pool/lxcfs
SHA256
6
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Accepting request 499619 from Virtualization:containers

Browse Source 
update to version 2.0.7

OBS-URL: https://build.opensuse.org/request/show/499619
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/lxcfs?expand=0&rev=3
This commit is contained in:
Dominique Leuenberger 2017-05-31 10:19:47 +00:00 committed by Git OBS Bridge
commit 8e8aaaee94
30 changed files with 198 additions and 2543 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
0001-Fix-test_reload-for-lxcfs-chroot.patch
View File

@ -1,72 +0,0 @@
From ec2b5e7c6297a82914f59d7b49714beb5f8afeef Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber@ubuntu.com>
Date: Tue, 16 Aug 2016 12:36:01 -0400
Subject: [PATCH 01/24] Fix test_reload for lxcfs chroot
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
---
bindings.c | 10 +---------
tests/test_reload.sh | 8 ++++----
2 files changed, 5 insertions(+), 13 deletions(-)
diff --git a/bindings.c b/bindings.c
index 04f0b08..2fb4acf 100644
--- a/bindings.c
+++ b/bindings.c
@@ -3610,17 +3610,9 @@ out:
#if RELOADTEST
void iwashere(void)
{
- char *name, *cwd = get_current_dir_name();
- size_t len;
int fd;
- if (!cwd)
- exit(1);
- len = strlen(cwd) + strlen("/iwashere") + 1;
- name = alloca(len);
- snprintf(name, len, "%s/iwashere", cwd);
- free(cwd);
- fd = creat(name, 0755);
+ fd = creat("/tmp/lxcfs-iwashere", 0644);
if (fd >= 0)
close(fd);
}
diff --git a/tests/test_reload.sh b/tests/test_reload.sh
index 5474cbb..5e37ace 100755
--- a/tests/test_reload.sh
+++ b/tests/test_reload.sh
@@ -26,7 +26,7 @@ cleanup() {
umount -l ${testdir}
fi
rm -rf ${testdir} ${installdir}
- rm -f iwashere
+ rm -f /tmp/lxcfs-iwashere
rm -f ${pidfile}
if [ ${FAILED} -eq 1 ]; then
echo "liblxcfs.so reload test FAILED"
@@ -50,9 +50,9 @@ while [ ! -d ${testdir}/proc ]; do
count=$((count+1))
done
-rm -f iwashere
+rm -f /tmp/lxcfs-iwashere
cat ${testdir}/proc/uptime
-[ ! -f iwashere ]
+[ ! -f /tmp/lxcfs-iwashere ]
(
cd ${topdir};
make liblxcfstest.la
@@ -65,5 +65,5 @@ cp ${libdir}/liblxcfstest.so ${libdir}/liblxcfs.so
kill -USR1 ${lxcfspid}
cat ${testdir}/proc/uptime
-[ -f iwashere ]
+[ -f /tmp/lxcfs-iwashere ]
FAILED=0
--
2.9.3

118
0002-Virtualize-more-of-the-meminfo-fields.patch
View File

@ -1,118 +0,0 @@
From c6095b08bb3731f2b25fa2312e31da2d21b2b3eb Mon Sep 17 00:00:00 2001
From: Serge Hallyn <serge@hallyn.com>
Date: Thu, 18 Aug 2016 00:03:51 -0500
Subject: [PATCH 02/24] Virtualize more of the meminfo fields
The worst remaining offending line appears to be VmallocTotal.
Suggestions for how to calculate that would be appreciated.
Closes #119
Signed-off-by: Serge Hallyn <serge@hallyn.com>
---
bindings.c | 64 ++++++++++++++++++++++++++++++++++++++++++++++++++++++--------
1 file changed, 56 insertions(+), 8 deletions(-)
diff --git a/bindings.c b/bindings.c
index 2fb4acf..1fa1027 100644
--- a/bindings.c
+++ b/bindings.c
@@ -2943,16 +2943,32 @@ static bool startswith(const char *line, const char *pref)
return false;
}
-static void get_mem_cached(char *memstat, unsigned long *v)
+static void parse_memstat(char *memstat, unsigned long *cached,
+ unsigned long *active_anon, unsigned long *inactive_anon,
+ unsigned long *active_file, unsigned long *inactive_file,
+ unsigned long *unevictable)
{
char *eol;
- *v = 0;
while (*memstat) {
- if (startswith(memstat, "total_cache")) {
- sscanf(memstat + 11, "%lu", v);
- *v /= 1024;
- return;
+ if (startswith(memstat, "cache")) {
+ sscanf(memstat + 11, "%lu", cached);
+ *cached /= 1024;
+ } else if (startswith(memstat, "active_anon")) {
+ sscanf(memstat + 11, "%lu", active_anon);
+ *active_anon /= 1024;
+ } else if (startswith(memstat, "inactive_anon")) {
+ sscanf(memstat + 11, "%lu", inactive_anon);
+ *inactive_anon /= 1024;
+ } else if (startswith(memstat, "active_file")) {
+ sscanf(memstat + 11, "%lu", active_file);
+ *active_file /= 1024;
+ } else if (startswith(memstat, "inactive_file")) {
+ sscanf(memstat + 11, "%lu", inactive_file);
+ *inactive_file /= 1024;
+ } else if (startswith(memstat, "unevictable")) {
+ sscanf(memstat + 11, "%lu", unevictable);
+ *unevictable /= 1024;
}
eol = strchr(memstat, '\n');
if (!eol)
@@ -3069,7 +3085,8 @@ static int proc_meminfo_read(char *buf, size_t size, off_t offset,
*memswlimit_str = NULL, *memswusage_str = NULL,
*memswlimit_default_str = NULL, *memswusage_default_str = NULL;
unsigned long memlimit = 0, memusage = 0, memswlimit = 0, memswusage = 0,
- cached = 0, hosttotal = 0;
+ cached = 0, hosttotal = 0, active_anon = 0, inactive_anon = 0,
+ active_file = 0, inactive_file = 0, unevictable = 0;
char *line = NULL;
size_t linelen = 0, total_len = 0, rv = 0;
char *cache = d->buf;
@@ -3128,7 +3145,9 @@ static int proc_meminfo_read(char *buf, size_t size, off_t offset,
memlimit /= 1024;
memusage /= 1024;
- get_mem_cached(memstat_str, &cached);
+ parse_memstat(memstat_str, &cached, &active_anon,
+ &inactive_anon, &active_file, &inactive_file,
+ &unevictable);
f = fopen("/proc/meminfo", "r");
if (!f)
@@ -3170,6 +3189,35 @@ static int proc_meminfo_read(char *buf, size_t size, off_t offset,
} else if (startswith(line, "SwapCached:")) {
snprintf(lbuf, 100, "SwapCached: %8lu kB\n", 0UL);
printme = lbuf;
+ } else if (startswith(line, "Active")) {
+ snprintf(lbuf, 100, "Active: %8lu kB\n",
+ active_anon + active_file);
+ printme = lbuf;
+ } else if (startswith(line, "Inactive")) {
+ snprintf(lbuf, 100, "Inactive: %8lu kB\n",
+ inactive_anon + inactive_file);
+ printme = lbuf;
+ } else if (startswith(line, "Active(anon)")) {
+ snprintf(lbuf, 100, "Active(anon): %8lu kB\n", active_anon);
+ printme = lbuf;
+ } else if (startswith(line, "Inactive(anon)")) {
+ snprintf(lbuf, 100, "Inactive(anon): %8lu kB\n", inactive_anon);
+ printme = lbuf;
+ } else if (startswith(line, "Active(file)")) {
+ snprintf(lbuf, 100, "Active(file): %8lu kB\n", active_file);
+ printme = lbuf;
+ } else if (startswith(line, "Inactive(file)")) {
+ snprintf(lbuf, 100, "Inactive(file): %8lu kB\n", inactive_file);
+ printme = lbuf;
+ } else if (startswith(line, "Unevictable")) {
+ snprintf(lbuf, 100, "Unevictable: %8lu kB\n", unevictable);
+ printme = lbuf;
+ } else if (startswith(line, "SReclaimable")) {
+ snprintf(lbuf, 100, "SReclaimable: %8lu kB\n", 0UL);
+ printme = lbuf;
+ } else if (startswith(line, "SUnreclaim")) {
+ snprintf(lbuf, 100, "SUnreclaim: %8lu kB\n", 0UL);
+ printme = lbuf;
} else
printme = line;
--
2.9.3

57
0003-pam-fix-race-in-cgroup-creation.patch
View File

@ -1,57 +0,0 @@
From 56ee748c3fd89752a6262471eb49d3b670bb3c09 Mon Sep 17 00:00:00 2001
From: Serge Hallyn <serge@hallyn.com>
Date: Sun, 21 Aug 2016 13:26:42 -0500
Subject: [PATCH 03/24] pam: fix race in cgroup creation
If we find that a cgroup already exists, we should
1. remove all the cgroups which we've created so far
2. set existed to true
3. return failure
The caller should then detect that existed == true,
and re-try with the next index.
Signed-off-by: Serge Hallyn <serge@hallyn.com>
---
pam/pam_cgfs.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/pam/pam_cgfs.c b/pam/pam_cgfs.c
index 08f0694..24510e1 100644
--- a/pam/pam_cgfs.c
+++ b/pam/pam_cgfs.c
@@ -585,7 +585,7 @@ static bool cgfs_create_forone(struct controller *c, uid_t uid, gid_t gid, const
#if DEBUG
fprintf(stderr, "%s existed\n", path);
#endif
- return true;
+ return false;
}
bool pass = mkdir_p(c->mount_path, path);
@@ -794,16 +794,16 @@ static int handle_login(const char *user)
return PAM_SESSION_ERR;
}
+ existed = false;
if (!cgfs_create(cg, uid, gid, &existed)) {
+ if (existed) {
+ idx++;
+ continue;
+ }
mysyslog(LOG_ERR, "Failed to create a cgroup for user %s\n", user);
return PAM_SESSION_ERR;
}
- if (existed == 1) {
- idx++;
- continue;
- }
-
if (!cgfs_enter(cg, false)) {
mysyslog(LOG_ERR, "Failed to enter user cgroup %s for user %s\n", cg, user);
return PAM_SESSION_ERR;
--
2.9.3

41
0004-meminfo-don-t-show-negative-swapfree.patch
View File

@ -1,41 +0,0 @@
From b4665ce0c3b5bd6d2ceca843b52bd70ae5fb639a Mon Sep 17 00:00:00 2001
From: Serge Hallyn <serge@hallyn.com>
Date: Sun, 21 Aug 2016 15:05:31 -0500
Subject: [PATCH 04/24] meminfo: don't show negative swapfree
Also commonize some of the mem{,sw} free/used calculations.
Closes #115
---
bindings.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/bindings.c b/bindings.c
index 2fb4acf..9bac10a 100644
--- a/bindings.c
+++ b/bindings.c
@@ -3155,8 +3155,10 @@ static int proc_meminfo_read(char *buf, size_t size, off_t offset,
snprintf(lbuf, 100, "SwapTotal: %8lu kB\n", memswlimit - memlimit);
printme = lbuf;
} else if (startswith(line, "SwapFree:") && memswlimit > 0 && memswusage > 0) {
- snprintf(lbuf, 100, "SwapFree: %8lu kB\n",
- (memswlimit - memlimit) - (memswusage - memusage));
+ unsigned long swaptotal = memswlimit - memlimit,
+ swapusage = memswusage - memusage,
+ swapfree = swapusage < swaptotal ? swaptotal - swapusage : 0;
+ snprintf(lbuf, 100, "SwapFree: %8lu kB\n", swapfree);
printme = lbuf;
} else if (startswith(line, "Slab:")) {
snprintf(lbuf, 100, "Slab: %8lu kB\n", 0UL);
@@ -3472,6 +3474,8 @@ static int proc_stat_read(char *buf, size_t size, off_t offset,
char cpu_char[10]; /* That's a lot of cores */
char *c;
+ if (strlen(line) == 0)
+ continue;
if (sscanf(line, "cpu%9[^ ]", cpu_char) != 1) {
/* not a ^cpuN line containing a number N, just print it */
l = snprintf(cache, cache_size, "%s", line);
--
2.9.3

147
0005-bindings-improve-debugging.patch
View File

@ -1,147 +0,0 @@
From 7dd6560a9b506c83c1a577e620ca0e81f0c6a9dd Mon Sep 17 00:00:00 2001
From: Christian Brauner <cbrauner@suse.de>
Date: Wed, 24 Aug 2016 15:43:49 +0200
Subject: [PATCH 05/24] bindings: improve debugging
- replace multiple DEBUG ifdefines with a single ifdefine at the top
- ifdefine lxcfs_debug() macro function that expands to nothing when -DDEBUG is
not given
Signed-off-by: Christian Brauner <cbrauner@suse.de>
---
bindings.c | 62 ++++++++++++++++++++++++++++++--------------------------------
1 file changed, 30 insertions(+), 32 deletions(-)
diff --git a/bindings.c b/bindings.c
index 916b43d..e3975cc 100644
--- a/bindings.c
+++ b/bindings.c
@@ -48,6 +48,16 @@ return -1;
extern int pivot_root(const char * new_root, const char * put_old);
#endif
+#ifdef DEBUG
+#define lxcfs_debug(format, ...) \
+ do { \
+ fprintf(stderr, "%s: %d: %s: " format, __FILE__, __LINE__, \
+ __func__, __VA_ARGS__); \
+ } while (false)
+#else
+#define lxcfs_debug(format, ...)
+#endif /* DEBUG */
+
enum {
LXC_TYPE_CGDIR,
LXC_TYPE_CGFILE,
@@ -160,10 +170,10 @@ static bool initpid_still_valid(struct pidns_init_store *e, struct stat *nsfdsb)
snprintf(fnam, 100, "/proc/%d", e->initpid);
if (stat(fnam, &initsb) < 0)
return false;
-#if DEBUG
- fprintf(stderr, "comparing ctime %ld %ld for pid %d\n",
- e->ctime, initsb.st_ctime, e->initpid);
-#endif
+
+ lxcfs_debug("Comparing ctime %ld == %ld for pid %d.\n", e->ctime,
+ initsb.st_ctime, e->initpid);
+
if (e->ctime != initsb.st_ctime)
return false;
return true;
@@ -175,9 +185,8 @@ static void remove_initpid(struct pidns_init_store *e)
struct pidns_init_store *tmp;
int h;
-#if DEBUG
- fprintf(stderr, "remove_initpid: removing entry for %d\n", e->initpid);
-#endif
+ lxcfs_debug("Remove_initpid: removing entry for %d.\n", e->initpid);
+
h = HASH(e->ino);
if (pidns_hash_table[h] == e) {
pidns_hash_table[h] = e->next;
@@ -212,18 +221,18 @@ static void prune_initpid_store(void)
now = time(NULL);
if (now < last_prune + PURGE_SECS)
return;
-#if DEBUG
- fprintf(stderr, "pruning\n");
-#endif
+
+ lxcfs_debug("%s\n", "Pruning.");
+
last_prune = now;
threshold = now - 2 * PURGE_SECS;
for (i = 0; i < PIDNS_HASH_SIZE; i++) {
for (prev = NULL, e = pidns_hash_table[i]; e; ) {
if (e->lastcheck < threshold) {
-#if DEBUG
- fprintf(stderr, "Removing cached entry for %d\n", e->initpid);
-#endif
+
+ lxcfs_debug("Removing cached entry for %d.\n", e->initpid);
+
delme = e;
if (prev)
prev->next = e->next;
@@ -247,9 +256,8 @@ static void save_initpid(struct stat *sb, pid_t pid)
struct stat procsb;
int h;
-#if DEBUG
- fprintf(stderr, "save_initpid: adding entry for %d\n", pid);
-#endif
+ lxcfs_debug("Save_initpid: adding entry for %d.\n", pid);
+
snprintf(fpath, 100, "/proc/%d", pid);
if (stat(fpath, &procsb) < 0)
return;
@@ -577,9 +585,7 @@ static bool recursive_rmdir(const char *dirname, int fd)
dir = fdopendir(dupfd);
if (!dir) {
-#if DEBUG
- fprintf(stderr, "%s: failed to open %s: %s\n", __func__, dirname, strerror(errno));
-#endif
+ lxcfs_debug("Failed to open %s: %s.\n", dirname, strerror(errno));
return false;
}
@@ -602,18 +608,12 @@ static bool recursive_rmdir(const char *dirname, int fd)
ret = fstatat(fd, pathname, &mystat, AT_SYMLINK_NOFOLLOW);
if (ret) {
-#if DEBUG
- fprintf(stderr, "%s: failed to stat %s: %s\n", __func__, pathname, strerror(errno));
-#endif
+ lxcfs_debug("Failed to stat %s: %s.\n", pathname, strerror(errno));
continue;
}
- if (S_ISDIR(mystat.st_mode)) {
- if (!recursive_rmdir(pathname, fd)) {
-#if DEBUG
- fprintf(stderr, "Error removing %s\n", pathname);
-#endif
- }
- }
+ if (S_ISDIR(mystat.st_mode))
+ if (!recursive_rmdir(pathname, fd))
+ lxcfs_debug("Error removing %s.\n", pathname);
}
ret = true;
@@ -623,9 +623,7 @@ static bool recursive_rmdir(const char *dirname, int fd)
}
if (unlinkat(fd, dirname, AT_REMOVEDIR) < 0) {
-#if DEBUG
- fprintf(stderr, "%s: failed to delete %s: %s\n", __func__, dirname, strerror(errno));
-#endif
+ lxcfs_debug("Failed to delete %s: %s.\n", dirname, strerror(errno));
ret = false;
}
close(fd);
--
2.9.3

71
0006-bindings-use-openat-fd-for-fstatat-unlinkat.patch
View File

@ -1,71 +0,0 @@
From 2e81a5e3d8f70f395b83941e3a0277f995c27e08 Mon Sep 17 00:00:00 2001
From: Christian Brauner <cbrauner@suse.de>
Date: Mon, 22 Aug 2016 02:47:27 +0200
Subject: [PATCH 06/24] bindings: use openat fd for fstatat(), unlinkat()
Signed-off-by: Christian Brauner <cbrauner@suse.de>
---
bindings.c | 15 ++++++---------
1 file changed, 6 insertions(+), 9 deletions(-)
diff --git a/bindings.c b/bindings.c
index e3975cc..f0e7b80 100644
--- a/bindings.c
+++ b/bindings.c
@@ -571,7 +571,7 @@ int cgfs_create(const char *controller, const char *cg, uid_t uid, gid_t gid)
return 0;
}
-static bool recursive_rmdir(const char *dirname, int fd)
+static bool recursive_rmdir(const char *dirname, int fd, int cfd)
{
struct dirent *direntp;
DIR *dir;
@@ -593,9 +593,6 @@ static bool recursive_rmdir(const char *dirname, int fd)
struct stat mystat;
int rc;
- if (!direntp)
- break;
-
if (!strcmp(direntp->d_name, ".") ||
!strcmp(direntp->d_name, ".."))
continue;
@@ -606,13 +603,13 @@ static bool recursive_rmdir(const char *dirname, int fd)
continue;
}
- ret = fstatat(fd, pathname, &mystat, AT_SYMLINK_NOFOLLOW);
- if (ret) {
+ rc = fstatat(cfd, pathname, &mystat, AT_SYMLINK_NOFOLLOW);
+ if (rc) {
lxcfs_debug("Failed to stat %s: %s.\n", pathname, strerror(errno));
continue;
}
if (S_ISDIR(mystat.st_mode))
- if (!recursive_rmdir(pathname, fd))
+ if (!recursive_rmdir(pathname, fd, cfd))
lxcfs_debug("Error removing %s.\n", pathname);
}
@@ -622,7 +619,7 @@ static bool recursive_rmdir(const char *dirname, int fd)
ret = false;
}
- if (unlinkat(fd, dirname, AT_REMOVEDIR) < 0) {
+ if (unlinkat(cfd, dirname, AT_REMOVEDIR) < 0) {
lxcfs_debug("Failed to delete %s: %s.\n", dirname, strerror(errno));
ret = false;
}
@@ -652,7 +649,7 @@ bool cgfs_remove(const char *controller, const char *cg)
if (fd < 0)
return false;
- return recursive_rmdir(dirnam, fd);
+ return recursive_rmdir(dirnam, fd, cfd);
}
bool cgfs_chmod_file(const char *controller, const char *file, mode_t mode)
--
2.9.3

63
0007-bindings-close-open-fds-on-error.patch
View File

@ -1,63 +0,0 @@
From 7213ec5c20b91ff62d38c7b39f82c5e713aff08c Mon Sep 17 00:00:00 2001
From: Christian Brauner <cbrauner@suse.de>
Date: Mon, 22 Aug 2016 17:48:12 +0200
Subject: [PATCH 07/24] bindings: close open fds on error
Signed-off-by: Christian Brauner <cbrauner@suse.de>
---
bindings.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/bindings.c b/bindings.c
index f0e7b80..0cc926b 100644
--- a/bindings.c
+++ b/bindings.c
@@ -571,7 +571,7 @@ int cgfs_create(const char *controller, const char *cg, uid_t uid, gid_t gid)
return 0;
}
-static bool recursive_rmdir(const char *dirname, int fd, int cfd)
+static bool recursive_rmdir(const char *dirname, int fd, const int cfd)
{
struct dirent *direntp;
DIR *dir;
@@ -586,6 +586,7 @@ static bool recursive_rmdir(const char *dirname, int fd, int cfd)
dir = fdopendir(dupfd);
if (!dir) {
lxcfs_debug("Failed to open %s: %s.\n", dirname, strerror(errno));
+ close(dupfd);
return false;
}
@@ -623,7 +624,8 @@ static bool recursive_rmdir(const char *dirname, int fd, int cfd)
lxcfs_debug("Failed to delete %s: %s.\n", dirname, strerror(errno));
ret = false;
}
- close(fd);
+
+ close(dupfd);
return ret;
}
@@ -633,6 +635,7 @@ bool cgfs_remove(const char *controller, const char *cg)
int fd, cfd;
size_t len;
char *dirnam, *tmpc;
+ bool bret;
tmpc = find_mounted_controller(controller, &cfd);
if (!tmpc)
@@ -649,7 +652,9 @@ bool cgfs_remove(const char *controller, const char *cg)
if (fd < 0)
return false;
- return recursive_rmdir(dirnam, fd, cfd);
+ bret = recursive_rmdir(dirnam, fd, cfd);
+ close(fd);
+ return bret;
}
bool cgfs_chmod_file(const char *controller, const char *file, mode_t mode)
--
2.9.3

48
0008-bindings-grant-access-to-var-lib-lxcfs.patch
View File

@ -1,48 +0,0 @@
From 17e6e1e29fa875fbcae6e70c9580911f937d1cde Mon Sep 17 00:00:00 2001
From: Christian Brauner <cbrauner@suse.de>
Date: Sun, 21 Aug 2016 00:22:38 +0200
Subject: [PATCH 08/24] bindings: grant access to /var/lib/lxcfs
Signed-off-by: Christian Brauner <cbrauner@suse.de>
---
lxcfs.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/lxcfs.c b/lxcfs.c
index 47afe13..98b5d91 100644
--- a/lxcfs.c
+++ b/lxcfs.c
@@ -424,11 +424,19 @@ static int do_cg_releasedir(const char *path, struct fuse_file_info *fi)
static int lxcfs_getattr(const char *path, struct stat *sb)
{
int ret;
+ struct timespec now;
+
if (strcmp(path, "/") == 0) {
+ if (clock_gettime(CLOCK_REALTIME, &now) < 0)
+ return -EINVAL;
+ sb->st_uid = sb->st_gid = 0;
+ sb->st_atim = sb->st_mtim = sb->st_ctim = now;
+ sb->st_size = 0;
sb->st_mode = S_IFDIR | 00755;
sb->st_nlink = 2;
return 0;
}
+
if (strncmp(path, "/cgroup", 7) == 0) {
up_users();
ret = do_cg_getattr(path, sb);
@@ -489,6 +497,10 @@ static int lxcfs_readdir(const char *path, void *buf, fuse_fill_dir_t filler, of
static int lxcfs_access(const char *path, int mode)
{
int ret;
+
+ if (strcmp(path, "/") == 0 && access(path, R_OK) == 0)
+ return 0;
+
if (strncmp(path, "/cgroup", 7) == 0) {
up_users();
ret = do_cg_access(path, mode);
--
2.9.3

38
0009-bindings-enable-access-to-var-lib-lxcfs-cgroup.patch
View File

@ -1,38 +0,0 @@
From 6f0f6b832b5312e510add2fc4c571376184b59b8 Mon Sep 17 00:00:00 2001
From: Christian Brauner <cbrauner@suse.de>
Date: Sun, 21 Aug 2016 00:02:32 +0200
Subject: [PATCH 09/24] bindings: enable access to /var/lib/lxcfs/cgroup
Signed-off-by: Christian Brauner <cbrauner@suse.de>
---
bindings.c | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/bindings.c b/bindings.c
index 0cc926b..6ae0c06 100644
--- a/bindings.c
+++ b/bindings.c
@@ -1909,11 +1909,18 @@ out:
int cg_access(const char *path, int mode)
{
+ int ret;
const char *cgroup;
- char *last = NULL, *path1, *path2, * cgdir = NULL, *controller;
+ char *path1, *path2, *controller;
+ char *last = NULL, *cgdir = NULL;
struct cgfs_files *k = NULL;
struct fuse_context *fc = fuse_get_context();
- int ret;
+
+ if (strcmp(path, "/cgroup") == 0) {
+ if ((mode & W_OK) == 0)
+ return -EACCES;
+ return 0;
+ }
if (!fc)
return -EIO;
--
2.9.3

27
0010-bindings-allow-access-to-var-lib-lxcfs-proc.patch
View File

@ -1,27 +0,0 @@
From e7849aa3f722c6ac7a16fd87147a295b708a2855 Mon Sep 17 00:00:00 2001
From: Christian Brauner <cbrauner@suse.de>
Date: Sun, 21 Aug 2016 00:11:13 +0200
Subject: [PATCH 10/24] bindings: allow access to /var/lib/lxcfs/proc
Signed-off-by: Christian Brauner <cbrauner@suse.de>
---
bindings.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/bindings.c b/bindings.c
index 6ae0c06..04b2a5f 100644
--- a/bindings.c
+++ b/bindings.c
@@ -4075,6 +4075,9 @@ int proc_open(const char *path, struct fuse_file_info *fi)
int proc_access(const char *path, int mask)
{
+ if (strcmp(path, "/proc") == 0 && access(path, R_OK) == 0)
+ return 0;
+
/* these are all read-only */
if ((mask & ~R_OK) != 0)
return -EACCES;
--
2.9.3

66
0011-lxcfs-bindings-show-.-and-.-dir-entries.patch
View File

@ -1,66 +0,0 @@
From d639f86341f7f07f0ade0c937fd576586bfb949e Mon Sep 17 00:00:00 2001
From: Christian Brauner <cbrauner@suse.de>
Date: Sun, 21 Aug 2016 13:53:27 +0200
Subject: [PATCH 11/24] lxcfs, bindings: show "." and ".." dir entries
Signed-off-by: Christian Brauner <cbrauner@suse.de>
---
bindings.c | 17 +++++++++++------
lxcfs.c | 6 ++++--
2 files changed, 15 insertions(+), 8 deletions(-)
diff --git a/bindings.c b/bindings.c
index 04b2a5f..997db7b 100644
--- a/bindings.c
+++ b/bindings.c
@@ -1742,6 +1742,9 @@ int cg_readdir(const char *path, void *buf, fuse_fill_dir_t filler, off_t offset
struct fuse_context *fc = fuse_get_context();
char **clist = NULL;
+ if (filler(buf, ".", NULL, 0) != 0 || filler(buf, "..", NULL, 0) != 0)
+ return -EIO;
+
if (d->type != LXC_TYPE_CGDIR) {
fprintf(stderr, "Internal error: file cache info used in readdir\n");
return -EIO;
@@ -4024,12 +4027,14 @@ int proc_getattr(const char *path, struct stat *sb)
int proc_readdir(const char *path, void *buf, fuse_fill_dir_t filler, off_t offset,
struct fuse_file_info *fi)
{
- if (filler(buf, "cpuinfo", NULL, 0) != 0 ||
- filler(buf, "meminfo", NULL, 0) != 0 ||
- filler(buf, "stat", NULL, 0) != 0 ||
- filler(buf, "uptime", NULL, 0) != 0 ||
- filler(buf, "diskstats", NULL, 0) != 0 ||
- filler(buf, "swaps", NULL, 0) != 0)
+ if (filler(buf, ".", NULL, 0) != 0 ||
+ filler(buf, "..", NULL, 0) != 0 ||
+ filler(buf, "cpuinfo", NULL, 0) != 0 ||
+ filler(buf, "meminfo", NULL, 0) != 0 ||
+ filler(buf, "stat", NULL, 0) != 0 ||
+ filler(buf, "uptime", NULL, 0) != 0 ||
+ filler(buf, "diskstats", NULL, 0) != 0 ||
+ filler(buf, "swaps", NULL, 0) != 0)
return -EINVAL;
return 0;
}
diff --git a/lxcfs.c b/lxcfs.c
index 98b5d91..0c695b7 100644
--- a/lxcfs.c
+++ b/lxcfs.c
@@ -474,8 +474,10 @@ static int lxcfs_readdir(const char *path, void *buf, fuse_fill_dir_t filler, of
{
int ret;
if (strcmp(path, "/") == 0) {
- if (filler(buf, "proc", NULL, 0) != 0 ||
- filler(buf, "cgroup", NULL, 0) != 0)
+ if (filler(buf, ".", NULL, 0) != 0 ||
+ filler(buf, "..", NULL, 0) != 0 ||
+ filler(buf, "proc", NULL, 0) != 0 ||
+ filler(buf, "cgroup", NULL, 0) != 0)
return -EINVAL;
return 0;
}
--
2.9.3

125
0012-lxcfs-better-fs-behavior-on-var-lib-lxcfs.patch
View File

@ -1,125 +0,0 @@
From f9b24a3e01e49dfa2b98c138f3d4f6f687c8d0b6 Mon Sep 17 00:00:00 2001
From: Christian Brauner <cbrauner@suse.de>
Date: Mon, 22 Aug 2016 11:36:02 +0200
Subject: [PATCH 12/24] lxcfs: better fs behavior on /var/lib/lxcfs
return -EPERM for mkdir(), rmdir(), chown(), chmod() on top directory
/var/lib/lxcfs.
Signed-off-by: Christian Brauner <cbrauner@suse.de>
---
lxcfs.c | 29 ++++++++++++++++++-----------
1 file changed, 18 insertions(+), 11 deletions(-)
diff --git a/lxcfs.c b/lxcfs.c
index 0c695b7..a013033 100644
--- a/lxcfs.c
+++ b/lxcfs.c
@@ -449,7 +449,7 @@ static int lxcfs_getattr(const char *path, struct stat *sb)
down_users();
return ret;
}
- return -EINVAL;
+ return -ENOENT;
}
static int lxcfs_opendir(const char *path, struct fuse_file_info *fi)
@@ -478,7 +478,7 @@ static int lxcfs_readdir(const char *path, void *buf, fuse_fill_dir_t filler, of
filler(buf, "..", NULL, 0) != 0 ||
filler(buf, "proc", NULL, 0) != 0 ||
filler(buf, "cgroup", NULL, 0) != 0)
- return -EINVAL;
+ return -ENOMEM;
return 0;
}
if (strncmp(path, "/cgroup", 7) == 0) {
@@ -493,14 +493,14 @@ static int lxcfs_readdir(const char *path, void *buf, fuse_fill_dir_t filler, of
down_users();
return ret;
}
- return -EINVAL;
+ return -ENOENT;
}
static int lxcfs_access(const char *path, int mode)
{
int ret;
- if (strcmp(path, "/") == 0 && access(path, R_OK) == 0)
+ if (strcmp(path, "/") == 0 && (mode & W_OK) == 0)
return 0;
if (strncmp(path, "/cgroup", 7) == 0) {
@@ -516,7 +516,7 @@ static int lxcfs_access(const char *path, int mode)
return ret;
}
- return -EINVAL;
+ return -EACCES;
}
static int lxcfs_releasedir(const char *path, struct fuse_file_info *fi)
@@ -551,7 +551,7 @@ static int lxcfs_open(const char *path, struct fuse_file_info *fi)
return ret;
}
- return -EINVAL;
+ return -EACCES;
}
static int lxcfs_read(const char *path, char *buf, size_t size, off_t offset,
@@ -627,7 +627,7 @@ int lxcfs_mkdir(const char *path, mode_t mode)
return ret;
}
- return -EINVAL;
+ return -EPERM;
}
int lxcfs_chown(const char *path, uid_t uid, gid_t gid)
@@ -640,7 +640,10 @@ int lxcfs_chown(const char *path, uid_t uid, gid_t gid)
return ret;
}
- return -EINVAL;
+ if (strncmp(path, "/proc", 5) == 0)
+ return -EPERM;
+
+ return -ENOENT;
}
/*
@@ -652,7 +655,7 @@ int lxcfs_truncate(const char *path, off_t newsize)
{
if (strncmp(path, "/cgroup", 7) == 0)
return 0;
- return -EINVAL;
+ return -EPERM;
}
int lxcfs_rmdir(const char *path)
@@ -664,7 +667,7 @@ int lxcfs_rmdir(const char *path)
down_users();
return ret;
}
- return -EINVAL;
+ return -EPERM;
}
int lxcfs_chmod(const char *path, mode_t mode)
@@ -676,7 +679,11 @@ int lxcfs_chmod(const char *path, mode_t mode)
down_users();
return ret;
}
- return -EINVAL;
+
+ if (strncmp(path, "/proc", 5) == 0)
+ return -EPERM;
+
+ return -ENOENT;
}
const struct fuse_operations lxcfs_ops = {
--
2.9.3

40
0013-bindings-non-functional-changes.patch
View File

@ -1,40 +0,0 @@
From 3adc421c2619aa43631493562d0adc60940346af Mon Sep 17 00:00:00 2001
From: Christian Brauner <cbrauner@suse.de>
Date: Mon, 22 Aug 2016 11:56:46 +0200
Subject: [PATCH 13/24] bindings: non functional changes
- whitespace fixes for pick_controller_from_path()
Signed-off-by: Christian Brauner <cbrauner@suse.de>
---
bindings.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/bindings.c b/bindings.c
index 997db7b..cf56208 100644
--- a/bindings.c
+++ b/bindings.c
@@ -1508,9 +1508,9 @@ static char *pick_controller_from_path(struct fuse_context *fc, const char *path
if (strlen(path) < 9)
return NULL;
- if (*(path+7) != '/')
+ if (*(path + 7) != '/')
return NULL;
- p1 = path+8;
+ p1 = path + 8;
contr = strdupa(p1);
if (!contr)
return NULL;
@@ -1519,7 +1519,7 @@ static char *pick_controller_from_path(struct fuse_context *fc, const char *path
*slash = '\0';
int i;
- for (i = 0; i < num_hierarchies; i++) {
+ for (i = 0; i < num_hierarchies; i++) {
if (hierarchies[i] && strcmp(hierarchies[i], contr) == 0)
return hierarchies[i];
}
--
2.9.3

51
0014-bindings-set-errno-in-pick_controller_from_path.patch
View File

@ -1,51 +0,0 @@
From 99142521d202c1b626dd308e25c42eb95f613c21 Mon Sep 17 00:00:00 2001
From: Christian Brauner <cbrauner@suse.de>
Date: Mon, 22 Aug 2016 12:00:25 +0200
Subject: [PATCH 14/24] bindings: set errno in pick_controller_from_path()
This will allow us to provide better standard fs behavior.
Signed-off-by: Christian Brauner <cbrauner@suse.de>
---
bindings.c | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/bindings.c b/bindings.c
index cf56208..f3cd85d 100644
--- a/bindings.c
+++ b/bindings.c
@@ -1506,14 +1506,20 @@ static char *pick_controller_from_path(struct fuse_context *fc, const char *path
const char *p1;
char *contr, *slash;
- if (strlen(path) < 9)
+ if (strlen(path) < 9) {
+ errno = EINVAL;
return NULL;
- if (*(path + 7) != '/')
+ }
+ if (*(path + 7) != '/') {
+ errno = EINVAL;
return NULL;
+ }
p1 = path + 8;
contr = strdupa(p1);
- if (!contr)
+ if (!contr) {
+ errno = ENOMEM;
return NULL;
+ }
slash = strstr(contr, "/");
if (slash)
*slash = '\0';
@@ -1523,6 +1529,7 @@ static char *pick_controller_from_path(struct fuse_context *fc, const char *path
if (hierarchies[i] && strcmp(hierarchies[i], contr) == 0)
return hierarchies[i];
}
+ errno = ENOENT;
return NULL;
}
--
2.9.3

100
0015-bindings-more-consistent-fs-behavior.patch
View File

@ -1,100 +0,0 @@
From 2f7036d08de5c60c72985b37f8ff5c01d248109a Mon Sep 17 00:00:00 2001
From: Christian Brauner <cbrauner@suse.de>
Date: Mon, 22 Aug 2016 12:20:10 +0200
Subject: [PATCH 15/24] bindings: more consistent fs behavior
- e.g. let cg_mkdir() return EPERM
Signed-off-by: Christian Brauner <cbrauner@suse.de>
---
bindings.c | 18 +++++++++---------
1 file changed, 9 insertions(+), 9 deletions(-)
diff --git a/bindings.c b/bindings.c
index f3cd85d..281aad2 100644
--- a/bindings.c
+++ b/bindings.c
@@ -1605,7 +1605,7 @@ int cg_getattr(const char *path, struct stat *sb)
controller = pick_controller_from_path(fc, path);
if (!controller)
- return -EIO;
+ return -errno;
cgroup = find_cgroup_in_path(path);
if (!cgroup) {
/* this is just /cgroup/controller, return it as a dir */
@@ -1705,7 +1705,7 @@ int cg_opendir(const char *path, struct fuse_file_info *fi)
// return list of keys for the controller, and list of child cgroups
controller = pick_controller_from_path(fc, path);
if (!controller)
- return -EIO;
+ return -errno;
cgroup = find_cgroup_in_path(path);
if (!cgroup) {
@@ -1863,7 +1863,7 @@ int cg_open(const char *path, struct fuse_file_info *fi)
controller = pick_controller_from_path(fc, path);
if (!controller)
- return -EIO;
+ return -errno;
cgroup = find_cgroup_in_path(path);
if (!cgroup)
return -EINVAL;
@@ -1937,7 +1937,7 @@ int cg_access(const char *path, int mode)
controller = pick_controller_from_path(fc, path);
if (!controller)
- return -EIO;
+ return -errno;
cgroup = find_cgroup_in_path(path);
if (!cgroup) {
// access("/sys/fs/cgroup/systemd", mode) - rx allowed, w not
@@ -2724,7 +2724,7 @@ int cg_chown(const char *path, uid_t uid, gid_t gid)
controller = pick_controller_from_path(fc, path);
if (!controller)
- return -EINVAL;
+ return -errno;
cgroup = find_cgroup_in_path(path);
if (!cgroup)
/* this is just /cgroup/controller */
@@ -2789,7 +2789,7 @@ int cg_chmod(const char *path, mode_t mode)
controller = pick_controller_from_path(fc, path);
if (!controller)
- return -EINVAL;
+ return -errno;
cgroup = find_cgroup_in_path(path);
if (!cgroup)
/* this is just /cgroup/controller */
@@ -2854,7 +2854,7 @@ int cg_mkdir(const char *path, mode_t mode)
controller = pick_controller_from_path(fc, path);
if (!controller)
- return -EINVAL;
+ return errno == ENOENT ? -EPERM : -errno;
cgroup = find_cgroup_in_path(path);
if (!cgroup)
@@ -2875,7 +2875,7 @@ int cg_mkdir(const char *path, mode_t mode)
else if (last && strcmp(next, last) == 0)
ret = -EEXIST;
else
- ret = -ENOENT;
+ ret = -EPERM;
goto out;
}
@@ -2908,7 +2908,7 @@ int cg_rmdir(const char *path)
controller = pick_controller_from_path(fc, path);
if (!controller)
- return -EINVAL;
+ return -errno;
cgroup = find_cgroup_in_path(path);
if (!cgroup)
--
2.9.3

47
0016-add-pld-linux-support.patch
View File

@ -1,47 +0,0 @@
From 00d7fdd826af7afd37f18d99e371bd0aeb1afb79 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Elan=20Ruusam=C3=A4e?= <glen@delfi.ee>
Date: Fri, 26 Aug 2016 00:18:46 +0300
Subject: [PATCH 16/24] add pld linux support
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Elan Ruusamäe <glen@delfi.ee>
---
configure.ac | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index dae4218..6c5c8be 100644
--- a/configure.ac
+++ b/configure.ac
@@ -66,6 +66,7 @@ if test "z$with_distro" = "z"; then
AC_CHECK_FILE(/etc/mandrakelinux-release, with_distro="openmandriva")
AC_CHECK_FILE(/etc/mandriva-release,with_distro="openmandriva")
AC_CHECK_FILE(/etc/pardus-release,with_distro="pardus")
+ AC_CHECK_FILE(/etc/pld-release,with_distro="pld")
fi
with_distro=`echo ${with_distro} | tr '[[:upper:]]' '[[:lower:]]'`
@@ -76,7 +77,7 @@ case $with_distro in
ubuntu)
distroconf=default.conf.ubuntu
;;
- redhat|centos|fedora|oracle|oracleserver)
+ redhat|centos|fedora|oracle|oracleserver|pld)
distroconf=default.conf.libvirt
;;
*)
@@ -108,6 +109,9 @@ case "$with_init_script" in
ubuntu)
init_script=upstart,systemd,sysvinit
;;
+ pld)
+ init_script=systemd,sysvinit
+ ;;
slackware)
echo -n "Warning: bsd init job not yet implemented"
init_script=
--
2.9.3

50
0017-don-t-use-argv-0-in-usage-output.patch
View File

@ -1,50 +0,0 @@
From c3fb7d7fbdc2d9cb2e9e818ac8fce52442583921 Mon Sep 17 00:00:00 2001
From: Evgeni Golov <evgeni@debian.org>
Date: Fri, 26 Aug 2016 09:33:09 +0200
Subject: [PATCH 17/24] don't use argv[0] in usage output
otherwise this generates "funny" manpages like
/home/remote/egolov/Devel/lxcfs/.libs/lt-lxcfs [-p pidfile] mountpoint
/home/remote/egolov/Devel/lxcfs/.libs/lt-lxcfs -h
or
/build/lxcfs-8lNGve/lxcfs-2.0/.1/.libs/lt-lxcfs [-p pidfile] mountpoint
/build/lxcfs-8lNGve/lxcfs-2.0/.1/.libs/lt-lxcfs -h
Signed-off-by: Evgeni Golov <evgeni@debian.org>
---
lxcfs.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/lxcfs.c b/lxcfs.c
index 47afe13..e745ce5 100644
--- a/lxcfs.c
+++ b/lxcfs.c
@@ -708,13 +708,13 @@ const struct fuse_operations lxcfs_ops = {
.fgetattr = NULL,
};
-static void usage(const char *me)
+static void usage()
{
fprintf(stderr, "Usage:\n");
fprintf(stderr, "\n");
- fprintf(stderr, "%s [-p pidfile] mountpoint\n", me);
+ fprintf(stderr, "lxcfs [-p pidfile] mountpoint\n");
fprintf(stderr, " Default pidfile is %s/lxcfs.pid\n", RUNTIME_PATH);
- fprintf(stderr, "%s -h\n", me);
+ fprintf(stderr, "lxcfs -h\n");
exit(1);
}
@@ -838,7 +838,7 @@ int main(int argc, char *argv[])
exit(EXIT_SUCCESS);
}
if (argc != 2 || is_help(argv[1]))
- usage(argv[0]);
+ usage();
do_reload();
if (signal(SIGUSR1, reload_handler) == SIG_ERR) {
--
2.9.3

50
0018-bindings-revert-cgroup-check.patch
View File

@ -1,50 +0,0 @@
From 9873c5e858f9628435afa7ff6b6cc50afbb91e06 Mon Sep 17 00:00:00 2001
From: Christian Brauner <cbrauner@suse.de>
Date: Thu, 25 Aug 2016 22:33:07 +0200
Subject: [PATCH 18/24] bindings: revert cgroup check
We do not need to check whether mode & W_OK is passed in. Even if the cgroup
root mount is writeable operations like cg_mkdir() et al. will fail with e.g.
EPERM. Basically all operations will fail on the cgroup root mount point because
the first operation they perform is pick_controller_from_path(). That is to say
they try to e.g. pick "blkio" from /var/lib/lxcfs/cgroup/blkio/some/cgroups an
similiar for all other controllers. If pick_controller_from_path() fails they
all return an appropriate errno. For example, cg_mkdir() does:
controller = pick_controller_from_path(fc, path);
if (!controller)
return errno == ENOENT ? -EPERM : -errno;
This means, we do not need to return an errno already in cg_access when
mode & W_OK is passed in. This has the advantage that users are still able to
descend into /var/lib/lxcfs/cgroup via:
cd /var/lib/lxcfs/cgroup
but are still blocked from doing any write operations.
Signed-off-by: Christian Brauner <cbrauner@suse.de>
---
bindings.c | 5 +----
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/bindings.c b/bindings.c
index 281aad2..8a5909a 100644
--- a/bindings.c
+++ b/bindings.c
@@ -1926,11 +1926,8 @@ int cg_access(const char *path, int mode)
struct cgfs_files *k = NULL;
struct fuse_context *fc = fuse_get_context();
- if (strcmp(path, "/cgroup") == 0) {
- if ((mode & W_OK) == 0)
- return -EACCES;
+ if (strcmp(path, "/cgroup") == 0)
return 0;
- }
if (!fc)
return -EIO;
--
2.9.3

113
0019-bindings-improve-returned-errnos.patch
View File

@ -1,113 +0,0 @@
From bc70ba9b492f1af79ce692471f3e300eaf4afe29 Mon Sep 17 00:00:00 2001
From: Christian Brauner <cbrauner@suse.de>
Date: Fri, 26 Aug 2016 10:32:32 +0200
Subject: [PATCH 19/24] bindings: improve returned errnos
Signed-off-by: Christian Brauner <cbrauner@suse.de>
---
bindings.c | 34 ++++++++++++++++++++--------------
1 file changed, 20 insertions(+), 14 deletions(-)
diff --git a/bindings.c b/bindings.c
index 8a5909a..aaba840 100644
--- a/bindings.c
+++ b/bindings.c
@@ -1541,12 +1541,17 @@ static const char *find_cgroup_in_path(const char *path)
{
const char *p1;
- if (strlen(path) < 9)
+ if (strlen(path) < 9) {
+ errno = EINVAL;
return NULL;
- p1 = strstr(path+8, "/");
- if (!p1)
+ }
+ p1 = strstr(path + 8, "/");
+ if (!p1) {
+ errno = EINVAL;
return NULL;
- return p1+1;
+ }
+ errno = 0;
+ return p1 + 1;
}
/*
@@ -1866,7 +1871,7 @@ int cg_open(const char *path, struct fuse_file_info *fi)
return -errno;
cgroup = find_cgroup_in_path(path);
if (!cgroup)
- return -EINVAL;
+ return -errno;
get_cgdir_and_path(cgroup, &cgdir, &last);
if (!last) {
@@ -2717,15 +2722,16 @@ int cg_chown(const char *path, uid_t uid, gid_t gid)
return -EIO;
if (strcmp(path, "/cgroup") == 0)
- return -EINVAL;
+ return -EPERM;
controller = pick_controller_from_path(fc, path);
if (!controller)
- return -errno;
+ return errno == ENOENT ? -EPERM : -errno;
+
cgroup = find_cgroup_in_path(path);
if (!cgroup)
/* this is just /cgroup/controller */
- return -EINVAL;
+ return -EPERM;
get_cgdir_and_path(cgroup, &cgdir, &last);
@@ -2782,15 +2788,16 @@ int cg_chmod(const char *path, mode_t mode)
return -EIO;
if (strcmp(path, "/cgroup") == 0)
- return -EINVAL;
+ return -EPERM;
controller = pick_controller_from_path(fc, path);
if (!controller)
- return -errno;
+ return errno == ENOENT ? -EPERM : -errno;
+
cgroup = find_cgroup_in_path(path);
if (!cgroup)
/* this is just /cgroup/controller */
- return -EINVAL;
+ return -EPERM;
get_cgdir_and_path(cgroup, &cgdir, &last);
@@ -2848,14 +2855,13 @@ int cg_mkdir(const char *path, mode_t mode)
if (!fc)
return -EIO;
-
controller = pick_controller_from_path(fc, path);
if (!controller)
return errno == ENOENT ? -EPERM : -errno;
cgroup = find_cgroup_in_path(path);
if (!cgroup)
- return -EINVAL;
+ return -errno;
get_cgdir_and_path(cgroup, &cgdir, &last);
if (!last)
@@ -2909,7 +2915,7 @@ int cg_rmdir(const char *path)
cgroup = find_cgroup_in_path(path);
if (!cgroup)
- return -EINVAL;
+ return -errno;
get_cgdir_and_path(cgroup, &cgdir, &last);
if (!last) {
--
2.9.3

78
0020-bindings-make-rmdir-behave-more-consistently.patch
View File

@ -1,78 +0,0 @@
From e254948fb93869c1a771cf5778161e703a422918 Mon Sep 17 00:00:00 2001
From: Christian Brauner <cbrauner@suse.de>
Date: Fri, 26 Aug 2016 16:26:27 +0200
Subject: [PATCH 20/24] bindings: make rmdir behave more consistently
We should be able to safely return -EPERM for:
if (!pick_controller_from_path())
/* Someone's trying to delete "/cgroup". */
if (!find_cgroup_in_path())
/* Someone's trying to delete a controller e.g. "/blkio". */
if (!get_cgdir_and_path()) {
/* Someone's trying to delete a cgroup on the same level as the
* "/lxc" cgroup e.g. rmdir "/cgroup/blkio/lxc" or
* rmdir "/cgroup/blkio/init.slice".
*/
}
All other interesting cases are caught further down.
Signed-off-by: Christian Brauner <cbrauner@suse.de>
---
bindings.c | 18 +++++++++++-------
1 file changed, 11 insertions(+), 7 deletions(-)
diff --git a/bindings.c b/bindings.c
index aaba840..4413a7d 100644
--- a/bindings.c
+++ b/bindings.c
@@ -1507,7 +1507,7 @@ static char *pick_controller_from_path(struct fuse_context *fc, const char *path
char *contr, *slash;
if (strlen(path) < 9) {
- errno = EINVAL;
+ errno = EACCES;
return NULL;
}
if (*(path + 7) != '/') {
@@ -1542,7 +1542,7 @@ static const char *find_cgroup_in_path(const char *path)
const char *p1;
if (strlen(path) < 9) {
- errno = EINVAL;
+ errno = EACCES;
return NULL;
}
p1 = strstr(path + 8, "/");
@@ -2910,16 +2910,20 @@ int cg_rmdir(const char *path)
return -EIO;
controller = pick_controller_from_path(fc, path);
- if (!controller)
- return -errno;
+ if (!controller) /* Someone's trying to delete "/cgroup". */
+ return -EPERM;
cgroup = find_cgroup_in_path(path);
- if (!cgroup)
- return -errno;
+ if (!cgroup) /* Someone's trying to delete a controller e.g. "/blkio". */
+ return -EPERM;
get_cgdir_and_path(cgroup, &cgdir, &last);
if (!last) {
- ret = -EINVAL;
+ /* Someone's trying to delete a cgroup on the same level as the
+ * "/lxc" cgroup e.g. rmdir "/cgroup/blkio/lxc" or
+ * rmdir "/cgroup/blkio/init.slice".
+ */
+ ret = -EPERM;
goto out;
}
--
2.9.3

51
0021-libtool-do-not-link-lxcfs-against-liblxcfs.patch
View File

@ -1,51 +0,0 @@
From 23748216d35bc40c36bc5dd35199fd37f3d3152b Mon Sep 17 00:00:00 2001
From: Christian Brauner <cbrauner@suse.de>
Date: Mon, 29 Aug 2016 10:12:27 +0200
Subject: [PATCH 21/24] libtool: do not link lxcfs against liblxcfs
Make liblxcfs a libtool module. Also, stop linking lxcfs against liblxcfs. We do
not really need this since we call dlopen() anyway. Furthermore, this allows us
to make sure that functions marked with __attribute__(constructor) are not run
before we call dlopen() in main() in lxcfs. This has the advantage that we can
show help output without __attribute__(constructor) functions being run.
Signed-off-by: Christian Brauner <cbrauner@suse.de>
---
Makefile.am | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/Makefile.am b/Makefile.am
index cb4abc1..444eaf5 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -9,15 +9,15 @@ AM_CFLAGS += -DLIBDIR=\"$(LIBDIR)\"
AM_LDFLAGS = $(FUSE_LIBS) -pthread
#AM_CFLAGS += -DDEBUG
-AM_CFLAGS += -DRUNTIME_PATH=\"$(RUNTIME_PATH)\"
+AM_CFLAGS += -DRUNTIME_PATH=\"$(RUNTIME_PATH)\"
liblxcfs_la_SOURCES = bindings.c cpuset.c bindings.h
liblxcfs_la_CFLAGS = $(AM_CFLAGS)
-liblxcfs_la_LDFLAGS = $(AM_CFLAGS) -shared
+liblxcfs_la_LDFLAGS = $(AM_CFLAGS) -module -shared
liblxcfstest_la_SOURCES = bindings.c cpuset.c bindings.h
liblxcfstest_la_CFLAGS = $(AM_CFLAGS) -DRELOADTEST
-liblxcfstest_la_LDFLAGS = $(AM_CFLAGS) -shared
+liblxcfstest_la_LDFLAGS = $(AM_CFLAGS) -module -shared
noinst_HEADERS = bindings.h
@@ -26,7 +26,7 @@ lib_LTLIBRARIES = liblxcfs.la
EXTRA_LTLIBRARIES = liblxcfstest.la
lxcfs_SOURCES = lxcfs.c
-lxcfs_LDADD = liblxcfs.la -ldl
+lxcfs_LDADD = -ldl
lxcfs_CFLAGS = $(AM_CFLAGS)
lxcfs_LDFLAGS = $(AM_LDFLAGS)
bin_PROGRAMS = lxcfs
--
2.9.3

943
0022-bindings-lxcfs-improve-debugging.patch
View File

@ -1,943 +0,0 @@
From b8defc3d52173e4773de1ab17b873dd79e187dc1 Mon Sep 17 00:00:00 2001
From: Christian Brauner <cbrauner@suse.de>
Date: Mon, 29 Aug 2016 10:33:49 +0200
Subject: [PATCH 22/24] bindings, lxcfs: improve debugging
Signed-off-by: Christian Brauner <cbrauner@suse.de>
---
bindings.c | 188 +++++++++++++++++++++++++++++--------------------------------
bindings.h | 14 +++++
lxcfs.c | 56 +++++++++---------
3 files changed, 133 insertions(+), 125 deletions(-)
diff --git a/bindings.c b/bindings.c
index 4413a7d..b2d5553 100644
--- a/bindings.c
+++ b/bindings.c
@@ -48,16 +48,6 @@ return -1;
extern int pivot_root(const char * new_root, const char * put_old);
#endif
-#ifdef DEBUG
-#define lxcfs_debug(format, ...) \
- do { \
- fprintf(stderr, "%s: %d: %s: " format, __FILE__, __LINE__, \
- __func__, __VA_ARGS__); \
- } while (false)
-#else
-#define lxcfs_debug(format, ...)
-#endif /* DEBUG */
-
enum {
LXC_TYPE_CGDIR,
LXC_TYPE_CGFILE,
@@ -116,7 +106,7 @@ static void lock_mutex(pthread_mutex_t *l)
int ret;
if ((ret = pthread_mutex_lock(l)) != 0) {
- fprintf(stderr, "pthread_mutex_lock returned:%d %s\n", ret, strerror(ret));
+ lxcfs_error("returned:%d %s\n", ret, strerror(ret));
exit(1);
}
}
@@ -146,7 +136,7 @@ static void unlock_mutex(pthread_mutex_t *l)
int ret;
if ((ret = pthread_mutex_unlock(l)) != 0) {
- fprintf(stderr, "pthread_mutex_unlock returned:%d %s\n", ret, strerror(ret));
+ lxcfs_error("returned:%d %s\n", ret, strerror(ret));
exit(1);
}
}
@@ -383,12 +373,12 @@ static bool write_string(const char *fnam, const char *string, int fd)
len = strlen(string);
ret = fwrite(string, 1, len, f);
if (ret != len) {
- fprintf(stderr, "Error writing to file: %s\n", strerror(errno));
+ lxcfs_error("Error writing to file: %s\n", strerror(errno));
fclose(f);
return false;
}
if (fclose(f) < 0) {
- fprintf(stderr, "Error writing to file: %s\n", strerror(errno));
+ lxcfs_error("Error writing to file: %s\n", strerror(errno));
return false;
}
return true;
@@ -408,7 +398,7 @@ static bool store_hierarchy(char *stridx, char *h)
n *= ALLOC_NUM;
char **tmp = realloc(hierarchies, n * sizeof(char *));
if (!tmp) {
- fprintf(stderr, "Out of memory\n");
+ lxcfs_error("%s\n", strerror(errno));
exit(1);
}
hierarchies = tmp;
@@ -425,7 +415,8 @@ static void print_subsystems(void)
fprintf(stderr, "hierarchies:\n");
for (i = 0; i < num_hierarchies; i++) {
if (hierarchies[i])
- fprintf(stderr, " %d: %s\n", i, hierarchies[i]);
+ fprintf(stderr, " %2d: fd: %3d: %s\n", i,
+ fd_hierarchies[i], hierarchies[i]);
}
}
@@ -512,7 +503,7 @@ static void chown_all_cgroup_files(const char *dirname, uid_t uid, gid_t gid, in
len = strlen(dirname);
if (len >= MAXPATHLEN) {
- fprintf(stderr, "chown_all_cgroup_files: pathname too long: %s\n", dirname);
+ lxcfs_error("Pathname too long: %s\n", dirname);
return;
}
@@ -522,7 +513,7 @@ static void chown_all_cgroup_files(const char *dirname, uid_t uid, gid_t gid, in
d = fdopendir(fd1);
if (!d) {
- fprintf(stderr, "chown_all_cgroup_files: failed to open %s\n", dirname);
+ lxcfs_error("Failed to open %s\n", dirname);
return;
}
@@ -531,11 +522,11 @@ static void chown_all_cgroup_files(const char *dirname, uid_t uid, gid_t gid, in
continue;
ret = snprintf(path, MAXPATHLEN, "%s/%s", dirname, direntp->d_name);
if (ret < 0 || ret >= MAXPATHLEN) {
- fprintf(stderr, "chown_all_cgroup_files: pathname too long under %s\n", dirname);
+ lxcfs_error("Pathname too long under %s\n", dirname);
continue;
}
if (fchownat(fd, path, uid, gid, 0) < 0)
- fprintf(stderr, "Failed to chown file %s to %u:%u", path, uid, gid);
+ lxcfs_error("Failed to chown file %s to %u:%u", path, uid, gid);
}
closedir(d);
}
@@ -600,7 +591,7 @@ static bool recursive_rmdir(const char *dirname, int fd, const int cfd)
rc = snprintf(pathname, MAXPATHLEN, "%s/%s", dirname, direntp->d_name);
if (rc < 0 || rc >= MAXPATHLEN) {
- fprintf(stderr, "pathname too long\n");
+ lxcfs_error("%s\n", "Pathname too long.");
continue;
}
@@ -616,7 +607,7 @@ static bool recursive_rmdir(const char *dirname, int fd, const int cfd)
ret = true;
if (closedir(dir) < 0) {
- fprintf(stderr, "%s: failed to close directory %s: %s\n", __func__, dirname, strerror(errno));
+ lxcfs_error("Failed to close directory %s: %s\n", dirname, strerror(errno));
ret = false;
}
@@ -766,7 +757,7 @@ static bool cgfs_iterate_cgroup(const char *controller, const char *cgroup, bool
cg = alloca(len);
ret = snprintf(cg, len, "%s%s", *cgroup == '/' ? "." : "", cgroup);
if (ret < 0 || (size_t)ret >= len) {
- fprintf(stderr, "%s: pathname too long under %s\n", __func__, cgroup);
+ lxcfs_error("Pathname too long under %s\n", cgroup);
return false;
}
@@ -787,13 +778,13 @@ static bool cgfs_iterate_cgroup(const char *controller, const char *cgroup, bool
ret = snprintf(pathname, MAXPATHLEN, "%s/%s", cg, dirent->d_name);
if (ret < 0 || ret >= MAXPATHLEN) {
- fprintf(stderr, "%s: pathname too long under %s\n", __func__, cg);
+ lxcfs_error("Pathname too long under %s\n", cg);
continue;
}
ret = fstatat(cfd, pathname, &mystat, AT_SYMLINK_NOFOLLOW);
if (ret) {
- fprintf(stderr, "%s: failed to stat %s: %s\n", __func__, pathname, strerror(errno));
+ lxcfs_error("Failed to stat %s: %s\n", pathname, strerror(errno));
continue;
}
if ((!directories && !S_ISREG(mystat.st_mode)) ||
@@ -813,7 +804,7 @@ static bool cgfs_iterate_cgroup(const char *controller, const char *cgroup, bool
sz++;
}
if (closedir(dir) < 0) {
- fprintf(stderr, "%s: failed closedir for %s: %s\n", __func__, cgroup, strerror(errno));
+ lxcfs_error("Failed closedir for %s: %s\n", cgroup, strerror(errno));
return false;
}
return true;
@@ -932,8 +923,8 @@ static void *make_key_list_entry(const char *controller, const char *cgroup, con
{
struct cgfs_files *entry = cgfs_get_key(controller, cgroup, dir_entry);
if (!entry) {
- fprintf(stderr, "%s: Error getting files under %s:%s\n",
- __func__, controller, cgroup);
+ lxcfs_error("Error getting files under %s:%s\n", controller,
+ cgroup);
}
return entry;
}
@@ -1170,7 +1161,7 @@ convert_id_to_ns(FILE *idfile, unsigned int in_id)
* uids wrapped around - unexpected as this is a procfile,
* so just bail.
*/
- fprintf(stderr, "pid wrapparound at entry %u %u %u in %s\n",
+ lxcfs_error("pid wrapparound at entry %u %u %u in %s\n",
nsuid, hostuid, count, line);
return -1;
}
@@ -1276,7 +1267,7 @@ static char *get_next_cgroup_dir(const char *taskcg, const char *querycg)
char *start, *end;
if (strlen(taskcg) <= strlen(querycg)) {
- fprintf(stderr, "%s: I was fed bad input\n", __func__);
+ lxcfs_error("%s\n", "I was fed bad input.");
return NULL;
}
@@ -1758,7 +1749,7 @@ int cg_readdir(const char *path, void *buf, fuse_fill_dir_t filler, off_t offset
return -EIO;
if (d->type != LXC_TYPE_CGDIR) {
- fprintf(stderr, "Internal error: file cache info used in readdir\n");
+ lxcfs_error("%s\n", "Internal error: file cache info used in readdir.");
return -EIO;
}
if (!d->cgroup && !d->controller) {
@@ -2003,14 +1994,14 @@ static bool wait_for_sock(int sock, int timeout)
return false;
if ((epfd = epoll_create(1)) < 0) {
- fprintf(stderr, "Failed to create epoll socket: %m\n");
+ lxcfs_error("%s\n", "Failed to create epoll socket: %m.");
return false;
}
ev.events = POLLIN_SET;
ev.data.fd = sock;
if (epoll_ctl(epfd, EPOLL_CTL_ADD, sock, &ev) < 0) {
- fprintf(stderr, "Failed adding socket to epoll: %m\n");
+ lxcfs_error("%s\n", "Failed adding socket to epoll: %m.");
close(epfd);
return false;
}
@@ -2058,8 +2049,7 @@ static int send_creds(int sock, struct ucred *cred, char v, bool pingfirst)
if (pingfirst) {
if (msgrecv(sock, buf, 1) != 1) {
- fprintf(stderr, "%s: Error getting reply from server over socketpair\n",
- __func__);
+ lxcfs_error("%s\n", "Error getting reply from server over socketpair.");
return SEND_CREDS_FAIL;
}
}
@@ -2083,8 +2073,7 @@ static int send_creds(int sock, struct ucred *cred, char v, bool pingfirst)
msg.msg_iovlen = 1;
if (sendmsg(sock, &msg, 0) < 0) {
- fprintf(stderr, "%s: failed at sendmsg: %s\n", __func__,
- strerror(errno));
+ lxcfs_error("Failed at sendmsg: %s.\n",strerror(errno));
if (errno == 3)
return SEND_CREDS_NOTSK;
return SEND_CREDS_FAIL;
@@ -2110,12 +2099,12 @@ static bool recv_creds(int sock, struct ucred *cred, char *v)
cred->gid = -1;
if (setsockopt(sock, SOL_SOCKET, SO_PASSCRED, &optval, sizeof(optval)) == -1) {
- fprintf(stderr, "Failed to set passcred: %s\n", strerror(errno));
+ lxcfs_error("Failed to set passcred: %s\n", strerror(errno));
return false;
}
buf[0] = '1';
if (write(sock, buf, 1) != 1) {
- fprintf(stderr, "Failed to start write on scm fd: %s\n", strerror(errno));
+ lxcfs_error("Failed to start write on scm fd: %s\n", strerror(errno));
return false;
}
@@ -2130,14 +2119,12 @@ static bool recv_creds(int sock, struct ucred *cred, char *v)
msg.msg_iovlen = 1;
if (!wait_for_sock(sock, 2)) {
- fprintf(stderr, "Timed out waiting for scm_cred: %s\n",
- strerror(errno));
+ lxcfs_error("Timed out waiting for scm_cred: %s\n", strerror(errno));
return false;
}
ret = recvmsg(sock, &msg, MSG_DONTWAIT);
if (ret < 0) {
- fprintf(stderr, "Failed to receive scm_cred: %s\n",
- strerror(errno));
+ lxcfs_error("Failed to receive scm_cred: %s\n", strerror(errno));
return false;
}
@@ -2170,10 +2157,8 @@ static int pid_ns_clone_wrapper(void *arg) {
char b = '1';
close(args->cpipe[0]);
- if (write(args->cpipe[1], &b, sizeof(char)) < 0) {
- fprintf(stderr, "%s (child): error on write: %s\n",
- __func__, strerror(errno));
- }
+ if (write(args->cpipe[1], &b, sizeof(char)) < 0)
+ lxcfs_error("(child): error on write: %s.\n", strerror(errno));
close(args->cpipe[1]);
return args->wrapped(args->sock, args->tpid);
}
@@ -2307,13 +2292,11 @@ bool do_read_pids(pid_t tpid, const char *contrl, const char *cg, const char *fi
// read converted results
if (!wait_for_sock(sock[0], 2)) {
- fprintf(stderr, "%s: timed out waiting for pid from child: %s\n",
- __func__, strerror(errno));
+ lxcfs_error("Timed out waiting for pid from child: %s.\n", strerror(errno));
goto out;
}
if (read(sock[0], &qpid, sizeof(qpid)) != sizeof(qpid)) {
- fprintf(stderr, "%s: error reading pid from child: %s\n",
- __func__, strerror(errno));
+ lxcfs_error("Error reading pid from child: %s.\n", strerror(errno));
goto out;
}
must_strcat_pid(d, &sz, &asz, qpid);
@@ -2328,8 +2311,7 @@ next:
v = '1';
if (send_creds(sock[0], &cred, v, true) != SEND_CREDS_OK) {
// failed to ask child to exit
- fprintf(stderr, "%s: failed to ask child to exit: %s\n",
- __func__, strerror(errno));
+ lxcfs_error("Failed to ask child to exit: %s.\n", strerror(errno));
goto out;
}
@@ -2357,7 +2339,7 @@ int cg_read(const char *path, char *buf, size_t size, off_t offset,
bool r;
if (f->type != LXC_TYPE_CGFILE) {
- fprintf(stderr, "Internal error: directory cache info used in cg_read\n");
+ lxcfs_error("%s\n", "Internal error: directory cache info used in cg_read.");
return -EIO;
}
@@ -2424,12 +2406,11 @@ static int pid_from_ns(int sock, pid_t tpid)
cred.gid = 0;
while (1) {
if (!wait_for_sock(sock, 2)) {
- fprintf(stderr, "%s: timeout reading from parent\n", __func__);
+ lxcfs_error("%s\n", "Timeout reading from parent.");
return 1;
}
if ((ret = read(sock, &vpid, sizeof(pid_t))) != sizeof(pid_t)) {
- fprintf(stderr, "%s: bad read from parent: %s\n",
- __func__, strerror(errno));
+ lxcfs_error("Bad read from parent: %s.\n", strerror(errno));
return 1;
}
if (vpid == -1) // done
@@ -2530,20 +2511,20 @@ void get_pid_creds(pid_t pid, uid_t *uid, gid_t *gid)
*gid = -1;
sprintf(line, "/proc/%d/status", pid);
if ((f = fopen(line, "r")) == NULL) {
- fprintf(stderr, "Error opening %s: %s\n", line, strerror(errno));
+ lxcfs_error("Error opening %s: %s\n", line, strerror(errno));
return;
}
while (fgets(line, 400, f)) {
if (strncmp(line, "Uid:", 4) == 0) {
if (sscanf(line+4, "%u", &u) != 1) {
- fprintf(stderr, "bad uid line for pid %u\n", pid);
+ lxcfs_error("bad uid line for pid %u\n", pid);
fclose(f);
return;
}
*uid = u;
} else if (strncmp(line, "Gid:", 4) == 0) {
if (sscanf(line+4, "%u", &g) != 1) {
- fprintf(stderr, "bad gid line for pid %u\n", pid);
+ lxcfs_error("bad gid line for pid %u\n", pid);
fclose(f);
return;
}
@@ -2615,8 +2596,7 @@ static bool do_write_pids(pid_t tpid, uid_t tuid, const char *contrl, const char
char v;
if (write(sock[0], &qpid, sizeof(qpid)) != sizeof(qpid)) {
- fprintf(stderr, "%s: error writing pid to child: %s\n",
- __func__, strerror(errno));
+ lxcfs_error("Error writing pid to child: %s.\n", strerror(errno));
goto out;
}
@@ -2640,7 +2620,7 @@ static bool do_write_pids(pid_t tpid, uid_t tuid, const char *contrl, const char
/* All good, write the value */
qpid = -1;
if (write(sock[0], &qpid ,sizeof(qpid)) != sizeof(qpid))
- fprintf(stderr, "Warning: failed to ask child to exit\n");
+ lxcfs_error("%s\n", "Warning: failed to ask child to exit.");
if (!fail)
answer = true;
@@ -2669,7 +2649,7 @@ int cg_write(const char *path, const char *buf, size_t size, off_t offset,
bool r;
if (f->type != LXC_TYPE_CGFILE) {
- fprintf(stderr, "Internal error: directory cache info used in cg_write\n");
+ lxcfs_error("%s\n", "Internal error: directory cache info used in cg_write.");
return -EIO;
}
@@ -3043,7 +3023,7 @@ static int read_file(const char *path, char *buf, size_t size,
goto err;
}
if (l >= cache_size) {
- fprintf(stderr, "Internal error: truncated write to cache\n");
+ lxcfs_error("%s\n", "Internal error: truncated write to cache.");
rv = 0;
goto err;
}
@@ -3255,7 +3235,7 @@ static int proc_meminfo_read(char *buf, size_t size, off_t offset,
}
if (l >= cache_size) {
- fprintf(stderr, "Internal error: truncated write to cache\n");
+ lxcfs_error("%s\n", "Internal error: truncated write to cache.");
rv = 0;
goto err;
}
@@ -3386,7 +3366,7 @@ static int proc_cpuinfo_read(char *buf, size_t size, off_t offset,
goto err;
}
if (l >= cache_size) {
- fprintf(stderr, "Internal error: truncated write to cache\n");
+ lxcfs_error("%s\n", "Internal error: truncated write to cache.");
rv = 0;
goto err;
}
@@ -3411,7 +3391,7 @@ static int proc_cpuinfo_read(char *buf, size_t size, off_t offset,
goto err;
}
if (l >= cache_size) {
- fprintf(stderr, "Internal error: truncated write to cache\n");
+ lxcfs_error("%s\n", "Internal error: truncated write to cache.");
rv = 0;
goto err;
}
@@ -3429,7 +3409,7 @@ static int proc_cpuinfo_read(char *buf, size_t size, off_t offset,
goto err;
}
if (l >= cache_size) {
- fprintf(stderr, "Internal error: truncated write to cache\n");
+ lxcfs_error("%s\n", "Internal error: truncated write to cache.");
rv = 0;
goto err;
}
@@ -3536,7 +3516,7 @@ static int proc_stat_read(char *buf, size_t size, off_t offset,
//skip first line
if (getline(&line, &linelen, f) < 0) {
- fprintf(stderr, "proc_stat_read read first line failed\n");
+ lxcfs_error("%s\n", "proc_stat_read read first line failed.");
goto err;
}
@@ -3557,7 +3537,7 @@ static int proc_stat_read(char *buf, size_t size, off_t offset,
goto err;
}
if (l >= cache_size) {
- fprintf(stderr, "Internal error: truncated write to cache\n");
+ lxcfs_error("%s\n", "Internal error: truncated write to cache.");
rv = 0;
goto err;
}
@@ -3584,7 +3564,7 @@ static int proc_stat_read(char *buf, size_t size, off_t offset,
}
if (l >= cache_size) {
- fprintf(stderr, "Internal error: truncated write to cache\n");
+ lxcfs_error("%s\n", "Internal error: truncated write to cache.");
rv = 0;
goto err;
}
@@ -3616,7 +3596,7 @@ static int proc_stat_read(char *buf, size_t size, off_t offset,
cache += cpuall_len;
} else{
/* shouldn't happen */
- fprintf(stderr, "proc_stat_read copy cpuall failed, cpuall_len=%d\n", cpuall_len);
+ lxcfs_error("proc_stat_read copy cpuall failed, cpuall_len=%d.", cpuall_len);
cpuall_len = 0;
}
@@ -3848,7 +3828,7 @@ static int proc_diskstats_read(char *buf, size_t size, off_t offset,
goto err;
}
if (l >= cache_size) {
- fprintf(stderr, "Internal error: truncated write to cache\n");
+ lxcfs_error("%s\n", "Internal error: truncated write to cache.");
rv = 0;
goto err;
}
@@ -4149,7 +4129,7 @@ static bool mkdir_p(const char *dir, mode_t mode)
if (!makeme)
return false;
if (mkdir(makeme, mode) && errno != EEXIST) {
- fprintf(stderr, "failed to create directory '%s': %s",
+ lxcfs_error("Failed to create directory '%s': %s.\n",
makeme, strerror(errno));
free(makeme);
return false;
@@ -4163,7 +4143,7 @@ static bool mkdir_p(const char *dir, mode_t mode)
static bool umount_if_mounted(void)
{
if (umount2(BASEDIR, MNT_DETACH) < 0 && errno != EINVAL) {
- fprintf(stderr, "failed to unmount %s: %s.\n", BASEDIR, strerror(errno));
+ lxcfs_error("Failed to unmount %s: %s.\n", BASEDIR, strerror(errno));
return false;
}
return true;
@@ -4175,25 +4155,25 @@ static int pivot_enter(void)
oldroot = open("/", O_DIRECTORY | O_RDONLY);
if (oldroot < 0) {
- fprintf(stderr, "%s: Failed to open old root for fchdir.\n", __func__);
+ lxcfs_error("%s\n", "Failed to open old root for fchdir.");
return ret;
}
newroot = open(ROOTDIR, O_DIRECTORY | O_RDONLY);
if (newroot < 0) {
- fprintf(stderr, "%s: Failed to open new root for fchdir.\n", __func__);
+ lxcfs_error("%s\n", "Failed to open new root for fchdir.");
goto err;
}
/* change into new root fs */
if (fchdir(newroot) < 0) {
- fprintf(stderr, "%s: Failed to change directory to new rootfs: %s.\n", __func__, ROOTDIR);
+ lxcfs_error("Failed to change directory to new rootfs: %s.\n", ROOTDIR);
goto err;
}
/* pivot_root into our new root fs */
if (pivot_root(".", ".") < 0) {
- fprintf(stderr, "%s: pivot_root() syscall failed: %s.\n", __func__, strerror(errno));
+ lxcfs_error("pivot_root() syscall failed: %s.\n", strerror(errno));
goto err;
}
@@ -4203,16 +4183,16 @@ static int pivot_enter(void)
* to the old-root.
*/
if (fchdir(oldroot) < 0) {
- fprintf(stderr, "%s: Failed to enter old root.\n", __func__);
+ lxcfs_error("%s\n", "Failed to enter old root.");
goto err;
}
if (umount2(".", MNT_DETACH) < 0) {
- fprintf(stderr, "%s: Failed to detach old root.\n", __func__);
+ lxcfs_error("%s\n", "Failed to detach old root.");
goto err;
}
if (fchdir(newroot) < 0) {
- fprintf(stderr, "%s: Failed to re-enter new root.\n", __func__);
+ lxcfs_error("%s\n", "Failed to re-enter new root.");
goto err;
}
@@ -4230,22 +4210,22 @@ err:
static int pivot_prepare(void)
{
if (mkdir(ROOTDIR, 0700) < 0 && errno != EEXIST) {
- fprintf(stderr, "%s: Failed to create directory for new root.\n", __func__);
+ lxcfs_error("%s\n", "Failed to create directory for new root.");
return -1;
}
if (mount("/", ROOTDIR, NULL, MS_BIND, 0) < 0) {
- fprintf(stderr, "%s: Failed to bind-mount / for new root: %s.\n", __func__, strerror(errno));
+ lxcfs_error("Failed to bind-mount / for new root: %s.\n", strerror(errno));
return -1;
}
if (mount(RUNTIME_PATH, ROOTDIR RUNTIME_PATH, NULL, MS_BIND, 0) < 0) {
- fprintf(stderr, "%s: Failed to bind-mount /run into new root: %s.\n", __func__, strerror(errno));
+ lxcfs_error("Failed to bind-mount /run into new root: %s.\n", strerror(errno));
return -1;
}
if (mount(BASEDIR, ROOTDIR BASEDIR, NULL, MS_REC | MS_MOVE, 0) < 0) {
- printf("%s: failed to move " BASEDIR " into new root: %s.\n", __func__, strerror(errno));
+ printf("Failed to move " BASEDIR " into new root: %s.\n", strerror(errno));
return -1;
}
@@ -4268,27 +4248,27 @@ static bool pivot_new_root(void)
static bool setup_cgfs_dir(void)
{
if (!mkdir_p(BASEDIR, 0700)) {
- fprintf(stderr, "Failed to create lxcfs cgroup mountpoint.\n");
+ lxcfs_error("%s\n", "Failed to create lxcfs cgroup mountpoint.");
return false;
}
if (!umount_if_mounted()) {
- fprintf(stderr, "Failed to clean up old lxcfs cgroup mountpoint.\n");
+ lxcfs_error("%s\n", "Failed to clean up old lxcfs cgroup mountpoint.");
return false;
}
if (unshare(CLONE_NEWNS) < 0) {
- fprintf(stderr, "%s: Failed to unshare mount namespace: %s.\n", __func__, strerror(errno));
+ lxcfs_error("Failed to unshare mount namespace: %s.\n", strerror(errno));
return false;
}
if (mount(NULL, "/", NULL, MS_REC | MS_PRIVATE, 0) < 0) {
- fprintf(stderr, "%s: Failed to remount / private: %s.\n", __func__, strerror(errno));
+ lxcfs_error("Failed to remount / private: %s.\n", strerror(errno));
return false;
}
if (mount("tmpfs", BASEDIR, "tmpfs", 0, "size=100000,mode=700") < 0) {
- fprintf(stderr, "Failed to mount tmpfs over lxcfs cgroup mountpoint.\n");
+ lxcfs_error("%s\n", "Failed to mount tmpfs over lxcfs cgroup mountpoint.");
return false;
}
@@ -4318,7 +4298,7 @@ static bool do_mount_cgroups(void)
return false;
}
if (mount(controller, target, "cgroup", 0, controller) < 0) {
- fprintf(stderr, "Failed mounting cgroup %s\n", controller);
+ lxcfs_error("Failed mounting cgroup %s\n", controller);
free(target);
return false;
}
@@ -4339,7 +4319,7 @@ static bool cgfs_setup_controllers(void)
return false;
if (!do_mount_cgroups()) {
- fprintf(stderr, "Failed to set up private lxcfs cgroup mounts.\n");
+ lxcfs_error("%s\n", "Failed to set up private lxcfs cgroup mounts.");
return false;
}
@@ -4370,7 +4350,7 @@ static void __attribute__((constructor)) collect_and_mount_subsystems(void)
int i, init_ns = -1;
if ((f = fopen("/proc/self/cgroup", "r")) == NULL) {
- fprintf(stderr, "Error opening /proc/self/cgroup: %s\n", strerror(errno));
+ lxcfs_error("Error opening /proc/self/cgroup: %s\n", strerror(errno));
return;
}
while (getline(&line, &len, f) != -1) {
@@ -4400,23 +4380,31 @@ static void __attribute__((constructor)) collect_and_mount_subsystems(void)
/* Preserve initial namespace. */
init_ns = preserve_ns(getpid());
- if (init_ns < 0)
+ if (init_ns < 0) {
+ lxcfs_error("%s\n", "Failed to preserve initial mount namespace.");
goto out;
+ }
fd_hierarchies = malloc(sizeof(int *) * num_hierarchies);
- if (!fd_hierarchies)
+ if (!fd_hierarchies) {
+ lxcfs_error("%s\n", strerror(errno));
goto out;
+ }
for (i = 0; i < num_hierarchies; i++)
fd_hierarchies[i] = -1;
/* This function calls unshare(CLONE_NEWNS) our initial mount namespace
* to privately mount lxcfs cgroups. */
- if (!cgfs_setup_controllers())
+ if (!cgfs_setup_controllers()) {
+ lxcfs_error("%s\n", "Failed to setup private cgroup mounts for lxcfs.");
goto out;
+ }
- if (setns(init_ns, 0) < 0)
+ if (setns(init_ns, 0) < 0) {
+ lxcfs_error("Failed to switch back to initial mount namespace: %s.\n", strerror(errno));
goto out;
+ }
print_subsystems();
@@ -4431,6 +4419,8 @@ static void __attribute__((destructor)) free_subsystems(void)
{
int i;
+ lxcfs_debug("%s\n", "Running destructor for liblxcfs.");
+
for (i = 0; i < num_hierarchies; i++) {
if (hierarchies[i])
free(hierarchies[i]);
diff --git a/bindings.h b/bindings.h
index 7cd75be..c295104 100644
--- a/bindings.h
+++ b/bindings.h
@@ -2,6 +2,20 @@
#define BASEDIR RUNTIME_PATH "/lxcfs/controllers"
#define ROOTDIR RUNTIME_PATH "/lxcfs/root"
+#define lxcfs_debug_stream(stream, format, ...) \
+ do { \
+ fprintf(stderr, "%s: %d: %s: " format, __FILE__, __LINE__, \
+ __func__, __VA_ARGS__); \
+ } while (false)
+
+#define lxcfs_error(format, ...) lxcfs_debug_stream(stderr, format, __VA_ARGS__)
+
+#ifdef DEBUG
+#define lxcfs_debug(format, ...) lxcfs_error(format, __VA_ARGS__)
+#else
+#define lxcfs_debug(format, ...)
+#endif /* DEBUG */
+
extern int cg_write(const char *path, const char *buf, size_t size, off_t offset,
struct fuse_file_info *fi);
extern int cg_mkdir(const char *path, mode_t mode);
diff --git a/lxcfs.c b/lxcfs.c
index 2500f61..d065125 100644
--- a/lxcfs.c
+++ b/lxcfs.c
@@ -43,7 +43,7 @@ static void lock_mutex(pthread_mutex_t *l)
int ret;
if ((ret = pthread_mutex_lock(l)) != 0) {
- fprintf(stderr, "pthread_mutex_lock returned:%d %s\n", ret, strerror(ret));
+ lxcfs_error("returned:%d %s\n", ret, strerror(ret));
exit(1);
}
}
@@ -53,7 +53,7 @@ static void unlock_mutex(pthread_mutex_t *l)
int ret;
if ((ret = pthread_mutex_unlock(l)) != 0) {
- fprintf(stderr, "pthread_mutex_unlock returned:%d %s\n", ret, strerror(ret));
+ lxcfs_error("returned:%d %s\n", ret, strerror(ret));
exit(1);
}
}
@@ -74,23 +74,27 @@ static volatile sig_atomic_t need_reload;
* lock and when we know the user_count was 0 */
static void do_reload(void)
{
- if (dlopen_handle)
+ if (dlopen_handle) {
+ lxcfs_debug("%s\n", "Closing liblxcfs.so handle.");
dlclose(dlopen_handle);
+ }
/* First try loading using ld.so */
dlopen_handle = dlopen("liblxcfs.so", RTLD_LAZY);
- if (dlopen_handle)
+ if (dlopen_handle) {
+ lxcfs_debug("%s\n", "Successfully called dlopen() on liblxcfs.so.");
goto good;
+ }
dlopen_handle = dlopen("/usr/lib/lxcfs/liblxcfs.so", RTLD_LAZY);
if (!dlopen_handle) {
- fprintf(stderr, "Failed to open liblxcfs: %s.\n", dlerror());
+ lxcfs_error("Failed to open liblxcfs.so: %s.\n", dlerror());
_exit(1);
}
good:
if (need_reload)
- fprintf(stderr, "lxcfs: reloaded\n");
+ lxcfs_error("%s\n", "lxcfs: reloaded");
need_reload = 0;
}
@@ -124,7 +128,7 @@ static int do_cg_getattr(const char *path, struct stat *sb)
cg_getattr = (int (*)(const char *, struct stat *)) dlsym(dlopen_handle, "cg_getattr");
error = dlerror();
if (error != NULL) {
- fprintf(stderr, "cg_getattr: %s\n", error);
+ lxcfs_error("%s\n", error);
return -1;
}
@@ -139,7 +143,7 @@ static int do_proc_getattr(const char *path, struct stat *sb)
proc_getattr = (int (*)(const char *, struct stat *)) dlsym(dlopen_handle, "proc_getattr");
error = dlerror();
if (error != NULL) {
- fprintf(stderr, "proc_getattr: %s\n", error);
+ lxcfs_error("%s\n", error);
return -1;
}
@@ -157,7 +161,7 @@ static int do_cg_read(const char *path, char *buf, size_t size, off_t offset,
cg_read = (int (*)(const char *, char *, size_t, off_t, struct fuse_file_info *)) dlsym(dlopen_handle, "cg_read");
error = dlerror();
if (error != NULL) {
- fprintf(stderr, "cg_read: %s\n", error);
+ lxcfs_error("%s\n", error);
return -1;
}
@@ -175,7 +179,7 @@ static int do_proc_read(const char *path, char *buf, size_t size, off_t offset,
proc_read = (int (*)(const char *, char *, size_t, off_t, struct fuse_file_info *)) dlsym(dlopen_handle, "proc_read");
error = dlerror();
if (error != NULL) {
- fprintf(stderr, "proc_read: %s\n", error);
+ lxcfs_error("%s\n", error);
return -1;
}
@@ -192,7 +196,7 @@ static int do_cg_write(const char *path, const char *buf, size_t size, off_t off
cg_write = (int (*)(const char *, const char *, size_t, off_t, struct fuse_file_info *)) dlsym(dlopen_handle, "cg_write");
error = dlerror();
if (error != NULL) {
- fprintf(stderr, "cg_write: %s\n", error);
+ lxcfs_error("%s\n", error);
return -1;
}
@@ -207,7 +211,7 @@ static int do_cg_mkdir(const char *path, mode_t mode)
cg_mkdir = (int (*)(const char *, mode_t)) dlsym(dlopen_handle, "cg_mkdir");
error = dlerror();
if (error != NULL) {
- fprintf(stderr, "cg_mkdir: %s\n", error);
+ lxcfs_error("%s\n", error);
return -1;
}
@@ -222,7 +226,7 @@ static int do_cg_chown(const char *path, uid_t uid, gid_t gid)
cg_chown = (int (*)(const char *, uid_t, gid_t)) dlsym(dlopen_handle, "cg_chown");
error = dlerror();
if (error != NULL) {
- fprintf(stderr, "cg_chown: %s\n", error);
+ lxcfs_error("%s\n", error);
return -1;
}
@@ -237,7 +241,7 @@ static int do_cg_rmdir(const char *path)
cg_rmdir = (int (*)(const char *path)) dlsym(dlopen_handle, "cg_rmdir");
error = dlerror();
if (error != NULL) {
- fprintf(stderr, "cg_rmdir: %s\n", error);
+ lxcfs_error("%s\n", error);
return -1;
}
@@ -252,7 +256,7 @@ static int do_cg_chmod(const char *path, mode_t mode)
cg_chmod = (int (*)(const char *, mode_t)) dlsym(dlopen_handle, "cg_chmod");
error = dlerror();
if (error != NULL) {
- fprintf(stderr, "cg_chmod: %s\n", error);
+ lxcfs_error("%s\n", error);
return -1;
}
@@ -270,7 +274,7 @@ static int do_cg_readdir(const char *path, void *buf, fuse_fill_dir_t filler, of
cg_readdir = (int (*)(const char *, void *, fuse_fill_dir_t, off_t, struct fuse_file_info *)) dlsym(dlopen_handle, "cg_readdir");
error = dlerror();
if (error != NULL) {
- fprintf(stderr, "cg_readdir: %s\n", error);
+ lxcfs_error("%s\n", error);
return -1;
}
@@ -288,7 +292,7 @@ static int do_proc_readdir(const char *path, void *buf, fuse_fill_dir_t filler,
proc_readdir = (int (*)(const char *, void *, fuse_fill_dir_t, off_t, struct fuse_file_info *)) dlsym(dlopen_handle, "proc_readdir");
error = dlerror();
if (error != NULL) {
- fprintf(stderr, "proc_readdir: %s\n", error);
+ lxcfs_error("%s\n", error);
return -1;
}
@@ -303,7 +307,7 @@ static int do_cg_open(const char *path, struct fuse_file_info *fi)
cg_open = (int (*)(const char *, struct fuse_file_info *)) dlsym(dlopen_handle, "cg_open");
error = dlerror();
if (error != NULL) {
- fprintf(stderr, "cg_open: %s\n", error);
+ lxcfs_error("%s\n", error);
return -1;
}
@@ -318,7 +322,7 @@ static int do_cg_access(const char *path, int mode)
cg_access = (int (*)(const char *, int mode)) dlsym(dlopen_handle, "cg_access");
error = dlerror();
if (error != NULL) {
- fprintf(stderr, "cg_access: %s\n", error);
+ lxcfs_error("%s\n", error);
return -1;
}
@@ -333,7 +337,7 @@ static int do_proc_open(const char *path, struct fuse_file_info *fi)
proc_open = (int (*)(const char *path, struct fuse_file_info *fi)) dlsym(dlopen_handle, "proc_open");
error = dlerror();
if (error != NULL) {
- fprintf(stderr, "proc_open: %s\n", error);
+ lxcfs_error("%s\n", error);
return -1;
}
@@ -348,7 +352,7 @@ static int do_proc_access(const char *path, int mode)
proc_access = (int (*)(const char *, int mode)) dlsym(dlopen_handle, "proc_access");
error = dlerror();
if (error != NULL) {
- fprintf(stderr, "proc_access: %s\n", error);
+ lxcfs_error("%s\n", error);
return -1;
}
@@ -363,7 +367,7 @@ static int do_cg_release(const char *path, struct fuse_file_info *fi)
cg_release = (int (*)(const char *path, struct fuse_file_info *)) dlsym(dlopen_handle, "cg_release");
error = dlerror();
if (error != NULL) {
- fprintf(stderr, "cg_release: %s\n", error);
+ lxcfs_error("%s\n", error);
return -1;
}
@@ -378,7 +382,7 @@ static int do_proc_release(const char *path, struct fuse_file_info *fi)
proc_release = (int (*)(const char *path, struct fuse_file_info *)) dlsym(dlopen_handle, "proc_release");
error = dlerror();
if (error != NULL) {
- fprintf(stderr, "proc_release: %s\n", error);
+ lxcfs_error("%s\n", error);
return -1;
}
@@ -393,7 +397,7 @@ static int do_cg_opendir(const char *path, struct fuse_file_info *fi)
cg_opendir = (int (*)(const char *path, struct fuse_file_info *fi)) dlsym(dlopen_handle, "cg_opendir");
error = dlerror();
if (error != NULL) {
- fprintf(stderr, "cg_opendir: %s\n", error);
+ lxcfs_error("%s\n", error);
return -1;
}
@@ -408,7 +412,7 @@ static int do_cg_releasedir(const char *path, struct fuse_file_info *fi)
cg_releasedir = (int (*)(const char *path, struct fuse_file_info *)) dlsym(dlopen_handle, "cg_releasedir");
error = dlerror();
if (error != NULL) {
- fprintf(stderr, "cg_releasedir: %s\n", error);
+ lxcfs_error("%s\n", error);
return -1;
}
@@ -798,7 +802,7 @@ static int set_pidfile(char *pidfile)
fd = open(pidfile, O_RDWR | O_CREAT, S_IRUSR | S_IWUSR);
if (fd == -1) {
- fprintf(stderr, "Could not open pidfile %s: %m", pidfile);
+ fprintf(stderr, "Could not open pidfile %s: %m\n", pidfile);
return -1;
}
--
2.9.3

38
0023-bindings-fix-debug-macro.patch
View File

@ -1,38 +0,0 @@
From 3b5a323346f95622d4b97d37a645b468d32a852c Mon Sep 17 00:00:00 2001
From: Christian Brauner <cbrauner@suse.de>
Date: Tue, 30 Aug 2016 10:26:44 +0200
Subject: [PATCH 23/24] bindings: fix debug macro
Signed-off-by: Christian Brauner <cbrauner@suse.de>
---
bindings.h | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/bindings.h b/bindings.h
index c295104..04d728c 100644
--- a/bindings.h
+++ b/bindings.h
@@ -1,10 +1,13 @@
+#ifndef __LXCFS_BINDINGS_H
+#define __LXCFS_BINDINGS_H
+
/* directory under which we mount the controllers - /run/lxcfs/controllers */
#define BASEDIR RUNTIME_PATH "/lxcfs/controllers"
#define ROOTDIR RUNTIME_PATH "/lxcfs/root"
#define lxcfs_debug_stream(stream, format, ...) \
do { \
- fprintf(stderr, "%s: %d: %s: " format, __FILE__, __LINE__, \
+ fprintf(stream, "%s: %d: %s: " format, __FILE__, __LINE__, \
__func__, __VA_ARGS__); \
} while (false)
@@ -41,3 +44,5 @@ extern int proc_open(const char *path, struct fuse_file_info *fi);
extern int proc_read(const char *path, char *buf, size_t size, off_t offset,
struct fuse_file_info *fi);
extern int proc_access(const char *path, int mask);
+
+#endif /* __LXCFS__BINDINGS_H */
--
2.9.3

56
0024-bindings-restore-original-working-directory.patch
View File

@ -1,56 +0,0 @@
From e58dab009be0efbc2fbf60b4cff50d79d6ffbca8 Mon Sep 17 00:00:00 2001
From: Christian Brauner <cbrauner@suse.de>
Date: Wed, 31 Aug 2016 02:20:09 +0200
Subject: [PATCH 24/24] bindings: restore original working directory
Signed-off-by: Christian Brauner <cbrauner@suse.de>
---
bindings.c | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/bindings.c b/bindings.c
index b2d5553..ac88f48 100644
--- a/bindings.c
+++ b/bindings.c
@@ -4345,7 +4345,8 @@ static int preserve_ns(int pid)
static void __attribute__((constructor)) collect_and_mount_subsystems(void)
{
FILE *f;
- char *line = NULL;
+ char *cret, *line = NULL;
+ char cwd[MAXPATHLEN];
size_t len = 0;
int i, init_ns = -1;
@@ -4353,6 +4354,7 @@ static void __attribute__((constructor)) collect_and_mount_subsystems(void)
lxcfs_error("Error opening /proc/self/cgroup: %s\n", strerror(errno));
return;
}
+
while (getline(&line, &len, f) != -1) {
char *p, *p2;
@@ -4394,6 +4396,10 @@ static void __attribute__((constructor)) collect_and_mount_subsystems(void)
for (i = 0; i < num_hierarchies; i++)
fd_hierarchies[i] = -1;
+ cret = getcwd(cwd, MAXPATHLEN);
+ if (!cret)
+ lxcfs_debug("Could not retrieve current working directory: %s.\n", strerror(errno));
+
/* This function calls unshare(CLONE_NEWNS) our initial mount namespace
* to privately mount lxcfs cgroups. */
if (!cgfs_setup_controllers()) {
@@ -4406,6 +4412,9 @@ static void __attribute__((constructor)) collect_and_mount_subsystems(void)
goto out;
}
+ if (!cret || chdir(cwd) < 0)
+ lxcfs_debug("Could not change back to original working directory: %s.\n", strerror(errno));
+
print_subsystems();
out:
--
2.9.3

3
lxcfs-2.0.3.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:dd94e19bff202cb9fe2aa7d244b2cccf53cf5d7f6dd76c815e1161e3ba4ce0df
size 403776

3
lxcfs-2.0.7.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:8c15abf36eaf244ac6906460de0fe8e818c6b96d59b7e5401066fa419b76b649
size 419312

16
lxcfs-2.0.7.tar.gz.asc Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIcBAABCgAGBQJZFKksAAoJEMY4l01keS1n1YwP/1SMGhM64g7f94bzabJur/He
7QD7bmKzlqQRTF4H0U8Q79YlaseA67F4lwIRmvEt7vIOd1eOf+pBIjhhJe9OFc3M
TMc92k8a5Hk45bU+/1mmmkLiM1fvXMZk5Vlt2unSCJAzKUweGxrwQCmxrqegsE7E
vKpUZz0ZQIyIX3MTOYVq9GoDZzkqIBPhHVWVLynBCWq9HqfC+PHhQ7Jd7W+LoyPZ
/ouwprnTPqiq0/Vm/qUYpDOb9/YY3qu6GyaGZm3TiJ9nDvkW7w2S4dAulqq6X2cl
AOF3he8zIP71Hd3y2fxEMIdmUdd1RMgsQ53AGmDATIc8NJojUuYKxCMQndZDnZvJ
6RFRfIi6sivMD2acoWcYDn9501sjQ27Ibz5V6ADFIsFRkTga5JSEe0L7D7TOsJiG
/JOww5Olg96c9a5hmUHXwdwNnX+ZcN95k7fpmOn0Dg6taErEDJDxqb9aNrSf2UvG
AUQJUArgV8ueYOrpJCLEmi/WPSkBWPRCGH6x2kQeUmOXUMgPSMNH706eJJ4lWmlQ
kP7uQ56FdTzK6CsaouSB38XUM2k2gE+CAfoTkqCdEzuvKmb9+puWBeNxewHKbspZ
r8kuQSztF5eo3zMX7AcHQdqIYkA5T3dh8ByXoKuNvmlMRjAHo19jb2/WbUSZUVmM
IU1UhVWUKNIXHvA11CYm
=KBmV
-----END PGP SIGNATURE-----

106
lxcfs.changes
View File

@ -1,3 +1,109 @@
-------------------------------------------------------------------
Wed May 17 10:44:25 UTC 2017 - opensuse_buildservice@ojkastl.de
- update to version 2.0.7
This is the seventh bugfix release for LXCFS 2.0. This includes the following bugfixes:
* Remove unused variable
* Also check next variable for NULL on cg_rmdir
* virtualize the 'btime' field of /proc/stat
* cleanup: return false instead of NULL as bool
* Limit memswlimit by TotalSwap
* pam_cgfs: remove dead assignment
* pam_cgfs: return created directly
* pam_cgfs: make sure that **p is not NULL
* bindings: Want space for ints? Call sizeof(int)!
* pam_cgfs: make trim() safer
* pam_cgfs: error out on failure in cgv2_init()
* pam_cgfs: remove dead assignment
* bindings: implement guest nice
* bindings: increase reserved buffer size a little
- added signature verification
-------------------------------------------------------------------
Fri Jan 27 15:31:13 UTC 2017 - opensuse_buildservice@ojkastl.de
- deleted patches 0001 to 00024, as they are upstream already
- 0001-Fix-test_reload-for-lxcfs-chroot.patch
- 0002-Virtualize-more-of-the-meminfo-fields.patch
- 0003-pam-fix-race-in-cgroup-creation.patch
- 0004-meminfo-don-t-show-negative-swapfree.patch
- 0005-bindings-improve-debugging.patch
- 0006-bindings-use-openat-fd-for-fstatat-unlinkat.patch
- 0007-bindings-close-open-fds-on-error.patch
- 0008-bindings-grant-access-to-var-lib-lxcfs.patch
- 0009-bindings-enable-access-to-var-lib-lxcfs-cgroup.patch
- 0010-bindings-allow-access-to-var-lib-lxcfs-proc.patch
- 0011-lxcfs-bindings-show-.-and-.-dir-entries.patch
- 0012-lxcfs-better-fs-behavior-on-var-lib-lxcfs.patch
- 0013-bindings-non-functional-changes.patch
- 0014-bindings-set-errno-in-pick_controller_from_path.patch
- 0015-bindings-more-consistent-fs-behavior.patch
- 0016-add-pld-linux-support.patch
- 0017-don-t-use-argv-0-in-usage-output.patch
- 0018-bindings-revert-cgroup-check.patch
- 0019-bindings-improve-returned-errnos.patch
- 0020-bindings-make-rmdir-behave-more-consistently.patch
- 0021-libtool-do-not-link-lxcfs-against-liblxcfs.patch
- 0022-bindings-lxcfs-improve-debugging.patch
- 0023-bindings-fix-debug-macro.patch
- 0024-bindings-restore-original-working-directory.patch
-------------------------------------------------------------------
Wed Jan 25 09:10:46 UTC 2017 - opensuse_buildservice@ojkastl.de
- update to version 2.0.6
This is the sixth bugfix release for LXCFS 2.0. This includes the following bugfixes:
Fix swap values with nested cgroups
tests: Fix run on ppc64el
Fix wrong scanning of memory.stat
- update to version 2.0.5
This is the fifth bugfix release for LXCFS 2.0. This includes the following bugfixes:
Add Documentation key to systemd unit
bindings: allow getattr on O_WRONLY files
bindings: remove noop check
fix Active/Inactive /proc/meminfo
macro: add header for shared macros
pam_cgfs: reimplement and add cgroupfs v2 support
pam_cgfs: re-use cgroups that already belong to us
pam_cgfs: handle cgroupfs v1 cpuset controller
pam_cgfs: improve logging
cgroups: handle non-existent isolcpus file
- update to version 2.0.4
This is the fourth bugfix release for LXCFS 2.0. This includes the following bugfixes:
Fix test_reload for lxcfs chroot
Virtualize more of the meminfo fields
pam: fix race in cgroup creation
meminfo: don't show negative swapfree
bindings: improve debugging
bindings: use openat fd for fstatat(), unlinkat()
bindings: close open fds on error
bindings: grant access to /var/lib/lxcfs
bindings: enable access to /var/lib/lxcfs/cgroup
bindings: allow access to /var/lib/lxcfs/proc
lxcfs, bindings: show "." and ".." dir entries
lxcfs: better fs behavior on /var/lib/lxcfs
bindings: non functional changes
bindings: set errno in pick_controller_from_path()
bindings: more consistent fs behavior
add pld linux support
don't use argv[0] in usage output
bindings: revert cgroup check
bindings: improve returned errnos
bindings: make rmdir behave more consistently
libtool: do not link lxcfs against liblxcfs
bindings, lxcfs: improve debugging
bindings: fix debug macro
autotools: add -avoid-version
bindings: restore original working directory
bindings: add function to check fs type
bindings: agnostic naming
bindings: use chroot() on ramfs
bindings: fix type weirdness with statfs f_type
bindings: make pivot_enter() contain all its code
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Aug 31 11:43:16 UTC 2016 - cbrauner@suse.de Wed Aug 31 11:43:16 UTC 2016 - cbrauner@suse.de

69
lxcfs.keyring Normal file
View File

@ -0,0 +1,69 @@
pub rsa4096/0xC638974D64792D67 2010-10-23 [SC]
602F567663E593BCBD14F338C638974D64792D67
uid [ unknown] Stéphane Graber <stgraber@stgraber.org>
uid [ unknown] Stéphane Graber <stgraber@ubuntu.com>
sub rsa4096/0x9E4B2A99D7B3258F 2010-10-23 [E]
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBEzDJtYBEADeY2GjCIHiP69HyT6dea1bcBYKHzGusmPjUGfNExAgseCgkFGo
xROSpjt5ez8FGyvjvSevVTtWTO955eLrhj7fUzfcN8ot+Lj5EeCeyX6evR/jv/Kw
dJZfKNHEKFlsRL74NEodSIvxDxANsu4iggpPWe+RMcZt7yP/4j5j7/yfZHCtDNVe
6vYr6FvR9YmJ1TK3SudKQ0eLYBgW75V45xtgl1dzcTfmmnQKRq0NBgGHQ9P+VdA5
TTaKDxDyVGuGL3eSBABLKiOTVxn8cLK75NOHH920PbOIKAfXh0StvIRbHL0EcwNj
4nrSHHsDqFwQaieVueEpxaL3OfKXlF/4KdkCz8J1fXMiKd7MrOaVCGfriU4J9H3V
2JUPzHCv1QOLlJFkzyfbAh/62xRuUKihqBnLvMStl1wCesbMSAUxZZs2u+emqjD7
wqf7bj5u34bCb/7eBnirBhk7fCPrWeiw+tyr8focN3TB9ZjoFba+lzReP+ehYpFI
15ro7wJ82VvEYw3/UIOyUhGBdGWZzwoag6Y2sm7zY84YGtNV44LsaKpJYZUi7er4
2JQZ6PN68lfkGgTyjd3eFQ4la7pmhOWDZt9ldy8rz8dw0K8gKRP+b5NNmaPznCcM
tg8s+mQqcjWpeqwmq93JrgbxGwgiI2qw9P+dZI0jn+Aoth+DDki3MC6ZXwARAQAB
tCZTdMOpcGhhbmUgR3JhYmVyIDxzdGdyYWJlckB1YnVudHUuY29tPokCNwQTAQoA
IQUCTMMuOgIbAwULCQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRDGOJdNZHktZ35S
D/434tFecFY622NY/YLjQUN++bSvP+mbeCeOXnOULZozURQTuQzneTWFgkPOL7Uv
RIrw0WznQEwhUMai7PUF3SbOYcj7iYSXJM6t3aNfW0zmjS185Ny2bRB7URihTAyE
eM4Jpk6oMTmhqmH2OHnFQuNqmCl1tiH44KVv/sQAEzN/txjxj64YSq5NSzkQKlMG
/n7QfLL+RhoB4db1wY8vhnrryP7vUx5DR1A5z9MYfFTIJb75vsQM6r4s3sVtwSTG
kozJMUZAs0EXbI2Tgx2Wd7t2ix21lBu0PDb/RINpXQV0pyhT1kQxa1ZKfpLoM2LR
Wp6ctqmU+qkryaW8cLEHkYmDKEQIgQ7/DrOJPrPgjfBIC9LOcXgI1LbIh1L7tNFA
OiOVS/e4C3zxBowCS4VCWq9m0LrmC531sFF46cmAMhrmtStWqJpn/Yaxn8VmhhTU
zIVOUr3gL9RzbynYGIiSif+LXsrPLzEaDTGjmKm3oFvDadUHmb6HyuQ0M9UCgLQK
kWiOvybx6Q16doFm61VQsJMqHDSpLBjOc5cSHO9PiXlYzkK0dv8h8e0LG2MORHCJ
K4s8SfsPAXBCJwoZufcohaO0DD/fx93ErcAyNlDiwL2TxrQ4wEMHj73lt18A/HqP
VpU0zTWDpNDe/N12a3sfTfs9IdB/izq6k2kTzZwHmqgpKbQoU3TDqXBoYW5lIEdy
YWJlciA8c3RncmFiZXJAc3RncmFiZXIub3JnPokCOgQTAQoAJAIbAwULCQgHAwUV
CgkICwUWAgMBAAIeAQIXgAUCTMMuYQIZAQAKCRDGOJdNZHktZyTdEACcaGpJvqa8
uDiVrmbyaK/LDWhKdVE9JujTg4g05xtRpEE/yQKwHXKKxQfe8wQRuNOXWLj66w4o
UBKJs7Rc/DdNEM/RfYiTJD0dZ2fPq3GcU5rbZos1Tvmdpc1qVOyEMf3VJQ/vZEEy
7SM+i+jHx7lCx8lE0D6TsdrLVyh9cvr5+MwiqcVQXqK0aqGKjCdbEjUtsPz1d5Cu
Mq95ZQff6W6m1yNlxMnRMxdreYXCrjtv78RzlQi8dTgboaOOBC3TYQQwHx9ZrLGM
3WuPmUl9uecPTOSxIqoZHEpvz5fUQ0DhnlcxCd3R2qgPneEq0yEuaZrq8UZNyp/o
4iQAAz9BH/I7i34HySBuEzkCOSgRd1zMmuXGyrgg67kSMUFs8zyMqyjgups+ig1f
x8mKmwykVdH5Wgc310sy2W9wG5lWET45Z7gCDiu9x8B+3l6Qwn4WNffSI39ryTG4
aPGbQ/Z3+Ipm+uEV98Gm8TDcj0GUhL5XmsQ9DEcftGfw/Kxt4vaDtCOFaSZqmsoV
b325sKF+LhCZTUwZVCHrkSIC75bJ0JtxRWu+4qWtBgbFTgx5jpr1zWP524x+c0a7
aLGrsB1lAnmFqFoipzvfj2grNgtY7zDf3rcf/lBwt6VKGTCPuoJW0iRLhJQGK3AZ
Nkeu4F9t4IC5XcNKSnWJNQg0PiF0sfxTFbkCDQRMwybWARAApvNuefvVycI47ABo
T7AzBsHf0lbt4ihMpugZ+GfubzK98kn8pDRprUAfACx6+NLkxuAf9WyL7CFoFLSJ
je1m7ZhYeeNckrF5Ir1VRsF+6DueantQzawL8tq6o/sr+4/F5e0jwpXAbHNKiuqj
Q/DbLVPEmln29aYtJT3Vtm1eVzK2XkxicSlRROKHrGbaGSHEJgWr/7zqNcDPY9Ss
/pms2lqGCWK7MMG/PGVhYIJ9LKNK4yGQtxD51UuruAy6MmRfu1cKDzJ4frQjJTkr
c746uofRzK7F/uTQYFpXXd2uQ2/xi+dRnTyoqszvlS7Cm5/V2AhblbnUVE+gWgcR
lg3WXetJmI/jMwPCYSy1wxWFwZGYs/VTXcimHBcOZWu7cAur8zDNkm6uQaMaFRrq
LmkkLjoY0e8cXZIkcmQfvlWHdDkebQevRvKlNWIJChRXLU7SAKjrIe5y1lxyzy3y
dS8saK1nt7swubf737jHahQkNev9QwZ3r9ZxsyRXXRkXpKOoHQ2MVqyId+6Nk8Pn
/0yE6RPN+t01je/I731fLUZzsCs6y2e5d+xxQzQSTGBiJfxfHodBts3D6r3sxxYn
nvIe3H2Trzv34lNmiwX6RhxqPGiHBSvRxoTXz4luydDKIrBdaN+sgTkMINa3KDhf
VMmbdnwTOQbW2pi3qUCbjA0TI+EAEQEAAYkCHwQYAQoACQUCTMMm1gIbDAAKCRDG
OJdNZHktZxrrD/97bryBoLKJNc4tAtDY8umo+phdL/kUTx9gVeKHpZZVoymHW7pS
3stXC9UJigHuaDjkdvHq1v9fUdIp9mD8uqWgGJNO+hV99ARZSEkXfAFtNHYw0gVi
izz0J0FEmMibJJBjj4kDi9Z/2fWRKsvNfwQ6UKrKtYkkM1DWNnqhNJVDVNJ+4Mr5
Y8wbkItPV07f5L3kdYFE90K08IJh/pvalt383RuNmuqFwNGjStLcfo2YRpTyjmWA
oR7qaGflTAKm0+Qj/vx8vfHu7WAfcdcAT6ftZ5Q7C0LcPPuNkTBGFUyvJwW+7AV5
3Pln6vsbZg451J4iFQ0FTAYys40LbkLKYSAXfvfYHXY9ZOCvoZvsoeDG8zDUEGj5
EnsiJNlJx2xCRwjIrCzujUs91HdxQoVtXWwtlknZNwO46x433+ukhkTGJGQ7YFao
x/JxkvQOhndYJBKm5C1P7ZlLmcRndv7Lrld9rVsYGk4/lCLDPXb/ZJ0jmZLYNqez
2z0Pcd0m+jtbVVuMxuIMI2NOFIccVsQxlrtWCdhnGfs+KH1D1eyLNB7PpzWq01yI
z3pNBo5YYOLovpu0wVB0vxLTkDxmcl4aoM6MGkbnDfK4al+RQ+hDJlCAW+z3hUxH
2CmlO+WHtRJyXqE37QX6y9xmflvckMvo+CB+gopGyzMJuLqkBL2sFHZbIw==
=JVth
-----END PGP PUBLIC KEY BLOCK-----

54
lxcfs.spec
View File

@ -1,7 +1,7 @@
# #
# spec file for package lxcfs # spec file for package lxcfs
# #
# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@ -17,37 +17,15 @@
Name: lxcfs Name: lxcfs
Version: 2.0.3 Version: 2.0.7
Release: 0 Release: 0
Summary: FUSE filesystem for LXC Summary: FUSE filesystem for LXC
License: Apache-2.0 License: Apache-2.0
Group: System/Management Group: System/Management
Url: http://linuxcontainers.org Url: http://linuxcontainers.org
Source: https://linuxcontainers.org/downloads/%{name}/%{name}-%{version}.tar.gz Source: https://linuxcontainers.org/downloads/%{name}/%{name}-%{version}.tar.gz
Patch0001: 0001-Fix-test_reload-for-lxcfs-chroot.patch Source1: https://linuxcontainers.org/downloads/%{name}/%{name}-%{version}.tar.gz.asc#/%{name}-%{version}.tar.gz.asc
Patch0002: 0002-Virtualize-more-of-the-meminfo-fields.patch Source2: %{name}.keyring
Patch0003: 0003-pam-fix-race-in-cgroup-creation.patch
Patch0004: 0004-meminfo-don-t-show-negative-swapfree.patch
Patch0005: 0005-bindings-improve-debugging.patch
Patch0006: 0006-bindings-use-openat-fd-for-fstatat-unlinkat.patch
Patch0007: 0007-bindings-close-open-fds-on-error.patch
Patch0008: 0008-bindings-grant-access-to-var-lib-lxcfs.patch
Patch0009: 0009-bindings-enable-access-to-var-lib-lxcfs-cgroup.patch
Patch0010: 0010-bindings-allow-access-to-var-lib-lxcfs-proc.patch
Patch0011: 0011-lxcfs-bindings-show-.-and-.-dir-entries.patch
Patch0012: 0012-lxcfs-better-fs-behavior-on-var-lib-lxcfs.patch
Patch0013: 0013-bindings-non-functional-changes.patch
Patch0014: 0014-bindings-set-errno-in-pick_controller_from_path.patch
Patch0015: 0015-bindings-more-consistent-fs-behavior.patch
Patch0016: 0016-add-pld-linux-support.patch
Patch0017: 0017-don-t-use-argv-0-in-usage-output.patch
Patch0018: 0018-bindings-revert-cgroup-check.patch
Patch0019: 0019-bindings-improve-returned-errnos.patch
Patch0020: 0020-bindings-make-rmdir-behave-more-consistently.patch
Patch0021: 0021-libtool-do-not-link-lxcfs-against-liblxcfs.patch
Patch0022: 0022-bindings-lxcfs-improve-debugging.patch
Patch0023: 0023-bindings-fix-debug-macro.patch
Patch0024: 0024-bindings-restore-original-working-directory.patch
BuildRequires: autoconf BuildRequires: autoconf
BuildRequires: automake BuildRequires: automake
BuildRequires: help2man BuildRequires: help2man
@ -85,30 +63,6 @@ command line.
%prep %prep
%setup %setup
%patch0001 -p1
%patch0002 -p1
%patch0003 -p1
%patch0004 -p1
%patch0005 -p1
%patch0006 -p1
%patch0007 -p1
%patch0008 -p1
%patch0009 -p1
%patch0010 -p1
%patch0011 -p1
%patch0012 -p1
%patch0013 -p1
%patch0014 -p1
%patch0015 -p1
%patch0016 -p1
%patch0017 -p1
%patch0018 -p1
%patch0019 -p1
%patch0020 -p1
%patch0021 -p1
%patch0022 -p1
%patch0023 -p1
%patch0024 -p1
%build %build
autoreconf --force --install autoreconf --force --install