[libvirt] 3rd pass at virt-login-shell for joining an LXC Container

dwalsh at redhat.com dwalsh at redhat.com
Sat Jul 20 11:46:32 UTC 2013


All comments applied except for comments below.  Also additional cleanup of 
error handling.

> You'll need to call virGetUserDirectory() before any fork(), since it
> calls code which is not async-signal safe.

The reason I did this is I needed to call it after the shell setuid, if I 
call it earlier it sees the UID=0 and gives me /root.  I added a new interface 
char *virGetUserDirectoryByUID(uid_t uid);  Since the original interface does not
take a UID.


> Hmm, looking at this again, I'm wondering you need to fork()
> at all. In virsh we do the double-fork dance, because virsh
> is an interactive shell & we don't want to affect other parts
> of virsh.

> This login shell though is different - its only job is to run
> inside the namespace. So can't the main process just enter
> the namespace directly ?

I think you still need to do the second fork to make sure the /bin/sh PID 
gets put in the container.  Otherwise you will have a process running within
the container without a local PID.

[PATCH] virt-login-shell joins users into lxc container.




More information about the libvir-list mailing list