[libvirt] [PATCH 03/12] network: acquire a pidfile in the driver root directory
When we allow multiple instances of the driver for the same user
account, using a separate root directory, we need to ensure mutual
exclusion. Use a pidfile to guarantee this.
In privileged libvirtd this ends up locking
/var/run/libvirt/network/driver.pid
In unprivileged libvirtd this ends up locking
/run/user/$UID/libvirt/network/run/driver.pid
NB, the latter can vary depending on $XDG_RUNTIME_DIR
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
src/network/bridge_driver.c | 10 ++++++++++
src/network/bridge_driver_platform.h | 3 +++
2 files changed, 13 insertions(+)
diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
index 19faf7d514..6292e3b90a 100644
--- a/src/network/bridge_driver.c
+++ b/src/network/bridge_driver.c
@@ -597,6 +597,7 @@ networkStateInitialize(bool privileged,
if (VIR_ALLOC(network_driver) < 0)
goto error;
+ network_driver->lockFD = -1;
if (virMutexInit(&network_driver->lock) < 0) {
VIR_FREE(network_driver);
goto error;
@@ -651,6 +652,11 @@ networkStateInitialize(bool privileged,
goto error;
}
+ if ((network_driver->lockFD =
+ virPidFileAcquire(network_driver->stateDir, "driver",
+ true, getpid())) < 0)
+ goto error;
+
/* if this fails now, it will be retried later with dnsmasqCapsRefresh() */
network_driver->dnsmasqCaps = dnsmasqCapsNewFromBinary(DNSMASQ);
@@ -764,6 +770,10 @@ networkStateCleanup(void)
/* free inactive networks */
virObjectUnref(network_driver->networks);
+ if (network_driver->lockFD != -1)
+ virPidFileRelease(network_driver->stateDir, "driver",
+ network_driver->lockFD);
+
VIR_FREE(network_driver->networkConfigDir);
VIR_FREE(network_driver->networkAutostartDir);
VIR_FREE(network_driver->stateDir);
diff --git a/src/network/bridge_driver_platform.h b/src/network/bridge_driver_platform.h
index 1efa0d2af4..95993c5e31 100644
--- a/src/network/bridge_driver_platform.h
+++ b/src/network/bridge_driver_platform.h
@@ -34,6 +34,9 @@ struct _virNetworkDriverState {
/* Read-only */
bool privileged;
+ /* pid file FD, ensures two copies of the driver can't use the same root */
+ int lockFD;
+
/* Immutable pointer, self-locking APIs */
virNetworkObjListPtr networks;
--
2.21.0