The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxc/pull/1708
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
Some devices like LVM or cryptsetup entries have no stable major/minor, changing between host reboots.
In this case, hardcoded numbers are not usable in config file and there is currently no way to use hook with lxc-device to do the link at guest startup :
* `pre-start`/`autodev` hook runs in host context but has the guest in stopped state and so lxc-device not usable
* `start` hook is in running state but runs in guest context and so lxc-device not available
This patch converts fullpath in lxc.devices.allow to current major/minor numbers to address those changing numbers.
Signed-off-by: aeris <[email protected]>
From 6d35f4fd1de5d0cd1a47bef68f10efe739dd4a97 Mon Sep 17 00:00:00 2001
From: aeris <[email protected]>
Date: Wed, 19 Jul 2017 17:21:24 +0200
Subject: [PATCH] Allow full path in lxc.devices.allow
Some devices like LVM or cryptsetup entries have no stable major/minor,
changing between host reboots.
In this case, hardcoded numbers are not usable in config file and there is
currently no way to use hook with lxc-device to do the link at guest startup :
* `pre-start`/`autodev` hook runs in host context but has the guest in
stopped state and so lxc-device not usable
* `start` hook is in running state but runs in guest context and so
lxc-device not available
This patch converts fullpath in lxc.devices.allow to current major/minor
numbers to address those changing numbers.
Signed-off-by: aeris <[email protected]>
---
src/lxc/cgroups/cgfsng.c | 53 ++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 53 insertions(+)
diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c
index 1192d575f..fb388d908 100644
--- a/src/lxc/cgroups/cgfsng.c
+++ b/src/lxc/cgroups/cgfsng.c
@@ -47,6 +47,9 @@
#include <unistd.h>
#include <sys/types.h>
+#include <linux/types.h>
+#include <linux/kdev_t.h>
+
#include "bdev.h"
#include "cgroup.h"
#include "commands.h"
@@ -1927,12 +1930,62 @@ static int lxc_cgroup_set_data(const char *filename,
const char *value, struct c
char *subsystem = NULL, *p;
int ret = -1;
struct hierarchy *h;
+ char converted_value[50];
subsystem = alloca(strlen(filename) + 1);
strcpy(subsystem, filename);
if ((p = strchr(subsystem, '.')) != NULL)
*p = '\0';
+ if (strcmp("devices.allow", filename) == 0 && value[0] == '/') {
+ char *saveptr = NULL;
+ size_t n_parts = 0;
+ char *to_split = strdup(value);
+ while (strtok_r(n_parts ? NULL : to_split, " ", &saveptr) !=
NULL) {
+ ++n_parts;
+ }
+ free(to_split);
+
+ if (n_parts == 2) {
+ char **parts = malloc(sizeof(char*) * n_parts);
+ char *to_split = strdup(value);
+ size_t i;
+ for (i = 0; i < n_parts; ++i) {
+ char *part = strtok_r(i ? NULL : to_split, " ",
&saveptr);
+ parts[i] = strdup(part);
+ }
+ free(to_split);
+
+ const char *path = parts[0];
+ const char *mode = parts[1];
+
+ struct stat sb;
+ stat(path, &sb);
+ dev_t dev = sb.st_rdev;
+
+ char type = 0;
+ switch (sb.st_mode & S_IFMT) {
+ case S_IFBLK:
+ type = 'b';
+ break;
+ case S_IFCHR:
+ type = 'c';
+ break;
+ }
+
+ if (!snprintf(converted_value, 50, "%c %lu:%lu %s",
type,
+ MAJOR(dev), MINOR(dev), mode)) {
+ }
+
+ for (i = 0; i < n_parts; ++i) {
+ free(parts[i]);
+ }
+ free(parts);
+ }
+ } else {
+ strcpy(converted_value, value);
+ }
+
h = get_hierarchy(subsystem);
if (h) {
char *fullpath = must_make_path(h->fullcgpath, filename, NULL);
_______________________________________________
lxc-devel mailing list
[email protected]
http://lists.linuxcontainers.org/listinfo/lxc-devel
