From 40c32a4ad488256e934ce9ecc05ebfac04851711 Mon Sep 17 00:00:00 2001 From: =?utf8?q?L=C3=A9o=20Gillot-Lamure?= Date: Wed, 11 Apr 2012 12:27:19 +0100 Subject: [PATCH] One can specify in which cgroup hierarchies a systemd-nspawn container will appear --- TODO | 2 ++ man/systemd-nspawn.xml | 10 ++++++++++ src/nspawn.c | 35 +++++++++++++++++++++++++++++------ 3 files changed, 41 insertions(+), 6 deletions(-) diff --git a/TODO b/TODO index be020f9c1..2e20fd46e 100644 --- a/TODO +++ b/TODO @@ -17,6 +17,8 @@ Bugfixes: Features: +* cg_create_and_attach() should fail for non-available controllers + * place start-pre/start-post/... scripts in sub cgrouprs * Make RuntimeWatchdogUSec= property writable diff --git a/man/systemd-nspawn.xml b/man/systemd-nspawn.xml index 2a26b1ef1..f63f72c18 100644 --- a/man/systemd-nspawn.xml +++ b/man/systemd-nspawn.xml @@ -154,6 +154,16 @@ + + + + + Makes the container appear in + other hierarchies that the name=systemd:/ one. + Takes a comma-separated list of controllers. + + + diff --git a/src/nspawn.c b/src/nspawn.c index 5a0440458..7b65e9853 100644 --- a/src/nspawn.c +++ b/src/nspawn.c @@ -52,16 +52,18 @@ static char *arg_directory = NULL; static char *arg_user = NULL; +static char **arg_controllers = NULL; static bool arg_private_network = false; static int help(void) { printf("%s [OPTIONS...] [PATH] [ARGUMENTS...]\n\n" "Spawn a minimal namespace container for debugging, testing and building.\n\n" - " -h --help Show this help\n" - " -D --directory=NAME Root directory for the container\n" - " -u --user=USER Run the command under specified user or uid\n" - " --private-network Disable network in container\n", + " -h --help Show this help\n" + " -D --directory=NAME Root directory for the container\n" + " -u --user=USER Run the command under specified user or uid\n" + " -C --controllers=LIST Put the container in specified comma-separated cgroup hierarchies\n" + " --private-network Disable network in container\n", program_invocation_short_name); return 0; @@ -77,6 +79,7 @@ static int parse_argv(int argc, char *argv[]) { { "help", no_argument, NULL, 'h' }, { "directory", required_argument, NULL, 'D' }, { "user", required_argument, NULL, 'u' }, + { "controllers", required_argument, NULL, 'C' }, { "private-network", no_argument, NULL, ARG_PRIVATE_NETWORK }, { NULL, 0, NULL, 0 } }; @@ -86,7 +89,7 @@ static int parse_argv(int argc, char *argv[]) { assert(argc >= 0); assert(argv); - while ((c = getopt_long(argc, argv, "+hD:u:", options, NULL)) >= 0) { + while ((c = getopt_long(argc, argv, "+hD:u:C:", options, NULL)) >= 0) { switch (c) { @@ -112,6 +115,17 @@ static int parse_argv(int argc, char *argv[]) { break; + case 'C': + strv_free(arg_controllers); + arg_controllers = strv_split(optarg, ","); + if (!arg_controllers) { + log_error("Failed to split controllers list."); + return -ENOMEM; + } + strv_uniq(arg_controllers); + + break; + case ARG_PRIVATE_NETWORK: arg_private_network = true; break; @@ -612,6 +626,7 @@ int main(int argc, char *argv[]) { pid_t pid = 0; int r = EXIT_FAILURE, k; char *oldcg = NULL, *newcg = NULL; + char **controller = NULL; int master = -1; const char *console = NULL; struct termios saved_attr, raw_attr; @@ -671,11 +686,18 @@ int main(int argc, char *argv[]) { goto finish; } - if ((k = cg_create_and_attach(SYSTEMD_CGROUP_CONTROLLER, newcg, 0)) < 0) { + k = cg_create_and_attach(SYSTEMD_CGROUP_CONTROLLER, newcg, 0); + if (k < 0) { log_error("Failed to create cgroup: %s", strerror(-k)); goto finish; } + STRV_FOREACH(controller,arg_controllers) { + k = cg_create_and_attach(*controller, newcg, 0); + if (k < 0) + log_warning("Failed to create cgroup in controller %s: %s", *controller, strerror(-k)); + } + if ((master = posix_openpt(O_RDWR|O_NOCTTY|O_CLOEXEC|O_NDELAY)) < 0) { log_error("Failed to acquire pseudo tty: %m"); goto finish; @@ -889,6 +911,7 @@ finish: cg_kill_recursive_and_wait(SYSTEMD_CGROUP_CONTROLLER, newcg, true); free(arg_directory); + strv_free(arg_controllers); free(oldcg); free(newcg); -- 2.30.2