On Mon, 15 Jul 2013 13:47:40 -0500
Serge Hallyn <serge.hal...@ubuntu.com> wrote:
>
> Otherwise (a) there is a memory leak when using user namespaces and
> clearing a config, and (b) saving a container configuration file
> doesn't maintain the userns mapping. For instance, if container c1
> has lxc.id_map configuration entries, then
>
> python3
> import lxc
> c=lxc.Container("c1")
> c.save_config("/tmp/config1")
>
> should show 'lxc.id_map =' entries in /tmp/config1.
>
> Reported-by: Dwight Engen <dwight.en...@oracle.com>
> Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
> ---
> src/lxc/conf.c | 13 +++++++++++++
> src/lxc/confile.c | 6 ++++++
> 2 files changed, 19 insertions(+)
>
> diff --git a/src/lxc/conf.c b/src/lxc/conf.c
> index dc521b5..21614d9 100644
> --- a/src/lxc/conf.c
> +++ b/src/lxc/conf.c
> @@ -3123,6 +3123,18 @@ int lxc_clear_config_caps(struct lxc_conf *c)
> return 0;
> }
>
> +int lxc_clear_idmaps(struct lxc_conf *c)
> +{
> + struct lxc_list *it, *next;
> +
> + lxc_list_for_each_safe(it, &c->id_map, next) {
> + lxc_list_del(it);
> + free(it->elem);
> + free(it);
> + }
> + return 0;
> +}
> +
> int lxc_clear_cgroups(struct lxc_conf *c, const char *key)
> {
> struct lxc_list *it,*next;
> @@ -3226,5 +3238,6 @@ void lxc_conf_free(struct lxc_conf *conf)
> lxc_clear_hooks(conf, "lxc.hook");
> lxc_clear_mount_entries(conf);
> lxc_clear_saved_nics(conf);
> + lxc_clear_idmaps(conf);
> free(conf);
> }
> diff --git a/src/lxc/confile.c b/src/lxc/confile.c
> index a7db117..05370f0 100644
> --- a/src/lxc/confile.c
> +++ b/src/lxc/confile.c
> @@ -1945,6 +1945,12 @@ void write_config(FILE *fout, struct lxc_conf
> *c) }
> lxc_list_for_each(it, &c->caps)
> fprintf(fout, "lxc.cap.drop = %s\n", (char
> *)it->elem);
> + lxc_list_for_each(it, &c->id_map) {
> + struct id_map *idmap = it->elem;
> + fprintf(fout, "lxc.id_map = %c %lu %lu %lu\n",
> + idmap->type == ID_TYPE_UID ? 'u' : 'c',
> idmap->nsid,
> + idmap->hostid, idmap->range);
Hi Serge, I'm getting:
confile.c:1951:9: error: ‘struct id_map’ has no member named ‘type’
I think you wanted idmap->idtype :) With that change, it builds but I'm
getting a segfault when doing a lxc-clone -s -o ol64-01 -n ol64-02 (and
ol64-01 has lxc.id_map entries). Here is the gdb backtrace, I'll look
into it if you don't have time.
Starting program: /usr/bin/lxc-clone -s -o ol64-01 -n ol64-04
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Detaching after fork from child process 28359.
Detaching after fork from child process 28361.
Program received signal SIGSEGV, Segmentation fault.
0x00007f99e689e08e in write_config (fout=fout@entry=0x1b79670, c=0x1b77400)
at confile.c:1950
1950 confile.c: No such file or directory.
Missing separate debuginfos, use: debuginfo-install lxc-0.9.x-1.fc18.x86_64
(gdb) bt
#0 0x00007f99e689e08e in write_config (fout=fout@entry=0x1b79670, c=0x1b77400)
at confile.c:1950
#1 0x00007f99e68a6c6b in lxcapi_save_config (c=0x1b764d0, alt_file=<optimized
out>)
at lxccontainer.c:1214
#2 0x00007f99e68a99b8 in lxcapi_clone (c=<optimized out>, newname=<optimized
out>,
lxcpath=<optimized out>, flags=<optimized out>, bdevtype=0x0, bdevdata=0x0,
newsize=0, hookargs=0x0) at lxccontainer.c:1963
#3 0x0000000000400d2f in main ()
> + }
> for (i=0; i<NUM_LXC_HOOKS; i++) {
> lxc_list_for_each(it, &c->hooks[i])
> fprintf(fout, "lxc.hook.%s = %s\n",
------------------------------------------------------------------------------
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
_______________________________________________
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
