On Wed, Sep 12, 2012 at 02:47:48PM +0400, Kir Kolyshkin wrote: > On 09/11/2012 05:24 AM, Lennart Poettering wrote: > >On Fri, 24.08.12 16:22, Kir Kolyshkin (k...@openvz.org) wrote: > > > >>Proper handling of reboot() syscall issued from the inside of a container > >>was always supported by OpenVZ kernels. More to say, OpenVZ relies on the > >>fact > >>that container calls reboot in order to distinguish between shutdown and > >>reboot-- in the latter case container is being restarted. > >> > >>This patch brings the reboot() back for OpenVZ container. > >Turns out the normal Linux containers understand reboot() just fine > >too. > > Please note though that the problem with reboot() wrt upstream containers > was really nasty -- calling reboot inside container resulted in > rebooting the whole system, not just the container.
NB when libvirt starts an LXC container, it first checks to see whether the kernel has the container aware reboot() support. If it does not, then it removes CAP_SYS_REBOOT from the container, to prevent any accidental whole system reboot. The sf.net LXC tools do the same thing. Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
