[libvirt] [PATCH 10/12] lxc: acquire a pidfile in the driver root directory

Wed, 10 Jul 2019 08:48:50 -0700 

When we allow multiple instances of the driver for the same user
account, using a separate root directory, we need to ensure mutual
exclusion. Use a pidfile to guarantee this.

In privileged libvirtd this ends up locking

   /var/run/libvirt/lxc/driver.pid

In unprivileged libvirtd this ends up locking

  /run/user/$UID/libvirt/lxc/run/driver.pid

NB, the latter can vary depending on $XDG_RUNTIME_DIR

Signed-off-by: Daniel P. Berrangé <berra...@redhat.com>
---
 src/lxc/lxc_conf.h   | 3 +++
 src/lxc/lxc_driver.c | 9 +++++++++
 2 files changed, 12 insertions(+)

diff --git a/src/lxc/lxc_conf.h b/src/lxc/lxc_conf.h
index dc5531ebf9..e26ca22d3c 100644
--- a/src/lxc/lxc_conf.h
+++ b/src/lxc/lxc_conf.h
@@ -70,6 +70,9 @@ struct _virLXCDriver {
      * then lockless thereafter */
     virLXCDriverConfigPtr config;
 
+    /* pid file FD, ensures two copies of the driver can't use the same root */
+    int lockFD;
+
     /* Require lock to get a reference on the object,
      * lockless access thereafter */
     virCapsPtr caps;
diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
index 9db2a02dee..3982c24f34 100644
--- a/src/lxc/lxc_driver.c
+++ b/src/lxc/lxc_driver.c
@@ -1559,6 +1559,7 @@ static int lxcStateInitialize(bool privileged,
 
     if (VIR_ALLOC(lxc_driver) < 0)
         return -1;
+    lxc_driver->lockFD = -1;
     if (virMutexInit(&lxc_driver->lock) < 0) {
         VIR_FREE(lxc_driver);
         return -1;
@@ -1605,6 +1606,10 @@ static int lxcStateInitialize(bool privileged,
         goto cleanup;
     }
 
+    if ((lxc_driver->lockFD =
+         virPidFileAcquire(cfg->stateDir, "driver", true, getpid())) < 0)
+        goto cleanup;
+
     /* Get all the running persistent or transient configs first */
     if (virDomainObjListLoadAllConfigs(lxc_driver->domains,
                                        cfg->stateDir,
@@ -1696,6 +1701,10 @@ static int lxcStateCleanup(void)
     virObjectUnref(lxc_driver->caps);
     virObjectUnref(lxc_driver->securityManager);
     virObjectUnref(lxc_driver->xmlopt);
+
+    if (lxc_driver->lockFD != -1)
+        virPidFileRelease(lxc_driver->config->stateDir, "driver", 
lxc_driver->lockFD);
+
     virObjectUnref(lxc_driver->config);
     virMutexDestroy(&lxc_driver->lock);
     VIR_FREE(lxc_driver);
-- 
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Reply via email to