From: S.Çağlar Onur Date: Fri, 20 Sep 2013 22:45:21 +0000 (-0400) Subject: Expose underlying close_all_fds config value via API X-Git-Tag: lxc-1.0.0.alpha2~105 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=130a188840ae655da41dde4771074ff38abaf46f;p=thirdparty%2Flxc.git Expose underlying close_all_fds config value via API Being able to set close_all_fds via API would be usefull for the situations like running an application (let's say web server) that controls the lifecycle of the container using the LXC API. We don't want forked process to inherit parent's resource (file, socket, ...) Signed-off-by: S.Çağlar Onur Acked-by: Serge E. Hallyn --- diff --git a/src/lxc/lxc_start.c b/src/lxc/lxc_start.c index dfc514e1d..a30a9f683 100644 --- a/src/lxc/lxc_start.c +++ b/src/lxc/lxc_start.c @@ -265,7 +265,7 @@ int main(int argc, char *argv[]) } if (my_args.close_all_fds) - conf->close_all_fds = 1; + c->want_close_all_fds(c); err = c->start(c, 0, args) ? 0 : -1; diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c index e8dde91b8..727c6809e 100644 --- a/src/lxc/lxccontainer.c +++ b/src/lxc/lxccontainer.c @@ -456,6 +456,18 @@ static void lxcapi_want_daemonize(struct lxc_container *c) container_mem_unlock(c); } +static void lxcapi_want_close_all_fds(struct lxc_container *c) +{ + if (!c || !c->lxc_conf) + return; + if (container_mem_lock(c)) { + ERROR("Error getting mem lock"); + return; + } + c->lxc_conf->close_all_fds = 1; + container_mem_unlock(c); +} + static bool lxcapi_wait(struct lxc_container *c, const char *state, int timeout) { int ret; @@ -2682,6 +2694,7 @@ struct lxc_container *lxc_container_new(const char *name, const char *configpath c->init_pid = lxcapi_init_pid; c->load_config = lxcapi_load_config; c->want_daemonize = lxcapi_want_daemonize; + c->want_close_all_fds = lxcapi_want_close_all_fds; c->start = lxcapi_start; c->startl = lxcapi_startl; c->stop = lxcapi_stop; diff --git a/src/lxc/lxccontainer.h b/src/lxc/lxccontainer.h index 89b55bd64..8b6c6ef2b 100644 --- a/src/lxc/lxccontainer.h +++ b/src/lxc/lxccontainer.h @@ -68,6 +68,7 @@ struct lxc_container { bool (*startl)(struct lxc_container *c, int useinit, ...); bool (*stop)(struct lxc_container *c); void (*want_daemonize)(struct lxc_container *c); + void (*want_close_all_fds)(struct lxc_container *c); // Return current config file name. The result is strdup()d, so free the result. char *(*config_file_name)(struct lxc_container *c); // for wait, timeout == -1 means wait forever, timeout == 0 means don't wait.