[libvirt] How does virsh lxc-enter-namespace work? Does it?
Richard Weinberger
richard at nod.at
Thu Jun 6 06:57:21 UTC 2013
Hi!
I'm facing the issue that "virsh lxc-enter-namespace ..." does not work for me.
setns() always fails with EINVAL.
Reading the code confused me a bit, maybe you can help me. :D
virsh itself calls:
cmdLxcEnterNamespace()
virDomainLxcOpenNamespace()
conn->driver->domainLxcOpenNamespace()
Here comes the first thing that is not clear to me.
conn->driver seems to be the remote driver and therefore
->domainLxcOpenNamespace is remoteDomainLxcOpenNamespace()
Why is lxc:/// a remote connection?
remoteDomainLxcOpenNamespace() does a rpc call to libvirtd.
On the remote side libvirtd does:
lxcDispatchDomainOpenNamespace(), which opens the namespace fds,
and sends them back as result.
How can this work? Does it somewhere magic file descriptor passing
on AF_UNIX?
virsh then receives the fd's (pure numbers) and setns() failed badly.
Wouldn't it make much more sense to do the open(/proc/XXX/ns/{mnt, user, ...}) and setns()
calls directly on the local side? IOW directly in virsh?
driver->domainLxcOpenNamespace() should only report the process id of the container's
init process.
Thanks,
//richard
More information about the libvir-list
mailing list