When we allow multiple instances of the driver for the same user
account, using a separate root directory, we need to ensure mutual
exclusion. Use a pidfile to guarantee this.
In privileged libvirtd this ends up locking
/var/run/libvirt/lxc/driver.pid
In unprivileged libvirtd this ends up locking
/run/user/$UID/libvirt/lxc/run/driver.pid
NB, the latter can vary depending on $XDG_RUNTIME_DIR
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
src/lxc/lxc_conf.h | 3 +++
src/lxc/lxc_driver.c | 9 +++++++++
2 files changed, 12 insertions(+)
diff --git a/src/lxc/lxc_conf.h b/src/lxc/lxc_conf.h
index dc5531ebf9..e26ca22d3c 100644
--- a/src/lxc/lxc_conf.h
+++ b/src/lxc/lxc_conf.h
@@ -70,6 +70,9 @@ struct _virLXCDriver {
* then lockless thereafter */
virLXCDriverConfigPtr config;
+ /* pid file FD, ensures two copies of the driver can't use the same root */
+ int lockFD;
+
/* Require lock to get a reference on the object,
* lockless access thereafter */
virCapsPtr caps;
diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
index 9db2a02dee..3982c24f34 100644
--- a/src/lxc/lxc_driver.c
+++ b/src/lxc/lxc_driver.c
@@ -1559,6 +1559,7 @@ static int lxcStateInitialize(bool privileged,
if (VIR_ALLOC(lxc_driver) < 0)
return -1;
+ lxc_driver->lockFD = -1;
if (virMutexInit(&lxc_driver->lock) < 0) {
VIR_FREE(lxc_driver);
return -1;
@@ -1605,6 +1606,10 @@ static int lxcStateInitialize(bool privileged,
goto cleanup;
}
+ if ((lxc_driver->lockFD =
+ virPidFileAcquire(cfg->stateDir, "driver", true, getpid())) <
0)
+ goto cleanup;
+
/* Get all the running persistent or transient configs first */
if (virDomainObjListLoadAllConfigs(lxc_driver->domains,
cfg->stateDir,
@@ -1696,6 +1701,10 @@ static int lxcStateCleanup(void)
virObjectUnref(lxc_driver->caps);
virObjectUnref(lxc_driver->securityManager);
virObjectUnref(lxc_driver->xmlopt);
+
+ if (lxc_driver->lockFD != -1)
+ virPidFileRelease(lxc_driver->config->stateDir, "driver",
lxc_driver->lockFD);
+
virObjectUnref(lxc_driver->config);
virMutexDestroy(&lxc_driver->lock);
VIR_FREE(lxc_driver);
--
2.21.0