[lxc-devel] [lxc/master] start: reap intermediate process

[brauner on Github]

The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxc/pull/2049

This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.

=== Description (from pull-request) ===
When we inherit namespaces we need to reap the attaching process.

Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>

From 4e2324665201b97132a6e96739f6be94c838a233 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brau...@ubuntu.com>
Date: Mon, 18 Dec 2017 14:08:02 +0100
Subject: [PATCH] start: reap intermediate process

When we inherit namespaces we need to reap the attaching process.

Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
---
 src/lxc/error.h |  2 ++
 src/lxc/start.c | 24 +++++++++++++++++++-----
 2 files changed, 21 insertions(+), 5 deletions(-)

diff --git a/src/lxc/error.h b/src/lxc/error.h
index d5d60de0f..6fe474a13 100644
--- a/src/lxc/error.h
+++ b/src/lxc/error.h
@@ -23,6 +23,8 @@
 #ifndef __LXC_ERROR_H
 #define __LXC_ERROR_H
 
+#define LXC_CLONE_ERROR "Failed to clone a new set of namespaces"
+
 extern int  lxc_error_set_and_log(int pid, int status);
 
 #endif
diff --git a/src/lxc/start.c b/src/lxc/start.c
index e17507606..c53d43656 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -1399,14 +1399,28 @@ static int lxc_spawn(struct lxc_handler *handler)
        /* The cgroup namespace gets unshare()ed not clone()ed. */
        handler->on_clone_flags &= ~CLONE_NEWCGROUP;
 
-       if (share_ns)
-               ret = lxc_clone(do_share_ns, handler, CLONE_VFORK | CLONE_VM | 
CLONE_FILES);
-       else
+       if (share_ns) {
+               pid_t attacher_pid;
+
+               attacher_pid = lxc_clone(do_share_ns, handler, CLONE_VFORK | 
CLONE_VM | CLONE_FILES);
+               if (attacher_pid < 0) {
+                       SYSERROR(LXC_CLONE_ERROR);
+                       goto out_delete_net;
+               }
+
+               ret = wait_for_pid(attacher_pid);
+               if (ret < 0) {
+                       SYSERROR("Intermediate process failed");
+                       goto out_delete_net;
+               }
+       } else {
                handler->pid = lxc_clone(do_start, handler, 
handler->on_clone_flags);
-       if (handler->pid < 0 || ret < 0) {
-               SYSERROR("Failed to clone a new set of namespaces.");
+       }
+       if (handler->pid < 0) {
+               SYSERROR(LXC_CLONE_ERROR);
                goto out_delete_net;
        }
+
        TRACE("Cloned child process %d", handler->pid);
 
        for (i = 0; i < LXC_NS_MAX; i++)

_______________________________________________
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel