+Tue Oct 21 09:19:24 PDT 2008 Dan Smith <danms@us.ibm.com>
+ * src/cgroup.c src/cgroup.h: Add function to allow major device range
+ * src/lxc_container.h src/controller.c: Fix cgroup initialization
+ order and fix /dev/pts cgroup permission
+
Tue Oct 21 16:25:22 CEST 2008 Daniel Veillard <veillard@redhat.com>
* HACKING: update with some rules for commiters
return rc;
}
+/**
+ * virCgroupAllowDeviceMajor:
+ *
+ * @group: The cgroup to allow an entire device major type for
+ * @type: The device type (i.e., 'c' or 'b')
+ * @major: The major number of the device type
+ *
+ * Returns: 0 on success
+ */
+int virCgroupAllowDeviceMajor(virCgroupPtr group,
+ char type,
+ int major)
+{
+ int rc;
+ char *devstr = NULL;
+
+ if (asprintf(&devstr, "%c %i:* rwm", type, major) == -1) {
+ rc = -ENOMEM;
+ goto out;
+ }
+
+ rc = virCgroupSetValueStr(group,
+ "devices.allow",
+ devstr);
+ out:
+ VIR_FREE(devstr);
+
+ return rc;
+}
+
int virCgroupSetCpuShares(virCgroupPtr group, unsigned long shares)
{
return virCgroupSetValueU64(group, "cpu.shares", (uint64_t)shares);
char type,
int major,
int minor);
+int virCgroupAllowDeviceMajor(virCgroupPtr group,
+ char type,
+ int major);
int virCgroupSetCpuShares(virCgroupPtr group, unsigned long shares);
int virCgroupGetCpuShares(virCgroupPtr group, unsigned long *shares);
#define LXC_DEV_MAJ_TTY 5
#define LXC_DEV_MIN_CONSOLE 1
+#define LXC_DEV_MAJ_PTY 136
+
int lxcContainerSendContinue(int control);
int lxcContainerStart(virDomainDefPtr def,
goto out;
}
+ rc = virCgroupAllowDeviceMajor(cgroup, 'c', LXC_DEV_MAJ_PTY);
+ if (rc != 0)
+ goto out;
+
rc = virCgroupAddTask(cgroup, getpid());
out:
if (rc != 0) {
goto cleanup;
}
+ if (lxcSetContainerResources(def) < 0)
+ goto cleanup;
+
if ((container = lxcContainerStart(def,
nveths,
veths,
if (lxcControllerMoveInterfaces(nveths, veths, container) < 0)
goto cleanup;
- if (lxcSetContainerResources(def) < 0)
- goto cleanup;
-
if (lxcContainerSendContinue(control[0]) < 0)
goto cleanup;
projects / libvirt.git / commitdiff