From b93e7b907abab2e92786e1859c0cc313eea71678 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?L=C3=A9o=20Gillot-Lamure?= Date: Wed, 11 Apr 2012 12:27:19 +0100 Subject: [PATCH] One can specify in which cgroup hierarchies a systemd-nspawn container will appear --- man/systemd-nspawn.xml | 10 ++++++++++ src/nspawn.c | 27 ++++++++++++++++++++++++++- 2 files changed, 36 insertions(+), 1 deletion(-) diff --git a/man/systemd-nspawn.xml b/man/systemd-nspawn.xml index dbd2ff5..47aa4a7 100644 --- a/man/systemd-nspawn.xml +++ b/man/systemd-nspawn.xml @@ -155,6 +155,16 @@ + + + + Makes the container appear in + other hierarchies that the name=systemd:/ one. + Takes a comma-separated list of controllers. + + + + Turn off networking in diff --git a/src/nspawn.c b/src/nspawn.c index 6f5a9d9..558695c 100644 --- a/src/nspawn.c +++ b/src/nspawn.c @@ -50,6 +50,7 @@ static char *arg_directory = NULL; static char *arg_user = NULL; +static char *arg_controllers = NULL; static bool arg_private_network = false; static int help(void) { @@ -59,6 +60,7 @@ static int help(void) { " -h --help Show this help\n" " -D --directory=NAME Root directory for the container\n" " -u --user=USER Run the command under specified user or uid\n" + " -C --controllers=CON Put the container in specified comma-separated cgroup hierarchies\n" " --private-network Disable network in container\n", program_invocation_short_name); @@ -75,6 +77,7 @@ static int parse_argv(int argc, char *argv[]) { { "help", no_argument, NULL, 'h' }, { "directory", required_argument, NULL, 'D' }, { "user", required_argument, NULL, 'u' }, + { "controllers", required_argument, NULL, 'C' }, { "private-network", no_argument, NULL, ARG_PRIVATE_NETWORK }, { NULL, 0, NULL, 0 } }; @@ -84,7 +87,7 @@ static int parse_argv(int argc, char *argv[]) { assert(argc >= 0); assert(argv); - while ((c = getopt_long(argc, argv, "+hD:u:", options, NULL)) >= 0) { + while ((c = getopt_long(argc, argv, "+hD:u:C:", options, NULL)) >= 0) { switch (c) { @@ -110,6 +113,15 @@ static int parse_argv(int argc, char *argv[]) { break; + case 'C': + free(arg_controllers); + if (!(arg_controllers = strdup(optarg))) { + log_error("Failed to duplicate controller list."); + return -ENOMEM; + } + + break; + case ARG_PRIVATE_NETWORK: arg_private_network = true; break; @@ -674,6 +686,19 @@ int main(int argc, char *argv[]) { goto finish; } + if (arg_controllers) { + char *controller; + controller = strtok(arg_controllers,","); + do { + if ((k = cg_create_and_attach(controller, newcg, 0)) < 0) { + log_error("Failed to create cgroup: %s", strerror(-k)); + goto finish; + } + } while((controller = strtok(NULL,","))); + free(controller); + free(arg_controllers); + } + if ((master = posix_openpt(O_RDWR|O_NOCTTY|O_CLOEXEC|O_NDELAY)) < 0) { log_error("Failed to acquire pseudo tty: %m"); goto finish; -- 1.7.10