[systemd-commits] 2 commits - Makefile.am TODO src/nspawn

Lennart Poettering lennart at kemper.freedesktop.org
Sat Apr 21 15:34:04 PDT 2012 

 Makefile.am         |    1 -
 TODO                |    8 ++++++++
 src/nspawn/nspawn.c |   10 ++++++++++
 3 files changed, 18 insertions(+), 1 deletion(-)

New commits:
commit 9efaf380a7c7fa16f44b1aa15b967e99f331203a
Author: Lennart Poettering <lennart at poettering.net>
Date:   Sun Apr 22 00:32:27 2012 +0200

    update TODO

diff --git a/TODO b/TODO
index 19ca603..a008fe6 100644
--- a/TODO
+++ b/TODO
@@ -26,6 +26,14 @@ Features:
 
 * ConditionSecurity= should learn about IMA
 
+* Auke: merge Auke's bootchart
+
+* Auke: disable kernel readahead when collecting readahead data
+
+* journald: allow forwarding of log data to specific TTY instea dof console
+
+* suspend/hibernate/hybrid support, auto-suspend logic with idle hint
+
 * add RequiredBy to [Install]
 
 * cg_shorten_controllers() misuses alloca()

commit f1e5dfe2c065670e0dac63c7bb2dd82fe820e2ab
Author: Lennart Poettering <lennart at poettering.net>
Date:   Sun Apr 22 00:32:13 2012 +0200

    nspawn: make /dev/kmsg unavailable in the container, but allow access to /proc/kmsg

diff --git a/Makefile.am b/Makefile.am
index a208782..22a04d4 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -3123,7 +3123,6 @@ systemd-install-data-hook:
 		$(LN_S) ../system-services/org.freedesktop.systemd1.service org.freedesktop.systemd1.service )
 if HAVE_PLYMOUTH
 	$(MKDIR_P) -m 0755 \
-		$(DESTDIR)$(SYSTEM_SYSVINIT_PATH) \
 		$(DESTDIR)$(systemunitdir)/reboot.target.wants \
 		$(DESTDIR)$(systemunitdir)/kexec.target.wants \
 		$(DESTDIR)$(systemunitdir)/poweroff.target.wants \
diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index 90c8b94..71cdd3f 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -394,6 +394,13 @@ static int setup_kmsg(const char *dest, int kmsg_socket) {
 
         u = umask(0000);
 
+        /* We create the kmsg FIFO as /dev/kmsg, but immediately
+         * delete it after bind mounting it to /proc/kmsg. While FIFOs
+         * on the reading side behave very similar to /proc/kmsg,
+         * their writing side behaves differently from /dev/kmsg in
+         * that writing blocks when nothing is reading. In order to
+         * avoid any problems with containers deadlocking due to this
+         * we simply make /dev/kmsg unavailable to the container. */
         if (asprintf(&from, "%s/dev/kmsg", dest) < 0) {
                 log_error("Out of memory");
                 r = -ENOMEM;
@@ -456,6 +463,9 @@ static int setup_kmsg(const char *dest, int kmsg_socket) {
                 goto finish;
         }
 
+        /* And now make the FIFO unavailable as /dev/kmsg... */
+        unlink(from);
+
 finish:
         free(from);
         free(to);

More information about the systemd-commits mailing list