11:46 a.m.
On Thu, Jun 25, 2015 at 06:49:41PM +0200, Cédric Bosdonnat wrote:
In order to be able to mount a custom host-image as / we need to be
able
to access libvirt-sandbox-init-common and all its needed dependencies.
They are now copied into SANDBOXCONFIGDIR /.libs. Hard linking is not
possible since we may be working on separate partitions, and symlinks
wouldn't help to work with apparmor. Copying makes apparmor happy and
solves our problem.
---
configure.ac | 7 ++
libvirt-sandbox/libvirt-sandbox-builder-machine.c | 114 ++++++++++++++++++++++
libvirt-sandbox/libvirt-sandbox-init-qemu.c | 5 +-
3 files changed, 124 insertions(+), 2 deletions(-)
Don't we need to change the container builder too ? It will need to
be able to run the init-common binary from the real host root FS
too IIUC
+static gboolean gvir_sandbox_builder_machine_copy_init(const gchar
*statedir,
+ GError **error)
+{
+ gchar *libsdir;
+ const gchar *initPath = LIBEXECDIR "/libvirt-sandbox-init-common";
+ gchar *out = NULL;
+ gchar *line, *tmp;
+ const gchar *argv[] = {LDD_PATH, initPath, NULL};
+ gboolean result = FALSE;
+
+ libsdir = g_build_filename(statedir, "config", ".libs", NULL);
+
+ g_mkdir_with_parents(libsdir, 0755);
+
+ if (!gvir_sandbox_builder_machine_copy_lib(initPath, libsdir, error))
+ goto cleanup;
+
+ /* Get all the dependencies to be hard linked */
+ if (!g_spawn_sync(NULL, (gchar **)argv, NULL, 0,
+ NULL, NULL, &out, NULL, NULL, error))
+ goto cleanup;
+
+ /* Loop over the output lines to get the path to the libraries to hard link */
+ line = out;
+ while ((tmp = strchr(line, '\n'))) {
+ gchar *start, *end;
+ *tmp = '\0';
+
+ /* Search the line for the library path */
+ start = strstr(line, " => ");
+ end = strstr(line, " (");
+
+ if (start && end) {
+ start = start + 4;
+ *end = '\0';
+
+ if (!gvir_sandbox_builder_machine_copy_lib(start, libsdir, error))
+ goto cleanup;
+ }
+
+ line = tmp + 1;
+ }
+ result = TRUE;
+
+ cleanup:
+ g_free(libsdir);
+ g_free(out);
+
+ return result;
+}
static gboolean gvir_sandbox_builder_machine_construct_domain(GVirSandboxBuilder
*builder,
GVirSandboxConfig
*config,
@@ -370,6 +445,9 @@ static gboolean
gvir_sandbox_builder_machine_construct_domain(GVirSandboxBuilder
error))
return FALSE;
+ if (!gvir_sandbox_builder_machine_copy_init(statedir, error))
+ return FALSE;
+
if (!GVIR_SANDBOX_BUILDER_CLASS(gvir_sandbox_builder_machine_parent_class)->
construct_domain(builder, config, statedir, domain, error))
return FALSE;
@@ -712,12 +790,48 @@ static gboolean
gvir_sandbox_builder_machine_clean_post_stop(GVirSandboxBuilder
GError **error)
{
gchar *mntfile = g_strdup_printf("%s/config/mounts.cfg", statedir);
+ gchar *libsdir = g_build_filename(statedir, "config", ".libs",
NULL);
+ GFile *libsFile = g_file_new_for_path(libsdir);
+ GFileEnumerator *enumerator = NULL;
+ GFileInfo *info = NULL;
+ GFile *child = NULL;
gboolean ret = TRUE;
if (unlink(mntfile) < 0 &&
errno != ENOENT)
ret = FALSE;
+ if (!(enumerator = g_file_enumerate_children(libsFile, "*",
G_FILE_QUERY_INFO_NONE,
+ NULL, error)) &&
+ (*error)->code != G_IO_ERROR_NOT_FOUND) {
+ ret = FALSE;
+ goto cleanup;
+ }
+
+ while ((info = g_file_enumerator_next_file(enumerator, NULL, error))) {
+ child = g_file_enumerator_get_child(enumerator, info);
+ if (!g_file_delete(child, NULL, error))
+ ret = FALSE;
+ g_object_unref(child);
+ child = NULL;
+ g_object_unref(info);
+ info = NULL;
+ }
+ if (!g_file_enumerator_close(enumerator, NULL, error))
+ ret = FALSE;
+
+ if (!g_file_delete(libsFile, NULL, error) &&
+ (*error)->code != G_IO_ERROR_NOT_FOUND)
+ ret = FALSE;
+
+ cleanup:
+ if (child)
+ g_object_unref(child);
+ if (info)
+ g_object_unref(info);
+ g_object_unref(enumerator);
+ g_object_unref(libsFile);
+ g_free(libsdir);
g_free(mntfile);
return ret;
}
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|