container start: check for start hooks in container rootfs

Do so early enough that we can report a meaningful failure.

(This should fix https://github.com/lxc/lxc/issues/225)

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index a63157117f49f709be6259cd36519a0a4c64a234..4b52550335ef45327aa78f86c319defcc69f8316 100644 (file)
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -3896,6 +3896,30 @@ int do_rootfs_setup(struct lxc_conf *conf, const char *name, const char *lxcpath
        return 0;
 }
 
+static bool verify_start_hooks(struct lxc_conf *conf)
+{
+       struct lxc_list *it;
+       char path[MAXPATHLEN];
+       lxc_list_for_each(it, &conf->hooks[LXCHOOK_START]) {
+               char *hookname = it->elem;
+               struct stat st;
+               int ret;
+
+               ret = snprintf(path, MAXPATHLEN, "%s%s",
+                       conf->rootfs.mount, hookname);
+               if (ret < 0 || ret >= MAXPATHLEN)
+                       return false;
+               ret = stat(path, &st);
+               if (ret) {
+                       SYSERROR("Start hook %s not found in container rootfs",
+                                       hookname);
+                       return false;
+               }
+       }
+
+       return true;
+}
+
 int lxc_setup(struct lxc_handler *handler)
 {
        const char *name = handler->name;
@@ -3949,6 +3973,10 @@ int lxc_setup(struct lxc_handler *handler)
                return -1;
        }
 
+       /* Make sure any start hooks are in the rootfs */
+       if (!verify_start_hooks(lxc_conf))
+               return -1;
+
        if (lxc_conf->is_execute)
                lxc_execute_bind_init(lxc_conf);