12.11.2015 17:11, Andrey Ryabinin пишет:
On 11/12/2015 07:08 PM, Stanislav Kinsburskiy wrote:
12.11.2015 16:47, Andrey Ryabinin пишет:
On 11/12/2015 05:59 PM, Stanislav Kinsburskiy wrote:
12.11.2015 15:53, Andrey Wagin пишет:
2015-11-12 17:46 GMT+03:00 Stanislav Kinsburskiу <[email protected]>:
12 нояб. 2015 г. 15:14 пользователь Andrey Ryabinin <[email protected]>
написал:
CRIU sends SIGKILL to container's init process as a part of
cleanup process if restoring failed.
CRIU does this from a different ve, which is currently not allowed
without any apparent reason.
The reason looks very clear to me: improve namespaces isolation.
It espesially applies to killing child reaper of another ve.
You throwed away this check, and now it's possible to kill one container from
another one.
Or I'm missing somethig?
Each container has its own pidns, so you can't kill anyone who isn't
in this pidns.
So how CRIU sends kill signal from one ve to another then?
AFAIK, CRIU creates it's own ve namespace, but it still operates in root pid
namespace.
Hmm, ok.
Then nothing against this patch.
The only thing I'm curios: for how long we have this patch? Pid namespaces are
used in OpenVZ for at least last 6 years (probably more).
When this checks appeared? Maybe there was another reason, which is just not
obvious so far?
I suspect that it was just blindly ported from 2.6:
commit fd3207d650434ac82f2c897cadd5607e67f2c274
Author: Kirill Tkhai <[email protected]>
Date: Fri Oct 10 19:35:02 2014 +0400
ve: Ignore signals from wrong ve
Port sig_ve_ignored().
This is a part of 74-diff-ve-mix-combined.
https://jira.sw.ru/browse/PSBM-17903
Signed-off-by: Kirill Tkhai <[email protected]>
That's for sure.
My question was about origins of this patch.
Thanks to Vasiliy:
RCS file:
/cvs/Virtuozzo/kernel-patches/2.6.18-rhel5/diff-ve-init-signals-20070514,v
Working file: diff-ve-init-signals-20070514
head: 1.1
branch:
locks: strict
access list:
symbolic names:
keyword substitution: o
total revisions: 1; selected revisions: 1
description:
----------------------------
revision 1.1
date: 2007/05/18 13:24:17; author: dev; state: Exp;
Patch from Denis Lunev <[email protected]>
[VE] VE init signal delivery reworked to be similar to host
Prevent VE init from receiving unexpected signals sent from VE
including fatal ones. Signals sent from VE0 are still allowed,
e.g. for fast VE stop.
Fix for sys_reboot called from VE to force VE death
(SIGKILL is sent in the context of VE).
http://bugzilla.openvz.org/show_bug.cgi?id=533
Are you sure, that you are not braking the logic, this patch introduced
in past?
_______________________________________________
Devel mailing list
[email protected]
https://lists.openvz.org/mailman/listinfo/devel
