From: Daniel P. Berrangé Date: Thu, 23 May 2019 10:34:08 +0000 (+0100) Subject: lxc: acquire a pidfile in the driver root directory X-Git-Tag: v5.6.0-rc1~269 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=64c5b6bc06a127e147290c147a9be00be60de261;p=thirdparty%2Flibvirt.git lxc: acquire a pidfile in the driver root directory When we allow multiple instances of the driver for the same user account, using a separate root directory, we need to ensure mutual exclusion. Use a pidfile to guarantee this. In privileged libvirtd this ends up locking /var/run/libvirt/lxc/driver.pid In unprivileged libvirtd this ends up locking /run/user/$UID/libvirt/lxc/run/driver.pid NB, the latter can vary depending on $XDG_RUNTIME_DIR Signed-off-by: Daniel P. Berrangé --- diff --git a/src/lxc/lxc_conf.h b/src/lxc/lxc_conf.h index dc5531ebf9..e26ca22d3c 100644 --- a/src/lxc/lxc_conf.h +++ b/src/lxc/lxc_conf.h @@ -70,6 +70,9 @@ struct _virLXCDriver { * then lockless thereafter */ virLXCDriverConfigPtr config; + /* pid file FD, ensures two copies of the driver can't use the same root */ + int lockFD; + /* Require lock to get a reference on the object, * lockless access thereafter */ virCapsPtr caps; diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c index 9db2a02dee..3982c24f34 100644 --- a/src/lxc/lxc_driver.c +++ b/src/lxc/lxc_driver.c @@ -1559,6 +1559,7 @@ static int lxcStateInitialize(bool privileged, if (VIR_ALLOC(lxc_driver) < 0) return -1; + lxc_driver->lockFD = -1; if (virMutexInit(&lxc_driver->lock) < 0) { VIR_FREE(lxc_driver); return -1; @@ -1605,6 +1606,10 @@ static int lxcStateInitialize(bool privileged, goto cleanup; } + if ((lxc_driver->lockFD = + virPidFileAcquire(cfg->stateDir, "driver", true, getpid())) < 0) + goto cleanup; + /* Get all the running persistent or transient configs first */ if (virDomainObjListLoadAllConfigs(lxc_driver->domains, cfg->stateDir, @@ -1696,6 +1701,10 @@ static int lxcStateCleanup(void) virObjectUnref(lxc_driver->caps); virObjectUnref(lxc_driver->securityManager); virObjectUnref(lxc_driver->xmlopt); + + if (lxc_driver->lockFD != -1) + virPidFileRelease(lxc_driver->config->stateDir, "driver", lxc_driver->lockFD); + virObjectUnref(lxc_driver->config); virMutexDestroy(&lxc_driver->lock); VIR_FREE(lxc_driver);