[pve-devel] [PATCH 4/5] add lxc.cgroup.devices.allow && lxc.mount.entry

Mon Aug 17 15:18:47 CEST 2015

Signed-off-by: Alexandre Derumier <aderumier at odiso.com>
---
 src/PVE/LXC.pm | 55 +++++++++++++++++++++++++++++++++----------------------
 1 file changed, 33 insertions(+), 22 deletions(-)

diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index c68207b..de9dff3 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -12,7 +12,7 @@ use PVE::Storage;
 use PVE::SafeSyslog;
 use PVE::INotify;
 use PVE::JSONSchema qw(get_standard_option);
-use PVE::Tools qw($IPV6RE $IPV4RE);
+use PVE::Tools qw($IPV6RE $IPV4RE dir_glob_foreach);
 use PVE::Network;
 
 use Data::Dumper;
@@ -992,31 +992,42 @@ sub update_lxc_config {
     my $shares = $conf->{cpuunits} || 1024;
     $raw .= "lxc.cgroup.cpu.shares = $shares\n";
 
-    my $rootinfo = PVE::LXC::parse_ct_mountpoint($conf->{rootfs});
-    my $volid = $rootinfo->{volume};
-    my ($storage, $volname) = PVE::Storage::parse_volume_id($volid);
 
-    my ($vtype, undef, undef, undef, undef, $isBase, $format) =
-	PVE::Storage::parse_volname($storage_cfg, $volid);
+    my $bdevs = blockdevices_list();
+    my $loopdevs = loopdevices_list();
 
-    die "unable to use template as rootfs\n" if $isBase;
-    
-    my $scfg = PVE::Storage::storage_config($storage_cfg, $storage);
-    my $path = PVE::Storage::path($storage_cfg, $volid);
-    
-    if ($format eq 'subvol') {
-	$raw .= "lxc.rootfs = $path\n";
-    } elsif ($format eq 'raw') {
-	if ($scfg->{path}) {
-	    $raw .= "lxc.rootfs = loop:$path\n";
-	} elsif ($scfg->{type} eq 'drbd' || $scfg->{type} eq 'rbd') {
+    PVE::LXC::foreach_mountpoint($conf, sub {
+	my ($ms, $mountpoint) = @_;
+
+	my $volid = $mountpoint->{volume};
+	return if !$volid;
+
+	my ($storage, $volname) = PVE::Storage::parse_volume_id($volid);
+
+	my $scfg = PVE::Storage::storage_config($storage_cfg, $storage);
+
+	my $path = PVE::Storage::path($storage_cfg, $volid);
+
+	my ($vtype, undef, undef, undef, undef, $isBase, $format) =
+	    PVE::Storage::parse_volname($storage_cfg, $volid);
+	if ($format eq 'subvol') {
+	    $mountpoint->{mp} =~ s/^\///s;
+	    $raw .= "lxc.mount.entry = $path $mountpoint->{mp} none defaults,bind 0 0\n";
+	} elsif ($format eq 'raw') {
+
+	    if ($scfg->{type} eq 'dir' || $scfg->{type} eq 'nfs') {
+		$path = $ms eq 'rootfs' ? "loop:$path" : PVE::LXC::find_loopdev($loopdevs, $path);
+	    } elsif ($scfg->{type} ne 'zfspool' && $scfg->{type} ne 'drbd' && $scfg->{type} ne 'rbd') {
+		die "unsupported storage type '$scfg->{type}'\n";
+	    }
+	}
+
+	$raw .= "lxc.cgroup.devices.allow = b $bdevs->{$path}->{major}:$bdevs->{$path}->{minor} rwm\n" if $bdevs->{$path};
+
+	if ($ms eq 'rootfs') {
 	    $raw .= "lxc.rootfs = $path\n";
-	} else {
-	    die "unsupported storage type '$scfg->{type}'\n";
 	}
-    } else {
-	die "unsupported image format '$format'\n";
-    }
+    });
 
     my $netcount = 0;
     foreach my $k (keys %$conf) {
-- 
2.1.4


