From: Serge Hallyn <serge.hallyn@ubuntu.com>
Date: Tue, 10 Jun 2014 03:29:11 +0000 (+0000)
Subject: container start: check for start hooks in container rootfs
X-Git-Tag: lxc-1.0.4~3
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1a9c040fc2abb64017dee17e259cb2d14243f68a;p=thirdparty%2Flxc.git

container start: check for start hooks in container rootfs

Do so early enough that we can report a meaningful failure.

(This should fix https://github.com/lxc/lxc/issues/225)

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
---

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index e6067e10c..7b7f20fd6 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -3851,6 +3851,30 @@ int do_rootfs_setup(struct lxc_conf *conf, const char *name, const char *lxcpath
 	return 0;
 }
 
+static bool verify_start_hooks(struct lxc_conf *conf)
+{
+	struct lxc_list *it;
+	char path[MAXPATHLEN];
+	lxc_list_for_each(it, &conf->hooks[LXCHOOK_START]) {
+		char *hookname = it->elem;
+		struct stat st;
+		int ret;
+
+		ret = snprintf(path, MAXPATHLEN, "%s%s",
+			conf->rootfs.mount, hookname);
+		if (ret < 0 || ret >= MAXPATHLEN)
+			return false;
+		ret = stat(path, &st);
+		if (ret) {
+			SYSERROR("Start hook %s not found in container rootfs",
+					hookname);
+			return false;
+		}
+	}
+
+	return true;
+}
+
 int lxc_setup(struct lxc_handler *handler)
 {
 	const char *name = handler->name;
@@ -3904,6 +3928,10 @@ int lxc_setup(struct lxc_handler *handler)
 		return -1;
 	}
 
+	/* Make sure any start hooks are in the rootfs */
+	if (!verify_start_hooks(lxc_conf))
+		return -1;
+
 	/* now mount only cgroup, if wanted;
 	 * before, /sys could not have been mounted
 	 * (is either mounted automatically or via fstab entries)