6:44 p.m.
Hi all,
In the virt-sandbox documentation we had examples with host-image mounts
targetting /. However the / in the sandbox was still the host one. The
main goal of this patch series is to fix that problem. This will also
be needed to run docker container with libvirt-sandbox.
I also added some configure flags to disable lzma or zlib support at
build time. At least opensuse 13.2 doesn't have static lzma.
Diff to v1:
* Fixed Dan's comments
* Fixed the container case:
* Made init-lxc all-static
* Moved the init copy code to libvirt-sandbox-builder.c
* Use setenv to set the LD_LIBRARY_PATH rather than reset the whole
environment using execve
Cédric Bosdonnat (11):
Allow disabling build with lzma.
Allow disabling zlib support.
Enable strcmp checks in libvirt-sandbox-init-qemu.c
Make init-lxc all static
Copy all needed init programs and all its deps to config subdir
Remove init-common dependency on libvirt-sandbox.so
init-qemu: extract the mounts.cfg ntry mounting code
qemu: use mounts targeting / as root
Add function to check if there is a mount with / target
Don't add sandbox:root device if we have a mount targetting /
container builder: don't expose host rootfs if unneeded
cfg.mk | 2 -
configure.ac | 37 ++++-
libvirt-sandbox/Makefile.am | 45 +++---
.../libvirt-sandbox-builder-container.c | 37 +++--
libvirt-sandbox/libvirt-sandbox-builder-machine.c | 22 +--
libvirt-sandbox/libvirt-sandbox-builder.c | 159 ++++++++++++++++++-
libvirt-sandbox/libvirt-sandbox-builder.h | 2 +
libvirt-sandbox/libvirt-sandbox-config-all.h | 62 ++++++++
libvirt-sandbox/libvirt-sandbox-config-disk.c | 2 +-
libvirt-sandbox/libvirt-sandbox-config-initrd.c | 2 +-
.../libvirt-sandbox-config-interactive.c | 2 +-
.../libvirt-sandbox-config-mount-file.c | 2 +-
.../libvirt-sandbox-config-mount-guest-bind.c | 2 +-
.../libvirt-sandbox-config-mount-host-bind.c | 2 +-
.../libvirt-sandbox-config-mount-host-image.c | 2 +-
libvirt-sandbox/libvirt-sandbox-config-mount-ram.c | 2 +-
libvirt-sandbox/libvirt-sandbox-config-mount.c | 2 +-
.../libvirt-sandbox-config-network-address.c | 2 +-
...rt-sandbox-config-network-filterref-parameter.c | 2 +-
.../libvirt-sandbox-config-network-filterref.c | 2 +-
.../libvirt-sandbox-config-network-route.c | 2 +-
libvirt-sandbox/libvirt-sandbox-config-network.c | 2 +-
.../libvirt-sandbox-config-service-generic.c | 2 +-
.../libvirt-sandbox-config-service-systemd.c | 2 +-
libvirt-sandbox/libvirt-sandbox-config-service.c | 2 +-
libvirt-sandbox/libvirt-sandbox-config.c | 23 ++-
libvirt-sandbox/libvirt-sandbox-config.h | 1 +
libvirt-sandbox/libvirt-sandbox-init-common.c | 5 +-
libvirt-sandbox/libvirt-sandbox-init-lxc.c | 16 +-
libvirt-sandbox/libvirt-sandbox-init-qemu.c | 175 +++++++++++++++++----
libvirt-sandbox/libvirt-sandbox-util.c | 2 +-
libvirt-sandbox/libvirt-sandbox.sym | 1 +
32 files changed, 519 insertions(+), 104 deletions(-)
create mode 100644 libvirt-sandbox/libvirt-sandbox-config-all.h
--
2.1.4
6:44 p.m.
New subject: [libvirt] [sandbox v2 01/11] Allow disabling build with lzma.
Some linux distributions don't package static lzma library. Allow
disabling it.
---
configure.ac | 14 +++++++++++++-
libvirt-sandbox/libvirt-sandbox-init-qemu.c | 12 ++++++++++++
2 files changed, 25 insertions(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index 140fb8c..834a444 100644
--- a/configure.ac
+++ b/configure.ac
@@ -81,7 +81,14 @@ PKG_CHECK_MODULES(LIBVIRT_GLIB, libvirt-glib-1.0 >=
$LIBVIRT_GOBJECT_REQUIRED)
PKG_CHECK_MODULES(LIBVIRT_GOBJECT, libvirt-gobject-1.0 >= $LIBVIRT_GOBJECT_REQUIRED)
PKG_CHECK_MODULES(LIBVIRT_GCONFIG, libvirt-gconfig-1.0 >= $LIBVIRT_GCONFIG_REQUIRED)
PKG_CHECK_MODULES(ZLIB, zlib >= $ZLIB_REQUIRED)
-PKG_CHECK_MODULES(LZMA, liblzma >= $LZMA_REQUIRED)
+AC_ARG_WITH([lzma],
+ [AS_HELP_STRING([--with-lzma],
+ [add LZMA support @<:@default=yes@:>@])])
+m4_divert_text([DEFAULTS], [with_lzma=yes])
+
+if test "$with_lzma" = "yes" ; then
+ PKG_CHECK_MODULES(LZMA, liblzma >= $LZMA_REQUIRED)
+fi
LIBVIRT_SANDBOX_CAPNG
LIBVIRT_SANDBOX_GETTEXT
@@ -118,6 +125,11 @@ AC_MSG_NOTICE([])
AC_MSG_NOTICE([])
AC_MSG_NOTICE([ Libraries:])
AC_MSG_NOTICE([])
+if test "$with_lzma" != "no" ; then
+AC_MSG_NOTICE([ LZMA: $LZMA_CFLAGS $LZMA_LIBS])
+else
+AC_MSG_NOTICE([ LZMA: no])
+fi
AC_MSG_NOTICE([ GOBJECT: $GOBJECT_CFLAGS $GOBJECT_LIBS])
AC_MSG_NOTICE([ LIBVIRT_GOBJECT: $LIBVIRT_GOBJECT_CFLAGS $LIBVIRT_GOBJECT_LIBS])
AC_MSG_NOTICE([])
diff --git a/libvirt-sandbox/libvirt-sandbox-init-qemu.c
b/libvirt-sandbox/libvirt-sandbox-init-qemu.c
index eabf9aa..a9e6263 100644
--- a/libvirt-sandbox/libvirt-sandbox-init-qemu.c
+++ b/libvirt-sandbox/libvirt-sandbox-init-qemu.c
@@ -42,7 +42,9 @@
#include <fcntl.h>
#include <sys/reboot.h>
#include <termios.h>
+#if WITH_LZMA
#include <lzma.h>
+#endif /* WITH_LZMA */
#include <zlib.h>
#define ATTR_UNUSED __attribute__((__unused__))
@@ -400,6 +402,7 @@ has_suffix(const char *filename, const char *ext)
offset[strlen(ext)] == '\0');
}
+#if WITH_LZMA
static char *
load_module_file_lzma(const char *filename, size_t *len)
{
@@ -456,6 +459,15 @@ load_module_file_lzma(const char *filename, size_t *len)
free(xzdata);
return data;
}
+#else
+static char *
+load_module_file_lzma(const char *filename, size_t *len)
+{
+ fprintf(stderr, "libvirt-sandbox-init-qemu: %s: "
+ "lzma support disabled, can't read module %s\n", __func__,
filename);
+ exit_poweroff();
+}
+#endif /* WITH_LZMA */
static char *
load_module_file_zlib(const char *filename, size_t *len)
--
2.1.4
5:59 p.m.
New subject: [libvirt] [sandbox v2 01/11] Allow disabling build with lzma.
On Mon, Jun 29, 2015 at 06:44:09PM +0200, Cédric Bosdonnat wrote:
Some linux distributions don't package static lzma library.
Allow
disabling it.
---
configure.ac | 14 +++++++++++++-
libvirt-sandbox/libvirt-sandbox-init-qemu.c | 12 ++++++++++++
2 files changed, 25 insertions(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index 140fb8c..834a444 100644
--- a/configure.ac
+++ b/configure.ac
@@ -81,7 +81,14 @@ PKG_CHECK_MODULES(LIBVIRT_GLIB, libvirt-glib-1.0 >=
$LIBVIRT_GOBJECT_REQUIRED)
PKG_CHECK_MODULES(LIBVIRT_GOBJECT, libvirt-gobject-1.0 >= $LIBVIRT_GOBJECT_REQUIRED)
PKG_CHECK_MODULES(LIBVIRT_GCONFIG, libvirt-gconfig-1.0 >= $LIBVIRT_GCONFIG_REQUIRED)
PKG_CHECK_MODULES(ZLIB, zlib >= $ZLIB_REQUIRED)
-PKG_CHECK_MODULES(LZMA, liblzma >= $LZMA_REQUIRED)
+AC_ARG_WITH([lzma],
+ [AS_HELP_STRING([--with-lzma],
+ [add LZMA support @<:@default=yes@:>@])])
+m4_divert_text([DEFAULTS], [with_lzma=yes])
+
+if test "$with_lzma" = "yes" ; then
+ PKG_CHECK_MODULES(LZMA, liblzma >= $LZMA_REQUIRED)
Needs an AC_DEFINE() to get WITH_LZMA in config.h
diff --git a/libvirt-sandbox/libvirt-sandbox-init-qemu.c
b/libvirt-sandbox/libvirt-sandbox-init-qemu.c
index eabf9aa..a9e6263 100644
--- a/libvirt-sandbox/libvirt-sandbox-init-qemu.c
+++ b/libvirt-sandbox/libvirt-sandbox-init-qemu.c
@@ -42,7 +42,9 @@
#include <fcntl.h>
#include <sys/reboot.h>
#include <termios.h>
+#if WITH_LZMA
#include <lzma.h>
+#endif /* WITH_LZMA */
To make this work.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
6:44 p.m.
New subject: [libvirt] [sandbox v2 02/11] Allow disabling zlib support.
Some distributions may not have static zlib package. Allow disabling
it at build time.
---
configure.ac | 16 +++++++++++++++-
libvirt-sandbox/libvirt-sandbox-init-qemu.c | 12 ++++++++++++
2 files changed, 27 insertions(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index 834a444..99d22d7 100644
--- a/configure.ac
+++ b/configure.ac
@@ -80,7 +80,16 @@ PKG_CHECK_MODULES(LIBVIRT, libvirt >= $LIBVIRT_REQUIRED)
PKG_CHECK_MODULES(LIBVIRT_GLIB, libvirt-glib-1.0 >= $LIBVIRT_GOBJECT_REQUIRED)
PKG_CHECK_MODULES(LIBVIRT_GOBJECT, libvirt-gobject-1.0 >= $LIBVIRT_GOBJECT_REQUIRED)
PKG_CHECK_MODULES(LIBVIRT_GCONFIG, libvirt-gconfig-1.0 >= $LIBVIRT_GCONFIG_REQUIRED)
-PKG_CHECK_MODULES(ZLIB, zlib >= $ZLIB_REQUIRED)
+
+AC_ARG_WITH([zlib],
+ [AS_HELP_STRING([--with-zlib],
+ [add ZLIB support @<:@default=yes@:>@])])
+m4_divert_text([DEFAULTS], [with_zlib=yes])
+
+if test "$with_zlib" = "yes" ; then
+ PKG_CHECK_MODULES(ZLIB, zlib >= $ZLIB_REQUIRED)
+ fi
+
AC_ARG_WITH([lzma],
[AS_HELP_STRING([--with-lzma],
[add LZMA support @<:@default=yes@:>@])])
@@ -130,6 +139,11 @@ AC_MSG_NOTICE([ LZMA: $LZMA_CFLAGS $LZMA_LIBS])
else
AC_MSG_NOTICE([ LZMA: no])
fi
+if test "$with_zlib" != "no" ; then
+AC_MSG_NOTICE([ ZLIB: $ZLIB_CFLAGS $ZLIB_LIBS])
+else
+AC_MSG_NOTICE([ ZLIB: no])
+fi
AC_MSG_NOTICE([ GOBJECT: $GOBJECT_CFLAGS $GOBJECT_LIBS])
AC_MSG_NOTICE([ LIBVIRT_GOBJECT: $LIBVIRT_GOBJECT_CFLAGS $LIBVIRT_GOBJECT_LIBS])
AC_MSG_NOTICE([])
diff --git a/libvirt-sandbox/libvirt-sandbox-init-qemu.c
b/libvirt-sandbox/libvirt-sandbox-init-qemu.c
index a9e6263..d5a0b7a 100644
--- a/libvirt-sandbox/libvirt-sandbox-init-qemu.c
+++ b/libvirt-sandbox/libvirt-sandbox-init-qemu.c
@@ -45,7 +45,9 @@
#if WITH_LZMA
#include <lzma.h>
#endif /* WITH_LZMA */
+#if WITH_ZLIB
#include <zlib.h>
+#endif /* WITH_ZLIB */
#define ATTR_UNUSED __attribute__((__unused__))
@@ -469,6 +471,7 @@ load_module_file_lzma(const char *filename, size_t *len)
}
#endif /* WITH_LZMA */
+#if WITH_ZLIB
static char *
load_module_file_zlib(const char *filename, size_t *len)
{
@@ -519,6 +522,15 @@ load_module_file_zlib(const char *filename, size_t *len)
gzclose(fp);
return data;
}
+#else
+static char *
+load_module_file_zlib(const char *filename, size_t *len)
+{
+ fprintf(stderr, "libvirt-sandbox-init-qemu: %s: "
+ "zlib support disabled, can't read module %s\n", __func__,
filename);
+ exit_poweroff();
+}
+#endif /* WITH_ZLIB */
static char *
load_module_file_raw(const char *filename, size_t *len)
--
2.1.4
5:59 p.m.
New subject: [libvirt] [sandbox v2 02/11] Allow disabling zlib support.
On Mon, Jun 29, 2015 at 06:44:10PM +0200, Cédric Bosdonnat wrote:
Some distributions may not have static zlib package. Allow disabling
it at build time.
---
configure.ac | 16 +++++++++++++++-
libvirt-sandbox/libvirt-sandbox-init-qemu.c | 12 ++++++++++++
2 files changed, 27 insertions(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index 834a444..99d22d7 100644
--- a/configure.ac
+++ b/configure.ac
@@ -80,7 +80,16 @@ PKG_CHECK_MODULES(LIBVIRT, libvirt >= $LIBVIRT_REQUIRED)
PKG_CHECK_MODULES(LIBVIRT_GLIB, libvirt-glib-1.0 >= $LIBVIRT_GOBJECT_REQUIRED)
PKG_CHECK_MODULES(LIBVIRT_GOBJECT, libvirt-gobject-1.0 >= $LIBVIRT_GOBJECT_REQUIRED)
PKG_CHECK_MODULES(LIBVIRT_GCONFIG, libvirt-gconfig-1.0 >= $LIBVIRT_GCONFIG_REQUIRED)
-PKG_CHECK_MODULES(ZLIB, zlib >= $ZLIB_REQUIRED)
+
+AC_ARG_WITH([zlib],
+ [AS_HELP_STRING([--with-zlib],
+ [add ZLIB support @<:@default=yes@:>@])])
+m4_divert_text([DEFAULTS], [with_zlib=yes])
+
+if test "$with_zlib" = "yes" ; then
+ PKG_CHECK_MODULES(ZLIB, zlib >= $ZLIB_REQUIRED)
+ fi
Indentation bug, and AC_DEFINE issue too
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
6:44 p.m.
New subject: [libvirt] [sandbox v2 03/11] Enable strcmp checks in libvirt-sandbox-init-qemu.c
---
cfg.mk | 2 --
libvirt-sandbox/libvirt-sandbox-init-qemu.c | 6 ++++--
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/cfg.mk b/cfg.mk
index 83ded15..37e5050 100644
--- a/cfg.mk
+++ b/cfg.mk
@@ -132,5 +132,3 @@ exclude_file_name_regexp--sc_libvirt_unmarked_diagnostics =
^libvirt-sandbox/tes
exclude_file_name_regexp--sc_bindtextdomain =
^(libvirt-sandbox/tests)|(libvirt-sandbox/libvirt-sandbox-init-*)|(bin/virt-sandbox.c)|(bin/virt-sandbox-service-util.c)
exclude_file_name_regexp--sc_preprocessor_indentation = ^*/*.[ch]
-
-exclude_file_name_regexp--sc_prohibit_strcmp =
^libvirt-sandbox/libvirt-sandbox-init-qemu.c
diff --git a/libvirt-sandbox/libvirt-sandbox-init-qemu.c
b/libvirt-sandbox/libvirt-sandbox-init-qemu.c
index d5a0b7a..44305fd 100644
--- a/libvirt-sandbox/libvirt-sandbox-init-qemu.c
+++ b/libvirt-sandbox/libvirt-sandbox-init-qemu.c
@@ -51,6 +51,8 @@
#define ATTR_UNUSED __attribute__((__unused__))
+#define STREQ(x,y) (strcmp(x,y) == 0)
+
static void print_uptime (void);
static void insmod (const char *filename);
static void set_debug(void);
@@ -283,7 +285,7 @@ main(int argc ATTR_UNUSED, char **argv ATTR_UNUSED)
__func__, source, target, type, opts);
- if (strcmp(type, "") == 0) {
+ if (STREQ(type, "")) {
struct stat st;
type = NULL;
flags |= MS_BIND;
@@ -297,7 +299,7 @@ main(int argc ATTR_UNUSED, char **argv ATTR_UNUSED)
else
mount_mkfile(target, 644);
} else {
- if (strcmp(type, "tmpfs") == 0)
+ if (STREQ(type, "tmpfs"))
flags |= MS_NOSUID | MS_NODEV;
mount_mkdir(target, 0755);
--
2.1.4
6:44 p.m.
New subject: [libvirt] [sandbox v2 04/11] Make init-lxc all static
When running a sandbox with a / different from the host one, we will
need to copy all init-lxc dependencies into a mounted folder... but we
have no way to tell libvirt to set the LD_LIBRARY_PATH for the init
command.
Turning init-lxc all-static help us work around that problem, and drops
the useless dependencies on glib and libvirt-sandbox.
---
libvirt-sandbox/Makefile.am | 11 +----------
libvirt-sandbox/libvirt-sandbox-init-lxc.c | 8 ++++----
2 files changed, 5 insertions(+), 14 deletions(-)
diff --git a/libvirt-sandbox/Makefile.am b/libvirt-sandbox/Makefile.am
index b6fcdf7..1cd6ea3 100644
--- a/libvirt-sandbox/Makefile.am
+++ b/libvirt-sandbox/Makefile.am
@@ -202,22 +202,13 @@ libvirt_sandbox_init_lxc_CFLAGS = \
-DSANDBOXCONFIGDIR="\"$(sandboxconfigdir)\"" \
-I$(top_srcdir) \
-I$(top_builddir) \
- $(GIO_UNIX_CFLAGS) \
- $(LIBVIRT_GLIB_CFLAGS) \
- $(LIBVIRT_GOBJECT_CFLAGS) \
$(WARN_CFLAGS) \
$(NULL)
libvirt_sandbox_init_lxc_LDFLAGS = \
- libvirt-sandbox-1.0.la \
+ -all-static \
$(COVERAGE_CFLAGS:-f%=-Wc,f%) \
- $(GIO_UNIX_LIBS) \
- $(LIBVIRT_GLIB_LIBS) \
- $(LIBVIRT_GOBJECT_LIBS) \
$(WARN_CFLAGS) \
$(NULL)
-libvirt_sandbox_init_lxc_LDADD = \
- libvirt-sandbox-1.0.la \
- $(NULL)
libvirt_sandbox_init_qemu_SOURCES = libvirt-sandbox-init-qemu.c
libvirt_sandbox_init_qemu_CFLAGS = \
diff --git a/libvirt-sandbox/libvirt-sandbox-init-lxc.c
b/libvirt-sandbox/libvirt-sandbox-init-lxc.c
index 61f46a1..798af37 100644
--- a/libvirt-sandbox/libvirt-sandbox-init-lxc.c
+++ b/libvirt-sandbox/libvirt-sandbox-init-lxc.c
@@ -28,8 +28,6 @@
#include <config.h>
-#include <glib.h>
-
#include <stdio.h>
#include <sys/wait.h>
#include <termios.h>
@@ -38,6 +36,8 @@
#include <string.h>
#include <errno.h>
+#define STRNEQ(x,y) (strcmp(x,y) != 0)
+
static void set_debug(void);
static int has_command_arg(const char *name,
char **val);
@@ -45,7 +45,7 @@ static int has_command_arg(const char *name,
static int debug = 0;
int
-main(int argc G_GNUC_UNUSED, char **argv G_GNUC_UNUSED)
+main(int argc, char **argv)
{
const char *args[50];
int narg = 0;
@@ -69,7 +69,7 @@ main(int argc G_GNUC_UNUSED, char **argv G_GNUC_UNUSED)
args[narg++] = "/tmp/sandbox.log";
args[narg++] = "-f";
args[narg++] = "-ff";
- if (strace && !g_str_equal(strace, "1")) {
+ if (strace && STRNEQ(strace, "1")) {
args[narg++] = "-e";
args[narg++] = strace;
}
--
2.1.4
6:44 p.m.
New subject: [libvirt] [sandbox v2 05/11] Copy all needed init programs and all its deps to config subdir
In order to be able to mount a custom host-image as / we need to be able
to access libvirt-sandbox-init-common and all its needed dependencies.
In the container case we also need to copy libvirt-sandbox-init-lxc.
They are now copied into SANDBOXCONFIGDIR /.libs. Hard linking is not
possible since we may be working on separate partitions, and symlinks
wouldn't help to work with apparmor. Copying makes apparmor happy and
solves our problem.
---
configure.ac | 7 +
.../libvirt-sandbox-builder-container.c | 15 +-
libvirt-sandbox/libvirt-sandbox-builder.c | 159 ++++++++++++++++++++-
libvirt-sandbox/libvirt-sandbox-builder.h | 2 +
libvirt-sandbox/libvirt-sandbox-init-lxc.c | 8 +-
libvirt-sandbox/libvirt-sandbox-init-qemu.c | 9 +-
6 files changed, 196 insertions(+), 4 deletions(-)
diff --git a/configure.ac b/configure.ac
index 99d22d7..608f56b 100644
--- a/configure.ac
+++ b/configure.ac
@@ -109,6 +109,13 @@ LIBVIRT_SANDBOX_SELINUX
LIBVIRT_SANDBOX_STATIC_LIBC
+dnl search for LDD path
+AC_PATH_PROG([LDD_PATH], [ldd])
+if test -z "$LDD_PATH"; then
+ AC_MSG_ERROR([Failed to find ldd.])
+fi
+AC_DEFINE_UNQUOTED([LDD_PATH], "$LDD_PATH", [path to ldd binary])
+
GOBJECT_INTROSPECTION_CHECK([$GOBJECT_INTROSPECTION_REQUIRED])
dnl Should be in m4/virt-gettext.m4 but intltoolize is too
diff --git a/libvirt-sandbox/libvirt-sandbox-builder-container.c
b/libvirt-sandbox/libvirt-sandbox-builder-container.c
index c23b82b..d226d35 100644
--- a/libvirt-sandbox/libvirt-sandbox-builder-container.c
+++ b/libvirt-sandbox/libvirt-sandbox-builder-container.c
@@ -184,7 +184,7 @@ static gboolean
gvir_sandbox_builder_container_construct_os(GVirSandboxBuilder *
gvir_config_domain_os_set_arch(os,
gvir_sandbox_config_get_arch(config));
gvir_config_domain_os_set_init(os,
- LIBEXECDIR "/libvirt-sandbox-init-lxc");
+ SANDBOXCONFIGDIR
"/.libs/libvirt-sandbox-init-lxc");
gvir_config_domain_os_set_cmdline(os, cmdline);
gvir_config_domain_set_os(domain, os);
@@ -444,6 +444,18 @@ static const gchar
*gvir_sandbox_builder_container_get_disk_prefix(GVirSandboxBu
return "sd";
}
+
+static GList *gvir_sandbox_builder_container_get_files_to_copy(GVirSandboxBuilder
*builder,
+ GVirSandboxConfig *config
G_GNUC_UNUSED)
+{
+ GList * tocopy =
GVIR_SANDBOX_BUILDER_CLASS(gvir_sandbox_builder_container_parent_class)->
+ get_files_to_copy(builder, config);
+ gchar *file = g_strdup_printf("%s/libvirt-sandbox-init-lxc", LIBEXECDIR);
+
+ return g_list_append(tocopy, file);
+}
+
+
static void gvir_sandbox_builder_container_class_init(GVirSandboxBuilderContainerClass
*klass)
{
GObjectClass *object_class = G_OBJECT_CLASS(klass);
@@ -458,6 +470,7 @@ static void
gvir_sandbox_builder_container_class_init(GVirSandboxBuilderContaine
builder_class->construct_features =
gvir_sandbox_builder_container_construct_features;
builder_class->construct_devices =
gvir_sandbox_builder_container_construct_devices;
builder_class->get_disk_prefix = gvir_sandbox_builder_container_get_disk_prefix;
+ builder_class->get_files_to_copy =
gvir_sandbox_builder_container_get_files_to_copy;
g_type_class_add_private(klass, sizeof(GVirSandboxBuilderContainerPrivate));
}
diff --git a/libvirt-sandbox/libvirt-sandbox-builder.c
b/libvirt-sandbox/libvirt-sandbox-builder.c
index aa932db..2726868 100644
--- a/libvirt-sandbox/libvirt-sandbox-builder.c
+++ b/libvirt-sandbox/libvirt-sandbox-builder.c
@@ -107,6 +107,8 @@ static gboolean
gvir_sandbox_builder_clean_post_stop_default(GVirSandboxBuilder
GVirSandboxConfig *config,
const gchar *statedir,
GError **error);
+static GList *gvir_sandbox_builder_get_files_to_copy(GVirSandboxBuilder *builder,
+ GVirSandboxConfig *config);
static void gvir_sandbox_builder_get_property(GObject *object,
guint prop_id,
@@ -176,6 +178,7 @@ static void gvir_sandbox_builder_class_init(GVirSandboxBuilderClass
*klass)
klass->construct_security = gvir_sandbox_builder_construct_security;
klass->clean_post_start = gvir_sandbox_builder_clean_post_start_default;
klass->clean_post_stop = gvir_sandbox_builder_clean_post_stop_default;
+ klass->get_files_to_copy = gvir_sandbox_builder_get_files_to_copy;
g_object_class_install_property(object_class,
PROP_CONNECTION,
@@ -247,6 +250,108 @@ GVirConnection
*gvir_sandbox_builder_get_connection(GVirSandboxBuilder *builder)
}
+static gboolean gvir_sandbox_builder_copy_file(const char *path,
+ const char *libsdir,
+ GError **error)
+{
+ gchar *name = g_path_get_basename(path);
+ gchar *target = g_build_filename(libsdir, name, NULL);
+ GFile *srcFile = g_file_new_for_path(path);
+ GFile *tgtFile = g_file_new_for_path(target);
+ gboolean result = FALSE;
+
+
+ if (!g_file_query_exists(tgtFile, NULL) &&
+ !g_file_copy(srcFile, tgtFile, 0, NULL, NULL, NULL, error))
+ goto cleanup;
+
+ result = TRUE;
+
+ cleanup:
+ g_object_unref(tgtFile);
+ g_object_unref(srcFile);
+ g_free(target);
+ g_free(name);
+
+ return result;
+}
+
+static gboolean gvir_sandbox_builder_copy_program(const char *program,
+ const char *dest,
+ GError **error)
+{
+ gchar *out = NULL;
+ gchar *line, *tmp;
+ const gchar *argv[] = {LDD_PATH, program, NULL};
+ gboolean result = FALSE;
+
+ if (!gvir_sandbox_builder_copy_file(program, dest, error))
+ goto cleanup;
+
+
+ /* Get all the dependencies to be hard linked */
+ if (!g_spawn_sync(NULL, (gchar **)argv, NULL, 0,
+ NULL, NULL, &out, NULL, NULL, error))
+ goto cleanup;
+
+ /* Loop over the output lines to get the path to the libraries to copy */
+ line = out;
+ while ((tmp = strchr(line, '\n'))) {
+ gchar *start, *end;
+ *tmp = '\0';
+
+ /* Search the line for the library path */
+ start = strstr(line, " => ");
+ end = strstr(line, " (");
+
+ if (start && end) {
+ start = start + 4;
+ *end = '\0';
+
+ if (!gvir_sandbox_builder_copy_file(start, dest, error))
+ goto cleanup;
+ }
+
+ line = tmp + 1;
+ }
+ result = TRUE;
+
+ cleanup:
+ g_free(out);
+
+ return result;
+}
+
+static gboolean gvir_sandbox_builder_copy_init(GVirSandboxBuilder *builder,
+ GVirSandboxConfig *config,
+ const gchar *statedir,
+ GError **error)
+{
+ gchar *libsdir;
+ GVirSandboxBuilderClass *klass = GVIR_SANDBOX_BUILDER_GET_CLASS(builder);
+ GList *tocopy = NULL, *tmp = NULL;
+ gboolean result = FALSE;
+
+ libsdir = g_build_filename(statedir, "config", ".libs", NULL);
+ g_mkdir_with_parents(libsdir, 0755);
+
+ tmp = tocopy = klass->get_files_to_copy(builder, config);
+ while (tmp) {
+ if (!gvir_sandbox_builder_copy_program(tmp->data, libsdir, error))
+ goto cleanup;
+
+ tmp = tmp->next;
+ }
+ result = TRUE;
+
+ cleanup:
+ g_free(libsdir);
+ g_list_free_full(tocopy, g_free);
+
+ return result;
+}
+
+
static gboolean gvir_sandbox_builder_construct_domain(GVirSandboxBuilder *builder,
GVirSandboxConfig *config,
const gchar *statedir,
@@ -255,6 +360,9 @@ static gboolean
gvir_sandbox_builder_construct_domain(GVirSandboxBuilder *builde
{
GVirSandboxBuilderClass *klass = GVIR_SANDBOX_BUILDER_GET_CLASS(builder);
+ if (!gvir_sandbox_builder_copy_init(builder, config, statedir, error))
+ return FALSE;
+
if (!(klass->construct_basic(builder, config, statedir, domain, error)))
return FALSE;
@@ -511,6 +619,15 @@ static gboolean
gvir_sandbox_builder_clean_post_stop_default(GVirSandboxBuilder
return TRUE;
}
+static GList *gvir_sandbox_builder_get_files_to_copy(GVirSandboxBuilder *builder,
+ GVirSandboxConfig *config
G_GNUC_UNUSED)
+{
+ GList *tocopy = NULL;
+ gchar *file = g_strdup_printf("%s/libvirt-sandbox-init-common",
LIBEXECDIR);
+ return g_list_append(tocopy, file);
+}
+
+
/**
* gvir_sandbox_builder_construct:
* @builder: (transfer none): the sandbox builder
@@ -577,8 +694,48 @@ gboolean gvir_sandbox_builder_clean_post_stop(GVirSandboxBuilder
*builder,
GError **error)
{
GVirSandboxBuilderClass *klass = GVIR_SANDBOX_BUILDER_GET_CLASS(builder);
+ gchar *libsdir = g_build_filename(statedir, "config", ".libs",
NULL);
+ GFile *libsFile = g_file_new_for_path(libsdir);
+ GFileEnumerator *enumerator = NULL;
+ GFileInfo *info = NULL;
+ GFile *child = NULL;
+ gboolean ret = TRUE;
+
+ ret = klass->clean_post_stop(builder, config, statedir, error);
+
+ if (!(enumerator = g_file_enumerate_children(libsFile, "*",
G_FILE_QUERY_INFO_NONE,
+ NULL, error)) &&
+ (*error)->code != G_IO_ERROR_NOT_FOUND) {
+ ret = FALSE;
+ goto cleanup;
+ }
+
+ while ((info = g_file_enumerator_next_file(enumerator, NULL, error))) {
+ child = g_file_enumerator_get_child(enumerator, info);
+ if (!g_file_delete(child, NULL, error))
+ ret = FALSE;
+ g_object_unref(child);
+ child = NULL;
+ g_object_unref(info);
+ info = NULL;
+ }
+
+ if (!g_file_enumerator_close(enumerator, NULL, error))
+ ret = FALSE;
- return klass->clean_post_stop(builder, config, statedir, error);
+ if (!g_file_delete(libsFile, NULL, error) &&
+ (*error)->code != G_IO_ERROR_NOT_FOUND)
+ ret = FALSE;
+
+ cleanup:
+ if (child)
+ g_object_unref(child);
+ if (info)
+ g_object_unref(info);
+ g_object_unref(enumerator);
+ g_object_unref(libsFile);
+ g_free(libsdir);
+ return ret;
}
diff --git a/libvirt-sandbox/libvirt-sandbox-builder.h
b/libvirt-sandbox/libvirt-sandbox-builder.h
index 81df92a..2d22f1a 100644
--- a/libvirt-sandbox/libvirt-sandbox-builder.h
+++ b/libvirt-sandbox/libvirt-sandbox-builder.h
@@ -97,6 +97,8 @@ struct _GVirSandboxBuilderClass
const gchar *(*get_disk_prefix)(GVirSandboxBuilder *builder,
GVirSandboxConfig *config,
GVirSandboxConfigDisk *disk);
+ GList *(*get_files_to_copy)(GVirSandboxBuilder *builder,
+ GVirSandboxConfig *config);
gpointer padding[LIBVIRT_SANDBOX_CLASS_PADDING];
};
diff --git a/libvirt-sandbox/libvirt-sandbox-init-lxc.c
b/libvirt-sandbox/libvirt-sandbox-init-lxc.c
index 798af37..e2fe7f0 100644
--- a/libvirt-sandbox/libvirt-sandbox-init-lxc.c
+++ b/libvirt-sandbox/libvirt-sandbox-init-lxc.c
@@ -77,10 +77,16 @@ main(int argc, char **argv)
args[narg++] = "1000";
}
- args[narg++] = LIBEXECDIR "/libvirt-sandbox-init-common";
+ args[narg++] = SANDBOXCONFIGDIR "/.libs/libvirt-sandbox-init-common";
if (debug)
args[narg++] = "-d";
+ if (setenv("LD_LIBRARY_PATH", SANDBOXCONFIGDIR "/.libs", 1) != 0)
{
+ fprintf(stderr, "libvirt-sandbox-init-lxc: %s: cannot set LD_LIBRARY_PATH:
%s\n",
+ __func__, strerror(errno));
+ exit(EXIT_FAILURE);
+ }
+
if (debug)
fprintf(stderr, "Running interactive\n");
execv(args[0], (char**)args);
diff --git a/libvirt-sandbox/libvirt-sandbox-init-qemu.c
b/libvirt-sandbox/libvirt-sandbox-init-qemu.c
index 44305fd..62e8e40 100644
--- a/libvirt-sandbox/libvirt-sandbox-init-qemu.c
+++ b/libvirt-sandbox/libvirt-sandbox-init-qemu.c
@@ -338,10 +338,17 @@ main(int argc ATTR_UNUSED, char **argv ATTR_UNUSED)
args[narg++] = "1000";
}
- args[narg++] = LIBEXECDIR "/libvirt-sandbox-init-common";
+ args[narg++] = SANDBOXCONFIGDIR "/.libs/libvirt-sandbox-init-common";
if (debug)
args[narg++] = "-d";
+ if (setenv("LD_LIBRARY_PATH", SANDBOXCONFIGDIR "/.libs", 1) <
0) {
+ fprintf(stderr, "libvirt-sandbox-init-qemu: %s: cannot set LD_LIBRARY_PATH:
%s\n",
+ __func__, strerror(errno));
+ exit_poweroff();
+ }
+
+
if (debug)
fprintf(stderr, "libvirt-sandbox-init-qemu: Running common init %s\n",
args[0]);
execv(args[0], (char**)args);
--
2.1.4
6 p.m.
New subject: [libvirt] [sandbox v2 05/11] Copy all needed init programs and all its deps to config subdir
On Mon, Jun 29, 2015 at 06:44:13PM +0200, Cédric Bosdonnat wrote:
In order to be able to mount a custom host-image as / we need to be
able
to access libvirt-sandbox-init-common and all its needed dependencies.
In the container case we also need to copy libvirt-sandbox-init-lxc.
They are now copied into SANDBOXCONFIGDIR /.libs. Hard linking is not
possible since we may be working on separate partitions, and symlinks
wouldn't help to work with apparmor. Copying makes apparmor happy and
solves our problem.
---
configure.ac | 7 +
.../libvirt-sandbox-builder-container.c | 15 +-
libvirt-sandbox/libvirt-sandbox-builder.c | 159 ++++++++++++++++++++-
libvirt-sandbox/libvirt-sandbox-builder.h | 2 +
libvirt-sandbox/libvirt-sandbox-init-lxc.c | 8 +-
libvirt-sandbox/libvirt-sandbox-init-qemu.c | 9 +-
6 files changed, 196 insertions(+), 4 deletions(-)
diff --git a/libvirt-sandbox/libvirt-sandbox-init-lxc.c
b/libvirt-sandbox/libvirt-sandbox-init-lxc.c
index 798af37..e2fe7f0 100644
--- a/libvirt-sandbox/libvirt-sandbox-init-lxc.c
+++ b/libvirt-sandbox/libvirt-sandbox-init-lxc.c
@@ -77,10 +77,16 @@ main(int argc, char **argv)
args[narg++] = "1000";
}
- args[narg++] = LIBEXECDIR "/libvirt-sandbox-init-common";
+ args[narg++] = SANDBOXCONFIGDIR "/.libs/libvirt-sandbox-init-common";
if (debug)
args[narg++] = "-d";
+ if (setenv("LD_LIBRARY_PATH", SANDBOXCONFIGDIR "/.libs", 1) !=
0) {
+ fprintf(stderr, "libvirt-sandbox-init-lxc: %s: cannot set LD_LIBRARY_PATH:
%s\n",
+ __func__, strerror(errno));
+ exit(EXIT_FAILURE);
+ }
+
if (debug)
fprintf(stderr, "Running interactive\n");
execv(args[0], (char**)args);
diff --git a/libvirt-sandbox/libvirt-sandbox-init-qemu.c
b/libvirt-sandbox/libvirt-sandbox-init-qemu.c
index 44305fd..62e8e40 100644
--- a/libvirt-sandbox/libvirt-sandbox-init-qemu.c
+++ b/libvirt-sandbox/libvirt-sandbox-init-qemu.c
@@ -338,10 +338,17 @@ main(int argc ATTR_UNUSED, char **argv ATTR_UNUSED)
args[narg++] = "1000";
}
- args[narg++] = LIBEXECDIR "/libvirt-sandbox-init-common";
+ args[narg++] = SANDBOXCONFIGDIR "/.libs/libvirt-sandbox-init-common";
if (debug)
args[narg++] = "-d";
+ if (setenv("LD_LIBRARY_PATH", SANDBOXCONFIGDIR "/.libs", 1) <
0) {
+ fprintf(stderr, "libvirt-sandbox-init-qemu: %s: cannot set LD_LIBRARY_PATH:
%s\n",
+ __func__, strerror(errno));
+ exit_poweroff();
+ }
+
+
if (debug)
fprintf(stderr, "libvirt-sandbox-init-qemu: Running common init %s\n",
args[0]);
execv(args[0], (char**)args);
We need to unsetenv() in init-common to clear the LD_LIBRARY_PATH setting
to prevent it being used by the user application too
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
6:44 p.m.
New subject: [libvirt] [sandbox v2 06/11] Remove init-common dependency on libvirt-sandbox.so
Removing this dependency avoids getting all libvirt.so dependencies
loaded in our container.
---
libvirt-sandbox/Makefile.am | 34 ++++++++----
libvirt-sandbox/libvirt-sandbox-config-all.h | 62 ++++++++++++++++++++++
libvirt-sandbox/libvirt-sandbox-config-disk.c | 2 +-
libvirt-sandbox/libvirt-sandbox-config-initrd.c | 2 +-
.../libvirt-sandbox-config-interactive.c | 2 +-
.../libvirt-sandbox-config-mount-file.c | 2 +-
.../libvirt-sandbox-config-mount-guest-bind.c | 2 +-
.../libvirt-sandbox-config-mount-host-bind.c | 2 +-
.../libvirt-sandbox-config-mount-host-image.c | 2 +-
libvirt-sandbox/libvirt-sandbox-config-mount-ram.c | 2 +-
libvirt-sandbox/libvirt-sandbox-config-mount.c | 2 +-
.../libvirt-sandbox-config-network-address.c | 2 +-
...rt-sandbox-config-network-filterref-parameter.c | 2 +-
.../libvirt-sandbox-config-network-filterref.c | 2 +-
.../libvirt-sandbox-config-network-route.c | 2 +-
libvirt-sandbox/libvirt-sandbox-config-network.c | 2 +-
.../libvirt-sandbox-config-service-generic.c | 2 +-
.../libvirt-sandbox-config-service-systemd.c | 2 +-
libvirt-sandbox/libvirt-sandbox-config-service.c | 2 +-
libvirt-sandbox/libvirt-sandbox-config.c | 2 +-
libvirt-sandbox/libvirt-sandbox-init-common.c | 5 +-
libvirt-sandbox/libvirt-sandbox-util.c | 2 +-
22 files changed, 105 insertions(+), 34 deletions(-)
create mode 100644 libvirt-sandbox/libvirt-sandbox-config-all.h
diff --git a/libvirt-sandbox/Makefile.am b/libvirt-sandbox/Makefile.am
index 1cd6ea3..7b3ea27 100644
--- a/libvirt-sandbox/Makefile.am
+++ b/libvirt-sandbox/Makefile.am
@@ -50,10 +50,7 @@ SANDBOX_RPC_FILES = \
libvirt-sandbox-rpcpacket.h \
$(NULL)
-SANDBOX_HEADER_FILES = \
- libvirt-sandbox.h \
- libvirt-sandbox-main.h \
- libvirt-sandbox-util.h \
+SANDBOX_CONFIG_HEADER_FILES = \
libvirt-sandbox-config.h \
libvirt-sandbox-config-disk.h \
libvirt-sandbox-config-network.h \
@@ -72,6 +69,12 @@ SANDBOX_HEADER_FILES = \
libvirt-sandbox-config-service.h \
libvirt-sandbox-config-service-systemd.h \
libvirt-sandbox-config-service-generic.h \
+ $(NULL)
+
+SANDBOX_HEADER_FILES = \
+ libvirt-sandbox.h \
+ libvirt-sandbox-main.h \
+ libvirt-sandbox-util.h \
libvirt-sandbox-builder.h \
libvirt-sandbox-builder-initrd.h \
libvirt-sandbox-builder-machine.h \
@@ -82,9 +85,10 @@ SANDBOX_HEADER_FILES = \
libvirt-sandbox-context.h \
libvirt-sandbox-context-interactive.h \
libvirt-sandbox-context-service.h \
+ $(SANDBOX_CONFIG_HEADER_FILES) \
$(NULL)
-SANDBOX_SOURCE_FILES = \
- libvirt-sandbox-main.c \
+
+SANDBOX_CONFIG_SOURCE_FILES = \
libvirt-sandbox-util.c \
libvirt-sandbox-config.c \
libvirt-sandbox-config-disk.c \
@@ -104,6 +108,10 @@ SANDBOX_SOURCE_FILES = \
libvirt-sandbox-config-service.c \
libvirt-sandbox-config-service-systemd.c \
libvirt-sandbox-config-service-generic.c \
+ $(NULL)
+
+SANDBOX_SOURCE_FILES = \
+ libvirt-sandbox-main.c \
libvirt-sandbox-builder.c \
libvirt-sandbox-builder-initrd.c \
libvirt-sandbox-builder-machine.c \
@@ -115,6 +123,8 @@ SANDBOX_SOURCE_FILES = \
libvirt-sandbox-context.c \
libvirt-sandbox-context-interactive.c \
libvirt-sandbox-context-service.c \
+ libvirt-sandbox-config-all.h \
+ $(SANDBOX_CONFIG_SOURCE_FILES) \
$(NULL)
libvirt_sandbox_1_0_ladir = $(includedir)/libvirt-sandbox-1.0/libvirt-sandbox
@@ -169,31 +179,33 @@ libvirt_sandbox_1_0_la_LDFLAGS = \
libvirt_sandbox_init_common_SOURCES = libvirt-sandbox-init-common.c \
$(SANDBOX_GENERATED_RPC_FILES) \
$(SANDBOX_RPC_FILES) \
+ $(SANDBOX_CONFIG_HEADER_FILES) \
+ $(SANDBOX_CONFIG_SOURCE_FILES) \
$(NULL)
libvirt_sandbox_init_common_CFLAGS = \
-DLIBEXECDIR="\"$(libexecdir)\"" \
-DSANDBOXCONFIGDIR="\"$(sandboxconfigdir)\"" \
-DLOCALEDIR="\"$(datadir)/locale"\" \
+ -DLIBVIRT_SANDBOX_BUILD \
$(COVERAGE_CFLAGS) \
-I$(top_srcdir) \
-I$(top_builddir) \
+ $(LIBVIRT_GCONFIG_CFLAGS) \
$(GIO_UNIX_CFLAGS) \
- $(LIBVIRT_GLIB_CFLAGS) \
- $(LIBVIRT_GOBJECT_CFLAGS) \
$(CAPNG_CFLAGS) \
+ $(SELINUX_CFLAGS) \
$(WARN_CFLAGS) \
$(NULL)
libvirt_sandbox_init_common_LDFLAGS = \
-lutil \
$(COVERAGE_CFLAGS:-f%=-Wc,f%) \
$(GIO_UNIX_LIBS) \
- $(LIBVIRT_GLIB_LIBS) \
- $(LIBVIRT_GOBJECT_LIBS) \
+ $(LIBVIRT_GCONFIG_LIBS) \
$(CAPNG_LIBS) \
+ $(SELINUX_LIBS) \
$(WARN_CFLAGS) \
$(NULL)
libvirt_sandbox_init_common_LDADD = \
- libvirt-sandbox-1.0.la \
$(NULL)
libvirt_sandbox_init_lxc_SOURCES = libvirt-sandbox-init-lxc.c
diff --git a/libvirt-sandbox/libvirt-sandbox-config-all.h
b/libvirt-sandbox/libvirt-sandbox-config-all.h
new file mode 100644
index 0000000..8cb25c4
--- /dev/null
+++ b/libvirt-sandbox/libvirt-sandbox-config-all.h
@@ -0,0 +1,62 @@
+/*
+ * libvirt-sandbox.h: libvirt sandbox integration
+[ *
+ * Copyright (C) 2010 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ *
+ * Author: Daniel P. Berrange <berrange(a)redhat.com>
+ */
+
+#ifndef __LIBVIRT_SANDBOX_CONFIG_ALL_H__
+#define __LIBVIRT_SANDBOX_CONFIG_ALL_H__
+
+/* External include */
+#include <libvirt-gconfig/libvirt-gconfig.h>
+#include <glib.h>
+#include <glib-object.h>
+#include <gio/gio.h>
+
+/* Local includes */
+#include <libvirt-sandbox/libvirt-sandbox-util.h>
+#include <libvirt-sandbox/libvirt-sandbox-config-disk.h>
+#include <libvirt-sandbox/libvirt-sandbox-config-mount.h>
+#include <libvirt-sandbox/libvirt-sandbox-config-mount-file.h>
+#include <libvirt-sandbox/libvirt-sandbox-config-mount-host-bind.h>
+#include <libvirt-sandbox/libvirt-sandbox-config-mount-host-image.h>
+#include <libvirt-sandbox/libvirt-sandbox-config-mount-guest-bind.h>
+#include <libvirt-sandbox/libvirt-sandbox-config-mount-ram.h>
+#include <libvirt-sandbox/libvirt-sandbox-config-network-address.h>
+#include <libvirt-sandbox/libvirt-sandbox-config-network-filterref-parameter.h>
+#include <libvirt-sandbox/libvirt-sandbox-config-network-filterref.h>
+#include <libvirt-sandbox/libvirt-sandbox-config-network-route.h>
+#include <libvirt-sandbox/libvirt-sandbox-config-network.h>
+#include <libvirt-sandbox/libvirt-sandbox-config.h>
+#include <libvirt-sandbox/libvirt-sandbox-config-initrd.h>
+#include <libvirt-sandbox/libvirt-sandbox-config-interactive.h>
+#include <libvirt-sandbox/libvirt-sandbox-config-service.h>
+#include <libvirt-sandbox/libvirt-sandbox-config-service-systemd.h>
+#include <libvirt-sandbox/libvirt-sandbox-config-service-generic.h>
+
+#endif /* __LIBVIRT_SANDBOX_CONFIG_ALL_H__ */
+
+/*
+ * Local variables:
+ * c-indent-level: 4
+ * c-basic-offset: 4
+ * indent-tabs-mode: nil
+ * tab-width: 8
+ * End:
+ */
diff --git a/libvirt-sandbox/libvirt-sandbox-config-disk.c
b/libvirt-sandbox/libvirt-sandbox-config-disk.c
index 0781714..9837735 100644
--- a/libvirt-sandbox/libvirt-sandbox-config-disk.c
+++ b/libvirt-sandbox/libvirt-sandbox-config-disk.c
@@ -23,7 +23,7 @@
#include <config.h>
#include <string.h>
-#include "libvirt-sandbox/libvirt-sandbox.h"
+#include "libvirt-sandbox/libvirt-sandbox-config-all.h"
/**
* SECTION: libvirt-sandbox-config-disk
diff --git a/libvirt-sandbox/libvirt-sandbox-config-initrd.c
b/libvirt-sandbox/libvirt-sandbox-config-initrd.c
index f272053..ed35c36 100644
--- a/libvirt-sandbox/libvirt-sandbox-config-initrd.c
+++ b/libvirt-sandbox/libvirt-sandbox-config-initrd.c
@@ -23,7 +23,7 @@
#include <config.h>
#include <string.h>
-#include "libvirt-sandbox/libvirt-sandbox.h"
+#include "libvirt-sandbox/libvirt-sandbox-config-all.h"
/**
* SECTION: libvirt-sandbox-config-initrd
diff --git a/libvirt-sandbox/libvirt-sandbox-config-interactive.c
b/libvirt-sandbox/libvirt-sandbox-config-interactive.c
index 82d9431..27b4c16 100644
--- a/libvirt-sandbox/libvirt-sandbox-config-interactive.c
+++ b/libvirt-sandbox/libvirt-sandbox-config-interactive.c
@@ -23,7 +23,7 @@
#include <config.h>
#include <string.h>
-#include "libvirt-sandbox/libvirt-sandbox.h"
+#include "libvirt-sandbox/libvirt-sandbox-config-all.h"
/**
* SECTION: libvirt-sandbox-config-interactive
diff --git a/libvirt-sandbox/libvirt-sandbox-config-mount-file.c
b/libvirt-sandbox/libvirt-sandbox-config-mount-file.c
index d6a3122..e53929f 100644
--- a/libvirt-sandbox/libvirt-sandbox-config-mount-file.c
+++ b/libvirt-sandbox/libvirt-sandbox-config-mount-file.c
@@ -23,7 +23,7 @@
#include <config.h>
#include <string.h>
-#include "libvirt-sandbox/libvirt-sandbox.h"
+#include "libvirt-sandbox/libvirt-sandbox-config-all.h"
/**
* SECTION: libvirt-sandbox-config-mount-file
diff --git a/libvirt-sandbox/libvirt-sandbox-config-mount-guest-bind.c
b/libvirt-sandbox/libvirt-sandbox-config-mount-guest-bind.c
index 5b3b87f..061f625 100644
--- a/libvirt-sandbox/libvirt-sandbox-config-mount-guest-bind.c
+++ b/libvirt-sandbox/libvirt-sandbox-config-mount-guest-bind.c
@@ -23,7 +23,7 @@
#include <config.h>
#include <string.h>
-#include "libvirt-sandbox/libvirt-sandbox.h"
+#include "libvirt-sandbox/libvirt-sandbox-config-all.h"
/**
* SECTION: libvirt-sandbox-config-mount-guest-bind
diff --git a/libvirt-sandbox/libvirt-sandbox-config-mount-host-bind.c
b/libvirt-sandbox/libvirt-sandbox-config-mount-host-bind.c
index d65f51f..c0c911b 100644
--- a/libvirt-sandbox/libvirt-sandbox-config-mount-host-bind.c
+++ b/libvirt-sandbox/libvirt-sandbox-config-mount-host-bind.c
@@ -23,7 +23,7 @@
#include <config.h>
#include <string.h>
-#include "libvirt-sandbox/libvirt-sandbox.h"
+#include "libvirt-sandbox/libvirt-sandbox-config-all.h"
/**
* SECTION: libvirt-sandbox-config-mount-host-bind
diff --git a/libvirt-sandbox/libvirt-sandbox-config-mount-host-image.c
b/libvirt-sandbox/libvirt-sandbox-config-mount-host-image.c
index 37573ef..cf7ce49 100644
--- a/libvirt-sandbox/libvirt-sandbox-config-mount-host-image.c
+++ b/libvirt-sandbox/libvirt-sandbox-config-mount-host-image.c
@@ -23,7 +23,7 @@
#include <config.h>
#include <string.h>
-#include "libvirt-sandbox/libvirt-sandbox.h"
+#include "libvirt-sandbox/libvirt-sandbox-config-all.h"
/**
* SECTION: libvirt-sandbox-config-mount-image
diff --git a/libvirt-sandbox/libvirt-sandbox-config-mount-ram.c
b/libvirt-sandbox/libvirt-sandbox-config-mount-ram.c
index f4ad6e2..1e0c352 100644
--- a/libvirt-sandbox/libvirt-sandbox-config-mount-ram.c
+++ b/libvirt-sandbox/libvirt-sandbox-config-mount-ram.c
@@ -23,7 +23,7 @@
#include <config.h>
#include <string.h>
-#include "libvirt-sandbox/libvirt-sandbox.h"
+#include "libvirt-sandbox/libvirt-sandbox-config-all.h"
/**
* SECTION: libvirt-sandbox-config-mount-ram
diff --git a/libvirt-sandbox/libvirt-sandbox-config-mount.c
b/libvirt-sandbox/libvirt-sandbox-config-mount.c
index b84199e..21a8684 100644
--- a/libvirt-sandbox/libvirt-sandbox-config-mount.c
+++ b/libvirt-sandbox/libvirt-sandbox-config-mount.c
@@ -23,7 +23,7 @@
#include <config.h>
#include <string.h>
-#include "libvirt-sandbox/libvirt-sandbox.h"
+#include "libvirt-sandbox/libvirt-sandbox-config-all.h"
/**
* SECTION: libvirt-sandbox-config-mount
diff --git a/libvirt-sandbox/libvirt-sandbox-config-network-address.c
b/libvirt-sandbox/libvirt-sandbox-config-network-address.c
index b2e58dc..68b0268 100644
--- a/libvirt-sandbox/libvirt-sandbox-config-network-address.c
+++ b/libvirt-sandbox/libvirt-sandbox-config-network-address.c
@@ -23,7 +23,7 @@
#include <config.h>
#include <string.h>
-#include "libvirt-sandbox/libvirt-sandbox.h"
+#include "libvirt-sandbox/libvirt-sandbox-config-all.h"
/**
* SECTION: libvirt-sandbox-config-network_address
diff --git a/libvirt-sandbox/libvirt-sandbox-config-network-filterref-parameter.c
b/libvirt-sandbox/libvirt-sandbox-config-network-filterref-parameter.c
index 5086ac6..2807b4f 100644
--- a/libvirt-sandbox/libvirt-sandbox-config-network-filterref-parameter.c
+++ b/libvirt-sandbox/libvirt-sandbox-config-network-filterref-parameter.c
@@ -23,7 +23,7 @@
#include <config.h>
#include <string.h>
-#include "libvirt-sandbox/libvirt-sandbox.h"
+#include "libvirt-sandbox/libvirt-sandbox-config-all.h"
/**
* SECTION: libvirt-sandbox-config-network-filterref-parameter
diff --git a/libvirt-sandbox/libvirt-sandbox-config-network-filterref.c
b/libvirt-sandbox/libvirt-sandbox-config-network-filterref.c
index c0c8e01..1770c0b 100644
--- a/libvirt-sandbox/libvirt-sandbox-config-network-filterref.c
+++ b/libvirt-sandbox/libvirt-sandbox-config-network-filterref.c
@@ -24,7 +24,7 @@
#include <config.h>
#include <string.h>
-#include "libvirt-sandbox/libvirt-sandbox.h"
+#include "libvirt-sandbox/libvirt-sandbox-config-all.h"
/**
* SECTION: libvirt-sandbox-config-network-filterref
diff --git a/libvirt-sandbox/libvirt-sandbox-config-network-route.c
b/libvirt-sandbox/libvirt-sandbox-config-network-route.c
index 311b2e7..1664d18 100644
--- a/libvirt-sandbox/libvirt-sandbox-config-network-route.c
+++ b/libvirt-sandbox/libvirt-sandbox-config-network-route.c
@@ -23,7 +23,7 @@
#include <config.h>
#include <string.h>
-#include "libvirt-sandbox/libvirt-sandbox.h"
+#include "libvirt-sandbox/libvirt-sandbox-config-all.h"
/**
* SECTION: libvirt-sandbox-config-network_route
diff --git a/libvirt-sandbox/libvirt-sandbox-config-network.c
b/libvirt-sandbox/libvirt-sandbox-config-network.c
index 2bb55bf..df21700 100644
--- a/libvirt-sandbox/libvirt-sandbox-config-network.c
+++ b/libvirt-sandbox/libvirt-sandbox-config-network.c
@@ -23,7 +23,7 @@
#include <config.h>
#include <string.h>
-#include "libvirt-sandbox/libvirt-sandbox.h"
+#include "libvirt-sandbox/libvirt-sandbox-config-all.h"
/**
* SECTION: libvirt-sandbox-config-network
diff --git a/libvirt-sandbox/libvirt-sandbox-config-service-generic.c
b/libvirt-sandbox/libvirt-sandbox-config-service-generic.c
index a9e8858..d1118c2 100644
--- a/libvirt-sandbox/libvirt-sandbox-config-service-generic.c
+++ b/libvirt-sandbox/libvirt-sandbox-config-service-generic.c
@@ -23,7 +23,7 @@
#include <config.h>
#include <string.h>
-#include "libvirt-sandbox/libvirt-sandbox.h"
+#include "libvirt-sandbox/libvirt-sandbox-config-all.h"
/**
* SECTION: libvirt-sandbox-config-service-generic
diff --git a/libvirt-sandbox/libvirt-sandbox-config-service-systemd.c
b/libvirt-sandbox/libvirt-sandbox-config-service-systemd.c
index 8436a25..dc2e4a5 100644
--- a/libvirt-sandbox/libvirt-sandbox-config-service-systemd.c
+++ b/libvirt-sandbox/libvirt-sandbox-config-service-systemd.c
@@ -23,7 +23,7 @@
#include <config.h>
#include <string.h>
-#include "libvirt-sandbox/libvirt-sandbox.h"
+#include "libvirt-sandbox/libvirt-sandbox-config-all.h"
/**
* SECTION: libvirt-sandbox-config-service-systemd
diff --git a/libvirt-sandbox/libvirt-sandbox-config-service.c
b/libvirt-sandbox/libvirt-sandbox-config-service.c
index a99f42a..388ec63 100644
--- a/libvirt-sandbox/libvirt-sandbox-config-service.c
+++ b/libvirt-sandbox/libvirt-sandbox-config-service.c
@@ -23,7 +23,7 @@
#include <config.h>
#include <string.h>
-#include "libvirt-sandbox/libvirt-sandbox.h"
+#include "libvirt-sandbox/libvirt-sandbox-config-all.h"
/**
* SECTION: libvirt-sandbox-config-service
diff --git a/libvirt-sandbox/libvirt-sandbox-config.c
b/libvirt-sandbox/libvirt-sandbox-config.c
index 6057213..b9c13a7 100644
--- a/libvirt-sandbox/libvirt-sandbox-config.c
+++ b/libvirt-sandbox/libvirt-sandbox-config.c
@@ -26,7 +26,7 @@
#include <glib/gi18n.h>
-#include "libvirt-sandbox/libvirt-sandbox.h"
+#include "libvirt-sandbox/libvirt-sandbox-config-all.h"
#include "libvirt-sandbox/libvirt-sandbox-util.h"
#include <errno.h>
#include <selinux/selinux.h>
diff --git a/libvirt-sandbox/libvirt-sandbox-init-common.c
b/libvirt-sandbox/libvirt-sandbox-init-common.c
index 27c2924..1652ff2 100644
--- a/libvirt-sandbox/libvirt-sandbox-init-common.c
+++ b/libvirt-sandbox/libvirt-sandbox-init-common.c
@@ -22,7 +22,7 @@
#include <config.h>
-#include <libvirt-sandbox/libvirt-sandbox.h>
+#include <libvirt-sandbox/libvirt-sandbox-config-all.h>
#include <glib/gi18n.h>
#include <stdio.h>
@@ -1225,9 +1225,6 @@ int main(int argc, char **argv) {
exit(EXIT_FAILURE);
}
- if (!gvir_sandbox_init_check(&argc, &argv, &error))
- exit(EXIT_FAILURE);
-
g_set_application_name(_("Libvirt Sandbox Init Common"));
context = g_option_context_new (_("- Libvirt Sandbox"));
diff --git a/libvirt-sandbox/libvirt-sandbox-util.c
b/libvirt-sandbox/libvirt-sandbox-util.c
index 07a2287..6385291 100644
--- a/libvirt-sandbox/libvirt-sandbox-util.c
+++ b/libvirt-sandbox/libvirt-sandbox-util.c
@@ -25,7 +25,7 @@
#include <errno.h>
#include <glib/gi18n.h>
-#include "libvirt-sandbox/libvirt-sandbox.h"
+#include "libvirt-sandbox/libvirt-sandbox-config-all.h"
#define GVIR_SANDBOX_UTIL_ERROR gvir_sandbox_util_error_quark()
--
2.1.4
6:44 p.m.
New subject: [libvirt] [sandbox v2 07/11] init-qemu: extract the mounts.cfg ntry mounting code
Create a mount_entry function from the code mounting the entries
defined in mounts.cfg in order to be able to reuse that code. This will
later be useful to mount a / from mounts.cfg.
---
libvirt-sandbox/libvirt-sandbox-init-qemu.c | 63 ++++++++++++++++-------------
1 file changed, 36 insertions(+), 27 deletions(-)
diff --git a/libvirt-sandbox/libvirt-sandbox-init-qemu.c
b/libvirt-sandbox/libvirt-sandbox-init-qemu.c
index 62e8e40..4a3883d 100644
--- a/libvirt-sandbox/libvirt-sandbox-init-qemu.c
+++ b/libvirt-sandbox/libvirt-sandbox-init-qemu.c
@@ -181,6 +181,41 @@ mount_9pfs(const char *src, const char *dst, int mode, int readonly)
}
+static void
+mount_entry(const char *source,
+ const char *target,
+ const char *type,
+ const char * opts)
+{
+ int flags = 0;
+
+ if (STREQ(type, "")) {
+ struct stat st;
+ type = NULL;
+ flags |= MS_BIND;
+ if (stat(source, &st) < 0) {
+ fprintf(stderr, "libvirt-sandbox-init-qemu: %s: cannot read mount source
%s: %s\n",
+ __func__, source, strerror(errno));
+ exit_poweroff();
+ }
+ if (S_ISDIR(st.st_mode))
+ mount_mkdir(target, 755);
+ else
+ mount_mkfile(target, 644);
+ } else {
+ if (STREQ(type, "tmpfs"))
+ flags |= MS_NOSUID | MS_NODEV;
+
+ mount_mkdir(target, 0755);
+ }
+
+ if (mount(source, target, type, flags, opts) < 0) {
+ fprintf(stderr, "libvirt-sandbox-init-qemu: %s: cannot mount %s on %s (%s,
%s): %s\n",
+ __func__, source, target, type, opts, strerror(errno));
+ exit_poweroff();
+ }
+}
+
int
main(int argc ATTR_UNUSED, char **argv ATTR_UNUSED)
{
@@ -278,38 +313,12 @@ main(int argc ATTR_UNUSED, char **argv ATTR_UNUSED)
opts++;
char *tmp = strchr(opts, '\n');
*tmp = '\0';
- int flags = 0;
if (debug)
fprintf(stderr, "libvirt-sandbox-init-qemu: %s: %s -> %s (%s,
%s)\n",
__func__, source, target, type, opts);
-
- if (STREQ(type, "")) {
- struct stat st;
- type = NULL;
- flags |= MS_BIND;
- if (stat(source, &st) < 0) {
- fprintf(stderr, "libvirt-sandbox-init-qemu: %s: cannot read mount
source %s: %s\n",
- __func__, source, strerror(errno));
- exit_poweroff();
- }
- if (S_ISDIR(st.st_mode))
- mount_mkdir(target, 755);
- else
- mount_mkfile(target, 644);
- } else {
- if (STREQ(type, "tmpfs"))
- flags |= MS_NOSUID | MS_NODEV;
-
- mount_mkdir(target, 0755);
- }
-
- if (mount(source, target, type, flags, opts) < 0) {
- fprintf(stderr, "libvirt-sandbox-init-qemu: %s: cannot mount %s on %s
(%s, %s): %s\n",
- __func__, source, target, type, opts, strerror(errno));
- exit_poweroff();
- }
+ mount_entry(source, target, type, opts);
}
fclose(fp);
--
2.1.4
6:44 p.m.
New subject: [libvirt] [sandbox v2 08/11] qemu: use mounts targeting / as root
So far a mount with / as target doesn't change anything: the host / is
still the one mounted as /. libvirt-sandbox-init-qemu now detects the
presence of a / target in mounts.cfg and mounts it instead of
sandbox:root.
---
libvirt-sandbox/libvirt-sandbox-init-qemu.c | 79 ++++++++++++++++++++++++++++-
1 file changed, 77 insertions(+), 2 deletions(-)
diff --git a/libvirt-sandbox/libvirt-sandbox-init-qemu.c
b/libvirt-sandbox/libvirt-sandbox-init-qemu.c
index 4a3883d..09580da 100644
--- a/libvirt-sandbox/libvirt-sandbox-init-qemu.c
+++ b/libvirt-sandbox/libvirt-sandbox-init-qemu.c
@@ -52,6 +52,7 @@
#define ATTR_UNUSED __attribute__((__unused__))
#define STREQ(x,y) (strcmp(x,y) == 0)
+#define STRNEQ(x,y) (strcmp(x,y) != 0)
static void print_uptime (void);
static void insmod (const char *filename);
@@ -216,6 +217,79 @@ mount_entry(const char *source,
}
}
+static void
+mount_root(const char *path)
+{
+ int foundRoot = 0;
+
+ /* Loop over mounts.cfg to see if we have a candidate for / */
+ mount_mkdir(SANDBOXCONFIGDIR, 0755);
+ mount_9pfs("sandbox:config", SANDBOXCONFIGDIR, 0755, 1);
+
+ FILE *fp = fopen(SANDBOXCONFIGDIR "/mounts.cfg", "r");
+ while (fgets(line, sizeof line, fp) && !foundRoot) {
+ char *source = line;
+ char *target = strchr(source, '\t');
+ *target = '\0';
+ target++;
+ char *type = strchr(target, '\t');
+ *type = '\0';
+ type++;
+ char *opts = strchr(type, '\t');
+ *opts = '\0';
+ opts++;
+ char *tmp = strchr(opts, '\n');
+ *tmp = '\0';
+
+ if (STREQ(target, "/")) {
+ int needsDev = strncmp(source, "/dev/", 5) == 0;
+
+ if (debug)
+ fprintf(stderr, "libvirt-sandbox-init-qemu: found root from
%s\n",
+ source);
+
+ /* In this case, we need to have a /dev before the chroot */
+ if (needsDev) {
+ mount_other("/proc", "proc", 0755);
+ mount_other("/dev", "devtmpfs", 0755);
+ }
+
+ mount_entry(source, path, type, opts);
+
+ if (needsDev) {
+ if (umount("/dev") < 0) {
+ fprintf(stderr,
+ "libvirt-sandbox-init-qemu: %s: "
+ "cannot unmount temporary /dev: %s\n",
+ __func__, strerror(errno));
+ exit_poweroff();
+ }
+ if (umount("/proc") < 0) {
+ fprintf(stderr,
+ "libvirt-sandbox-init-qemu: %s: "
+ "cannot unmount temporary /proc: %s\n",
+ __func__, strerror(errno));
+ exit_poweroff();
+ }
+ }
+ foundRoot = 1;
+ }
+ }
+ fclose(fp);
+
+ if (umount(SANDBOXCONFIGDIR) < 0) {
+ fprintf(stderr,
+ "libvirt-sandbox-init-qemu: %s: "
+ "cannot unmount temporary %s: %s\n",
+ __func__, SANDBOXCONFIGDIR, strerror(errno));
+ exit_poweroff();
+ }
+
+ /* If we couldn't get a / in the mounts, then use the host one */
+ if (!foundRoot)
+ mount_9pfs("sandbox:root", path, 0755, 1);
+}
+
int
main(int argc ATTR_UNUSED, char **argv ATTR_UNUSED)
{
@@ -259,7 +333,7 @@ main(int argc ATTR_UNUSED, char **argv ATTR_UNUSED)
if (debug)
fprintf(stderr, "libvirt-sandbox-init-qemu: mounting new root on
/tmproot\n");
- mount_9pfs("sandbox:root", "/tmproot", 0755, 1);
+ mount_root("/tmproot");
/* Note that pivot_root won't work. See the note in
* Documentation/filesystems/ramfs-rootfs-initramfs.txt
@@ -318,7 +392,8 @@ main(int argc ATTR_UNUSED, char **argv ATTR_UNUSED)
fprintf(stderr, "libvirt-sandbox-init-qemu: %s: %s -> %s (%s,
%s)\n",
__func__, source, target, type, opts);
- mount_entry(source, target, type, opts);
+ if (STRNEQ(target, "/"))
+ mount_entry(source, target, type, opts);
}
fclose(fp);
--
2.1.4
6:44 p.m.
New subject: [libvirt] [sandbox v2 09/11] Add function to check if there is a mount with / target
gvir_sandbox_config_has_root_mount is a convenience function to check
if there is a mount with target '/'
---
libvirt-sandbox/libvirt-sandbox-config.c | 21 +++++++++++++++++++++
libvirt-sandbox/libvirt-sandbox-config.h | 1 +
libvirt-sandbox/libvirt-sandbox.sym | 1 +
3 files changed, 23 insertions(+)
diff --git a/libvirt-sandbox/libvirt-sandbox-config.c
b/libvirt-sandbox/libvirt-sandbox-config.c
index b9c13a7..2506072 100644
--- a/libvirt-sandbox/libvirt-sandbox-config.c
+++ b/libvirt-sandbox/libvirt-sandbox-config.c
@@ -1561,6 +1561,27 @@ gboolean gvir_sandbox_config_has_mounts_with_type(GVirSandboxConfig
*config,
}
+gboolean gvir_sandbox_config_has_root_mount(GVirSandboxConfig *config)
+{
+ GList *tmp = NULL, *mounts = NULL;
+ gboolean hasRoot = FALSE;
+
+ tmp = mounts = gvir_sandbox_config_get_mounts(config);
+ while (tmp && !hasRoot) {
+ const gchar *target;
+ GVirSandboxConfigMount *mount = GVIR_SANDBOX_CONFIG_MOUNT(tmp->data);
+ target = gvir_sandbox_config_mount_get_target(mount);
+ if (g_str_equal(target, "/"))
+ hasRoot = TRUE;
+ tmp = tmp->next;
+ }
+ g_list_foreach(mounts, (GFunc)g_object_unref, NULL);
+ g_list_free(mounts);
+
+ return hasRoot;
+}
+
+
/**
diff --git a/libvirt-sandbox/libvirt-sandbox-config.h
b/libvirt-sandbox/libvirt-sandbox-config.h
index ebbebf2..2c5f0a6 100644
--- a/libvirt-sandbox/libvirt-sandbox-config.h
+++ b/libvirt-sandbox/libvirt-sandbox-config.h
@@ -150,6 +150,7 @@ gboolean gvir_sandbox_config_add_mount_strv(GVirSandboxConfig
*config,
gboolean gvir_sandbox_config_has_mounts(GVirSandboxConfig *config);
gboolean gvir_sandbox_config_has_mounts_with_type(GVirSandboxConfig *config,
GType type);
+gboolean gvir_sandbox_config_has_root_mount(GVirSandboxConfig *config);
gboolean gvir_sandbox_config_add_host_include_strv(GVirSandboxConfig *config,
gchar **includes,
diff --git a/libvirt-sandbox/libvirt-sandbox.sym b/libvirt-sandbox/libvirt-sandbox.sym
index e5f8660..65b0db5 100644
--- a/libvirt-sandbox/libvirt-sandbox.sym
+++ b/libvirt-sandbox/libvirt-sandbox.sym
@@ -212,6 +212,7 @@ LIBVIRT_SANDBOX_0.2.1 {
LIBVIRT_SANDBOX_0.5.2 {
global:
+ gvir_sandbox_config_has_root_mount;
gvir_sandbox_config_mount_guest_bind_get_format;
gvir_sandbox_config_add_disk;
gvir_sandbox_config_add_disk_strv;
--
2.1.4
6:44 p.m.
New subject: [libvirt] [sandbox v2 10/11] Don't add sandbox:root device if we have a mount targetting /
There is no need to expose the host file system if the user defined a
mount targetting /
---
libvirt-sandbox/libvirt-sandbox-builder-machine.c | 22 ++++++++++++----------
1 file changed, 12 insertions(+), 10 deletions(-)
diff --git a/libvirt-sandbox/libvirt-sandbox-builder-machine.c
b/libvirt-sandbox/libvirt-sandbox-builder-machine.c
index 74ef852..4cbd566 100644
--- a/libvirt-sandbox/libvirt-sandbox-builder-machine.c
+++ b/libvirt-sandbox/libvirt-sandbox-builder-machine.c
@@ -515,17 +515,19 @@ static gboolean
gvir_sandbox_builder_machine_construct_devices(GVirSandboxBuilde
construct_devices(builder, config, statedir, domain, error))
goto cleanup;
- fs = gvir_config_domain_filesys_new();
- gvir_config_domain_filesys_set_type(fs, GVIR_CONFIG_DOMAIN_FILESYS_MOUNT);
- gvir_config_domain_filesys_set_access_type(fs,
GVIR_CONFIG_DOMAIN_FILESYS_ACCESS_SQUASH);
- gvir_config_domain_filesys_set_source(fs,
- gvir_sandbox_config_get_root(config));
- gvir_config_domain_filesys_set_target(fs, "sandbox:root");
- gvir_config_domain_filesys_set_readonly(fs, TRUE);
+ if (!gvir_sandbox_config_has_root_mount(config)) {
+ fs = gvir_config_domain_filesys_new();
+ gvir_config_domain_filesys_set_type(fs, GVIR_CONFIG_DOMAIN_FILESYS_MOUNT);
+ gvir_config_domain_filesys_set_access_type(fs,
GVIR_CONFIG_DOMAIN_FILESYS_ACCESS_SQUASH);
+ gvir_config_domain_filesys_set_source(fs,
+ gvir_sandbox_config_get_root(config));
+ gvir_config_domain_filesys_set_target(fs, "sandbox:root");
+ gvir_config_domain_filesys_set_readonly(fs, TRUE);
- gvir_config_domain_add_device(domain,
- GVIR_CONFIG_DOMAIN_DEVICE(fs));
- g_object_unref(fs);
+ gvir_config_domain_add_device(domain,
+ GVIR_CONFIG_DOMAIN_DEVICE(fs));
+ g_object_unref(fs);
+ }
fs = gvir_config_domain_filesys_new();
--
2.1.4
6:44 p.m.
New subject: [libvirt] [sandbox v2 11/11] container builder: don't expose host rootfs if unneeded
If the user defined a mount targeting / don't add the host / as mount
to /.
---
.../libvirt-sandbox-builder-container.c | 22 ++++++++++++----------
1 file changed, 12 insertions(+), 10 deletions(-)
diff --git a/libvirt-sandbox/libvirt-sandbox-builder-container.c
b/libvirt-sandbox/libvirt-sandbox-builder-container.c
index d226d35..66e1fc6 100644
--- a/libvirt-sandbox/libvirt-sandbox-builder-container.c
+++ b/libvirt-sandbox/libvirt-sandbox-builder-container.c
@@ -256,17 +256,19 @@ static gboolean
gvir_sandbox_builder_container_construct_devices(GVirSandboxBuil
g_list_free(disks);
- fs = gvir_config_domain_filesys_new();
- gvir_config_domain_filesys_set_type(fs, GVIR_CONFIG_DOMAIN_FILESYS_MOUNT);
- gvir_config_domain_filesys_set_access_type(fs,
GVIR_CONFIG_DOMAIN_FILESYS_ACCESS_PASSTHROUGH);
- gvir_config_domain_filesys_set_source(fs,
- gvir_sandbox_config_get_root(config));
- gvir_config_domain_filesys_set_target(fs, "/");
- gvir_config_domain_filesys_set_readonly(fs, TRUE);
+ if (!gvir_sandbox_config_has_root_mount(config)) {
+ fs = gvir_config_domain_filesys_new();
+ gvir_config_domain_filesys_set_type(fs, GVIR_CONFIG_DOMAIN_FILESYS_MOUNT);
+ gvir_config_domain_filesys_set_access_type(fs,
GVIR_CONFIG_DOMAIN_FILESYS_ACCESS_PASSTHROUGH);
+ gvir_config_domain_filesys_set_source(fs,
+ gvir_sandbox_config_get_root(config));
+ gvir_config_domain_filesys_set_target(fs, "/");
+ gvir_config_domain_filesys_set_readonly(fs, TRUE);
- gvir_config_domain_add_device(domain,
- GVIR_CONFIG_DOMAIN_DEVICE(fs));
- g_object_unref(fs);
+ gvir_config_domain_add_device(domain,
+ GVIR_CONFIG_DOMAIN_DEVICE(fs));
+ g_object_unref(fs);
+ }
--
2.1.4
6:01 p.m.
New subject: [libvirt] [sandbox v2 00/11] Actually use host-image mounts on /
On Mon, Jun 29, 2015 at 06:44:08PM +0200, Cédric Bosdonnat wrote:
Hi all,
In the virt-sandbox documentation we had examples with host-image mounts
targetting /. However the / in the sandbox was still the host one. The
main goal of this patch series is to fix that problem. This will also
be needed to run docker container with libvirt-sandbox.
I also added some configure flags to disable lzma or zlib support at
build time. At least opensuse 13.2 doesn't have static lzma.
So, I've actually tested this series successfully now and it works
fine in the common case, so I've pushed it with the couple of fixes
I mentioned inline.
As discussed on IRC we still have an issue with using older distros
for the root filesystem, due to some glib/ld-linux compatibility
issues.
I'll work on a fix for that now...
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
3370
days inactive
3371
days old
15 comments
2 participants
participants (2)
-
Cédric Bosdonnat -
Daniel P. Berrange