t mode;
+ const char *path;
+ } devs[] = {
+ { LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_NULL, 0666, "/null" },
+ { LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_ZERO, 0666, "/zero" },
+ { LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_FULL, 0666, "/full" },
+ { LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_RANDOM, 0666, "/random" },
+ { LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_URANDOM, 0666, "/urandom" },
+ };
+
+ if (virLXCControllerSetupDev(ctrl) < 0)
+ goto out;
+
+ /* Populate /dev/ with a few important bits */
+ for (i = 0 ; i < ARRAY_CARDINALITY(devs) ; i++) {
+ if (virAsprintf(&path, "/%s/%s.dev/%s",
+ LXC_STATE_DIR, ctrl->def->name,
+ devs[i].path) < 0) {
+ virReportOOMError();
+ goto out;
+ }
+
+ dev_t dev = makedev(devs[i].maj, devs[i].min);
+ if (mknod(path, S_IFCHR, dev) < 0 ||
+ chmod(path, devs[i].mode)) {
+ virReportSystemError(errno,
+ _("Failed to make device %s"),
+ devs[i].path);
+ goto out;
+ }
+ VIR_FREE(path);
+ }
+
+ if (virAsprintf(&ptmx, "/%s/%s.devpts/ptmx",
+ LXC_STATE_DIR, ctrl->def->name) < 0) {
+ virReportOOMError();
+ goto out;
+ }
+
+ if (access(ptmx, W_OK)) {
+ if (virAsprintf(&path, "/%s/%s.dev/ptmx",
+ LXC_STATE_DIR, ctrl->def->name)) {
+ virReportOOMError();
+ goto out;
+ }
+ /* Legacy devpts, so we need to just use shared one */
+ dev_t dev = makedev(LXC_DEV_MAJ_TTY, LXC_DEV_MIN_PTMX);
+ if (mknod(path, S_IFCHR, dev) < 0 ||
+ chmod(path, 0666)) {
+ virReportSystemError(errno, _("Failed to make device %s"),
path);
+ goto out;
+ }
So you can avoid this legacy code here too.
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|