[pve-devel] [PATCH lxc] added unmount-namespace hook series

Wolfgang Bumiller w.bumiller at proxmox.com
Wed Oct 21 09:52:37 CEST 2015


---
 debian/lxc-pve.install                             |   3 +-
 debian/patches/0001-added-stop-hook-entries.patch  |  72 ++++++
 ...-hook-between-STOPPING-and-STOPPED-states.patch |  27 +++
 ...3-pass-namespace-handles-to-the-stop-hook.patch |  53 +++++
 debian/patches/0004-document-the-stop-hook.patch   |  60 +++++
 .../0005-added-the-unmount-namespace-hook.patch    | 250 +++++++++++++++++++++
 ...oks-put-binary-hooks-in-usr-lib-lxc-hooks.patch |  44 ++++
 debian/patches/series                              |   6 +
 8 files changed, 514 insertions(+), 1 deletion(-)
 create mode 100644 debian/patches/0001-added-stop-hook-entries.patch
 create mode 100644 debian/patches/0002-run-stop-hook-between-STOPPING-and-STOPPED-states.patch
 create mode 100644 debian/patches/0003-pass-namespace-handles-to-the-stop-hook.patch
 create mode 100644 debian/patches/0004-document-the-stop-hook.patch
 create mode 100644 debian/patches/0005-added-the-unmount-namespace-hook.patch
 create mode 100644 debian/patches/0006-hooks-put-binary-hooks-in-usr-lib-lxc-hooks.patch

diff --git a/debian/lxc-pve.install b/debian/lxc-pve.install
index fb84335..5456a56 100644
--- a/debian/lxc-pve.install
+++ b/debian/lxc-pve.install
@@ -4,6 +4,7 @@ usr/share/man
 usr/share/lxc
 usr/lib/*/*.so.*
 usr/lib/*/lxc/lxc-*
+usr/lib/*/lxc/hooks/*
 usr/lib/*/lxc/rootfs/README
 lib/systemd
-etc
\ No newline at end of file
+etc
diff --git a/debian/patches/0001-added-stop-hook-entries.patch b/debian/patches/0001-added-stop-hook-entries.patch
new file mode 100644
index 0000000..26a7db1
--- /dev/null
+++ b/debian/patches/0001-added-stop-hook-entries.patch
@@ -0,0 +1,72 @@
+From 52492063b7865b460f5669a28027a5e17f0a5a09 Mon Sep 17 00:00:00 2001
+From: Wolfgang Bumiller <w.bumiller at proxmox.com>
+Date: Tue, 6 Oct 2015 10:01:03 +0200
+Subject: [PATCH 1/5] added stop-hook entries
+
+Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
+Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
+---
+ src/lxc/conf.c    | 4 +++-
+ src/lxc/conf.h    | 2 +-
+ src/lxc/confile.c | 3 +++
+ 3 files changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/src/lxc/conf.c b/src/lxc/conf.c
+index 5a3209a..0e3421b 100644
+--- a/src/lxc/conf.c
++++ b/src/lxc/conf.c
+@@ -163,7 +163,7 @@ return -1;
+ #endif
+ 
+ char *lxchook_names[NUM_LXC_HOOKS] = {
+-	"pre-start", "pre-mount", "mount", "autodev", "start", "post-stop", "clone" };
++	"pre-start", "pre-mount", "mount", "autodev", "start", "stop", "post-stop", "clone" };
+ 
+ typedef int (*instantiate_cb)(struct lxc_handler *, struct lxc_netdev *);
+ 
+@@ -4024,6 +4024,8 @@ int run_lxc_hooks(const char *name, char *hook, struct lxc_conf *conf,
+ 		which = LXCHOOK_AUTODEV;
+ 	else if (strcmp(hook, "start") == 0)
+ 		which = LXCHOOK_START;
++	else if (strcmp(hook, "stop") == 0)
++		which = LXCHOOK_STOP;
+ 	else if (strcmp(hook, "post-stop") == 0)
+ 		which = LXCHOOK_POSTSTOP;
+ 	else if (strcmp(hook, "clone") == 0)
+diff --git a/src/lxc/conf.h b/src/lxc/conf.h
+index 5aebd91..1374d4a 100644
+--- a/src/lxc/conf.h
++++ b/src/lxc/conf.h
+@@ -279,7 +279,7 @@ enum {
+  */
+ enum lxchooks {
+ 	LXCHOOK_PRESTART, LXCHOOK_PREMOUNT, LXCHOOK_MOUNT, LXCHOOK_AUTODEV,
+-	LXCHOOK_START, LXCHOOK_POSTSTOP, LXCHOOK_CLONE, NUM_LXC_HOOKS};
++	LXCHOOK_START, LXCHOOK_STOP, LXCHOOK_POSTSTOP, LXCHOOK_CLONE, NUM_LXC_HOOKS};
+ extern char *lxchook_names[NUM_LXC_HOOKS];
+ 
+ struct saved_nic {
+diff --git a/src/lxc/confile.c b/src/lxc/confile.c
+index 670d957..f7d6814 100644
+--- a/src/lxc/confile.c
++++ b/src/lxc/confile.c
+@@ -137,6 +137,7 @@ static struct lxc_config_t config[] = {
+ 	{ "lxc.hook.mount",           config_hook                 },
+ 	{ "lxc.hook.autodev",         config_hook                 },
+ 	{ "lxc.hook.start",           config_hook                 },
++	{ "lxc.hook.stop",            config_hook                 },
+ 	{ "lxc.hook.post-stop",       config_hook                 },
+ 	{ "lxc.hook.clone",           config_hook                 },
+ 	{ "lxc.hook",                 config_hook                 },
+@@ -1085,6 +1086,8 @@ static int config_hook(const char *key, const char *value,
+ 		return add_hook(lxc_conf, LXCHOOK_MOUNT, copy);
+ 	else if (strcmp(key, "lxc.hook.start") == 0)
+ 		return add_hook(lxc_conf, LXCHOOK_START, copy);
++	else if (strcmp(key, "lxc.hook.stop") == 0)
++		return add_hook(lxc_conf, LXCHOOK_STOP, copy);
+ 	else if (strcmp(key, "lxc.hook.post-stop") == 0)
+ 		return add_hook(lxc_conf, LXCHOOK_POSTSTOP, copy);
+ 	else if (strcmp(key, "lxc.hook.clone") == 0)
+-- 
+2.1.4
+
diff --git a/debian/patches/0002-run-stop-hook-between-STOPPING-and-STOPPED-states.patch b/debian/patches/0002-run-stop-hook-between-STOPPING-and-STOPPED-states.patch
new file mode 100644
index 0000000..d7ad389
--- /dev/null
+++ b/debian/patches/0002-run-stop-hook-between-STOPPING-and-STOPPED-states.patch
@@ -0,0 +1,27 @@
+From 8438bfbda7ce927d74438d0ed3cd7df314cb0758 Mon Sep 17 00:00:00 2001
+From: Wolfgang Bumiller <w.bumiller at proxmox.com>
+Date: Tue, 6 Oct 2015 10:01:04 +0200
+Subject: [PATCH 2/5] run stop hook between STOPPING and STOPPED states
+
+Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
+Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
+---
+ src/lxc/start.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/lxc/start.c b/src/lxc/start.c
+index b7982b6..56fbe43 100644
+--- a/src/lxc/start.c
++++ b/src/lxc/start.c
+@@ -493,6 +493,8 @@ void lxc_fini(const char *name, struct lxc_handler *handler)
+ 	 */
+ 	lxc_set_state(name, handler, STOPPING);
+ 
++	if (run_lxc_hooks(name, "stop", handler->conf, handler->lxcpath, NULL))
++		ERROR("failed to run stop hooks for container '%s'.", name);
+ 	for (i = 0; i < LXC_NS_MAX; i++) {
+ 		if (handler->nsfd[i] != -1) {
+ 			close(handler->nsfd[i]);
+-- 
+2.1.4
+
diff --git a/debian/patches/0003-pass-namespace-handles-to-the-stop-hook.patch b/debian/patches/0003-pass-namespace-handles-to-the-stop-hook.patch
new file mode 100644
index 0000000..32e6b33
--- /dev/null
+++ b/debian/patches/0003-pass-namespace-handles-to-the-stop-hook.patch
@@ -0,0 +1,53 @@
+From b3286b628b2a178d2f775a6d75ef1c0e7fe75ca6 Mon Sep 17 00:00:00 2001
+From: Wolfgang Bumiller <w.bumiller at proxmox.com>
+Date: Tue, 6 Oct 2015 10:01:05 +0200
+Subject: [PATCH 3/5] pass namespace handles to the stop hook
+
+Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
+Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
+---
+ src/lxc/start.c | 21 +++++++++++++++++++--
+ 1 file changed, 19 insertions(+), 2 deletions(-)
+
+diff --git a/src/lxc/start.c b/src/lxc/start.c
+index 56fbe43..a294d18 100644
+--- a/src/lxc/start.c
++++ b/src/lxc/start.c
+@@ -486,15 +486,32 @@ out_free:
+ 
+ void lxc_fini(const char *name, struct lxc_handler *handler)
+ {
+-	int i;
++	int i, rc;
++	pid_t self = getpid();
++	char *namespaces[LXC_NS_MAX+1];
++	size_t namespace_count = 0;
+ 
+ 	/* The STOPPING state is there for future cleanup code
+ 	 * which can take awhile
+ 	 */
+ 	lxc_set_state(name, handler, STOPPING);
+ 
+-	if (run_lxc_hooks(name, "stop", handler->conf, handler->lxcpath, NULL))
++	for (i = 0; i < LXC_NS_MAX; i++) {
++		if (handler->nsfd[i] != -1) {
++			rc = asprintf(&namespaces[namespace_count], "%s:/proc/%d/fd/%d",
++			              ns_info[i].proc_name, self, handler->nsfd[i]);
++			if (rc == -1) {
++				SYSERROR("failed to allocate memory");
++				break;
++			}
++			++namespace_count;
++		}
++	}
++	namespaces[namespace_count] = NULL;
++	if (run_lxc_hooks(name, "stop", handler->conf, handler->lxcpath, namespaces))
+ 		ERROR("failed to run stop hooks for container '%s'.", name);
++	while (namespace_count--)
++		free(namespaces[namespace_count]);
+ 	for (i = 0; i < LXC_NS_MAX; i++) {
+ 		if (handler->nsfd[i] != -1) {
+ 			close(handler->nsfd[i]);
+-- 
+2.1.4
+
diff --git a/debian/patches/0004-document-the-stop-hook.patch b/debian/patches/0004-document-the-stop-hook.patch
new file mode 100644
index 0000000..58de6c1
--- /dev/null
+++ b/debian/patches/0004-document-the-stop-hook.patch
@@ -0,0 +1,60 @@
+From 0a2b5ab1e79912cd6afa52c829a3444da701a828 Mon Sep 17 00:00:00 2001
+From: Wolfgang Bumiller <w.bumiller at proxmox.com>
+Date: Tue, 6 Oct 2015 10:01:06 +0200
+Subject: [PATCH 4/5] document the stop hook
+
+Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
+Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
+---
+ doc/lxc.container.conf.sgml.in | 27 +++++++++++++++++++++++++--
+ 1 file changed, 25 insertions(+), 2 deletions(-)
+
+diff --git a/doc/lxc.container.conf.sgml.in b/doc/lxc.container.conf.sgml.in
+index f816491..90ffefa 100644
+--- a/doc/lxc.container.conf.sgml.in
++++ b/doc/lxc.container.conf.sgml.in
+@@ -1312,9 +1312,12 @@ mknod errno 0
+           <listitem><para> Container name. </para></listitem>
+           <listitem><para> Section (always 'lxc'). </para></listitem>
+           <listitem><para> The hook type (i.e. 'clone' or 'pre-mount'). </para></listitem>
+-          <listitem><para> Additional arguments In the
++          <listitem><para> Additional arguments. In the
+           case of the clone hook, any extra arguments passed to
+-          lxc-clone will appear as further arguments to the hook. </para></listitem>
++          lxc-clone will appear as further arguments to the hook.
++          In the case of the stop hook, paths to filedescriptors
++          for each of the container's namespaces along with their types
++          are passed. </para></listitem>
+         </itemizedlist>
+         The following environment variables are set:
+         <itemizedlist>
+@@ -1411,6 +1414,26 @@ mknod errno 0
+       <variablelist>
+         <varlistentry>
+           <term>
++            <option>lxc.hook.stop</option>
++          </term>
++          <listitem>
++            <para>
++              A hook to be run in the host's namespace with references
++              to the container's namespaces after the container has been shut
++              down. For each namespace an extra argument is passed to the hook
++              containing the namespace's type and a filename that can be used to
++              obtain a file descriptor to the corresponding namespace, separated
++              by a colon. The type is the name as it would appear in the
++              <filename>/proc/PID/ns</filename> directory.
++              For instance for the mount namespace the argument usually looks
++              like <filename>mnt:/proc/PID/fd/12</filename>.
++            </para>
++          </listitem>
++        </varlistentry>
++      </variablelist>
++      <variablelist>
++        <varlistentry>
++          <term>
+             <option>lxc.hook.post-stop</option>
+           </term>
+           <listitem>
+-- 
+2.1.4
+
diff --git a/debian/patches/0005-added-the-unmount-namespace-hook.patch b/debian/patches/0005-added-the-unmount-namespace-hook.patch
new file mode 100644
index 0000000..115dfbe
--- /dev/null
+++ b/debian/patches/0005-added-the-unmount-namespace-hook.patch
@@ -0,0 +1,250 @@
+From b73f115f4142791d17bb51692367f2774fef0f39 Mon Sep 17 00:00:00 2001
+From: Wolfgang Bumiller <w.bumiller at proxmox.com>
+Date: Tue, 6 Oct 2015 10:01:07 +0200
+Subject: [PATCH 5/5] added the unmount-namespace hook
+
+Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
+Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
+---
+ hooks/Makefile.am         |   6 ++
+ hooks/unmount-namespace.c | 213 ++++++++++++++++++++++++++++++++++++++++++++++
+ 2 files changed, 219 insertions(+)
+ create mode 100644 hooks/unmount-namespace.c
+
+diff --git a/hooks/Makefile.am b/hooks/Makefile.am
+index be55601..ef82083 100644
+--- a/hooks/Makefile.am
++++ b/hooks/Makefile.am
+@@ -6,4 +6,10 @@ hooks_SCRIPTS = \
+ 	ubuntu-cloud-prep \
+ 	squid-deb-proxy-client
+ 
++hooks_PROGRAMS = \
++	unmount-namespace
++
++unmount_namespace_SOURCES = \
++	unmount-namespace.c
++
+ EXTRA_DIST=$(hooks_SCRIPTS)
+diff --git a/hooks/unmount-namespace.c b/hooks/unmount-namespace.c
+new file mode 100644
+index 0000000..488c9cc
+--- /dev/null
++++ b/hooks/unmount-namespace.c
+@@ -0,0 +1,213 @@
++/*
++ * Copyright © 2015 Wolfgang Bumiller <w.bumiller at proxmox.com>.
++ * Copyright © 2015 Proxmox Server Solutions GmbH
++ *
++ * This program is free software; you can redistribute it and/or modify
++ * it under the terms of the GNU General Public License version 2, as
++ * published by the Free Software Foundation.
++ *
++ * This program is distributed in the hope that it will be useful,
++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++ * GNU General Public License for more details.
++ *
++ * You should have received a copy of the GNU General Public License along
++ * with this program; if not, write to the Free Software Foundation, Inc.,
++ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
++ *
++ * --
++ *
++ * This stop-hook unmounts everything in the container's namespace, and thereby
++ * waits for all calls commands to finish. This is useful when one needs to be
++ * sure that network filesystems are finished unmounting in the namespace
++ * before continuing with other tasks. Without this hook the cleanup of mounts
++ * is done by the kernel in the background after all the references to the
++ * namespaces are gone.
++ */
++
++#define _GNU_SOURCE    /* setns */
++#include <stdio.h>     /* fdopen, getmntent, endmntent */
++#include <stdlib.h>    /* malloc, qsort */
++#include <unistd.h>    /* close */
++#include <string.h>    /* strcmp, strncmp, strdup, strerror */
++#include <sched.h>     /* setns */
++#include <sys/mount.h> /* umount2 */
++#include <sys/types.h> /* openat, open */
++#include <sys/stat.h>  /* openat, open */
++#include <fcntl.h>     /* openat, open */
++#include <mntent.h>    /* getmntent, endmntent */
++#include <errno.h>     /* errno */
++
++struct mount {
++	char *src; /* currently not used */
++	char *dst;
++	char *fs; /* currently not used */
++};
++
++static void mount_free(struct mount *mnt) {
++	free(mnt->src);
++	free(mnt->dst);
++	free(mnt->fs);
++}
++
++static int mount_cmp_dst(const void *a_, const void *b_) {
++	struct mount *a = (struct mount*)a_;
++	struct mount *b = (struct mount*)b_;
++	return strcmp(b->dst, a->dst); /* swapped order */
++}
++
++/* Unmounting /dev/pts fails, and  so /dev also fails, but /dev is not what
++ * we're interested in. (There might also still be /dev/cgroup mounts).
++ */
++static int mount_should_error(const struct mount *mnt) {
++	const char *dst = mnt->dst;
++	return !(strncmp(dst, "/dev", 4) == 0 && (dst[4] == 0 || dst[4] == '/'));
++}
++
++/* Read mounts from 'self/mounts' relative to a directory filedescriptor.
++ * Before entering the container we open a handle to /proc on the host as we
++ * need to access /proc/self/mounts and the container's /proc doesn't contain
++ * our /self. We then use openat(2) to avoid having to mount a temporary /proc.
++ */
++static int read_mounts(int procfd, struct mount **mp, size_t *countp) {
++	int fd;
++	struct mntent *ent;
++	FILE *mf;
++	size_t capacity = 32;
++	size_t count = 0;
++	struct mount *mounts = (struct mount*)malloc(capacity * sizeof(*mounts));
++
++	if (!mounts) {
++		errno = ENOMEM;
++		return 0;
++	}
++
++	*mp = NULL;
++	*countp = 0;
++
++	fd = openat(procfd, "self/mounts", O_RDONLY);
++	if (fd < 0)
++		return 0;
++
++	mf = fdopen(fd, "r");
++	if (!mf) {
++		int error = errno;
++		close(fd);
++		errno = error;
++		return 0;
++	}
++	while ((ent = getmntent(mf))) {
++		struct mount *new;
++		if (count == capacity) {
++			capacity *= 2;
++			new = (struct mount*)realloc(mounts, capacity * sizeof(*mounts));
++			if (!new)
++				goto out_alloc_entry;
++			mounts = new;
++		}
++		new = &mounts[count++];
++		new->src = strdup(ent->mnt_fsname);
++		new->dst = strdup(ent->mnt_dir);
++		new->fs  = strdup(ent->mnt_type);
++		if (!new->src || !new->dst || !new->fs)
++			goto out_alloc_entry;
++	}
++	endmntent(mf);
++
++	*mp = mounts;
++	*countp = count;
++
++	return 1;
++
++out_alloc_entry:
++	endmntent(mf);
++	while (count--) {
++		free(mounts[count].src);
++		free(mounts[count].dst);
++		free(mounts[count].fs);
++	}
++	free(mounts);
++	errno = ENOMEM;
++	return 0;
++}
++
++int main(int argc, char **argv) {
++	int i, procfd, ctmntfd;
++	struct mount *mounts;
++	size_t zi, count = 0;
++	const char *mntns = NULL;
++
++	if (argc < 4 || strcmp(argv[2], "lxc") != 0) {
++		fprintf(stderr, "%s: usage error, expected LXC hook arguments\n", argv[0]);
++		return 2;
++	}
++
++	if (strcmp(argv[3], "stop") != 0)
++		return 0;
++
++	for (i = 4; i != argc; ++i) {
++		if (!strncmp(argv[i], "mnt:", 4)) {
++			mntns = argv[i] + 4;
++			break;
++		}
++	}
++
++	if (!mntns) {
++		fprintf(stderr, "%s: no mount namespace provided\n", argv[0]);
++		return 3;
++	}
++
++	/* Open a handle to /proc on the host as we need to access /proc/self/mounts
++	 * and the container's /proc doesn't contain our /self. See read_mounts().
++	 */
++	procfd = open("/proc", O_RDONLY | O_DIRECTORY | O_PATH);
++	if (procfd < 0) {
++		fprintf(stderr, "%s: failed to open /proc: %s\n", argv[0], strerror(errno));
++		return 4;
++	}
++
++	/* Open the mount namespace and enter it. */
++	ctmntfd = open(mntns, O_RDONLY);
++	if (ctmntfd < 0) {
++		fprintf(stderr, "%s: failed to open mount namespace: %s\n",
++			argv[0], strerror(errno));
++		close(procfd);
++		return 5;
++	}
++
++	if (setns(ctmntfd, CLONE_NEWNS) != 0) {
++		fprintf(stderr, "%s: failed to attach to namespace: %s\n",
++			argv[0], strerror(errno));
++		close(ctmntfd);
++		close(procfd);
++		return 6;
++	}
++	close(ctmntfd);
++
++	/* Now read [[procfd]]/self/mounts */
++	if (!read_mounts(procfd, &mounts, &count)) {
++		fprintf(stderr, "%s: failed to read mountpoints: %s\n",
++			argv[0], strerror(errno));
++		close(procfd);
++		return 7;
++	}
++	close(procfd);
++
++	/* Just sort to get a sane unmount-order... */
++	qsort(mounts, count, sizeof(*mounts), &mount_cmp_dst);
++
++	for (zi = 0; zi != count; ++zi) {
++		/* fprintf(stderr, "Unmount: %s\n", mounts[zi].dst); */
++		if (umount2(mounts[zi].dst, 0) != 0) {
++			int error = errno;
++			if (mount_should_error(&mounts[zi])) {
++				fprintf(stderr, "%s: failed to unmount %s: %s\n",
++					argv[0], mounts[zi].dst, strerror(error));
++			}
++		}
++		mount_free(&mounts[zi]);
++	}
++	free(mounts);
++
++	return 0;
++}
+-- 
+2.1.4
+
diff --git a/debian/patches/0006-hooks-put-binary-hooks-in-usr-lib-lxc-hooks.patch b/debian/patches/0006-hooks-put-binary-hooks-in-usr-lib-lxc-hooks.patch
new file mode 100644
index 0000000..ca915eb
--- /dev/null
+++ b/debian/patches/0006-hooks-put-binary-hooks-in-usr-lib-lxc-hooks.patch
@@ -0,0 +1,44 @@
+From 9b20851c6cbe129569efaf91d1261b7369fca883 Mon Sep 17 00:00:00 2001
+From: Wolfgang Bumiller <w.bumiller at proxmox.com>
+Date: Wed, 21 Oct 2015 09:42:52 +0200
+Subject: [PATCH] hooks: put binary hooks in /usr/lib/lxc/hooks
+
+---
+ configure.ac      | 1 +
+ hooks/Makefile.am | 3 ++-
+ 2 files changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/configure.ac b/configure.ac
+index 874b446..29706cc 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -539,6 +539,7 @@ AS_AC_EXPAND(LXCROOTFSMOUNT, "$with_rootfs_path")
+ AS_AC_EXPAND(LXCTEMPLATEDIR, "$datadir/lxc/templates")
+ AS_AC_EXPAND(LXCTEMPLATECONFIG, "$datadir/lxc/config")
+ AS_AC_EXPAND(LXCHOOKDIR, "$datadir/lxc/hooks")
++AS_AC_EXPAND(LXCLIBHOOKDIR, "$libdir/lxc/hooks")
+ AS_AC_EXPAND(LXCINITDIR, "$libexecdir")
+ AS_AC_EXPAND(LOGPATH, "$with_log_path")
+ AS_AC_EXPAND(RUNTIME_PATH, "$with_runtime_path")
+diff --git a/hooks/Makefile.am b/hooks/Makefile.am
+index 499a2c4..263f62c 100644
+--- a/hooks/Makefile.am
++++ b/hooks/Makefile.am
+@@ -1,4 +1,5 @@
+ hooksdir=@LXCHOOKDIR@
++libhooksdir=@LXCLIBHOOKDIR@
+ 
+ hooks_SCRIPTS = \
+ 	clonehostname \
+@@ -6,7 +7,7 @@ hooks_SCRIPTS = \
+ 	ubuntu-cloud-prep \
+ 	squid-deb-proxy-client
+ 
+-hooks_PROGRAMS = \
++libhooks_PROGRAMS = \
+ 	unmount-namespace
+ 
+ unmount_namespace_SOURCES = \
+-- 
+2.1.4
+
diff --git a/debian/patches/series b/debian/patches/series
index 3737812..235086b 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -6,3 +6,9 @@ include-linux-sched.patch
 use-var-lib-vz-as-default-dir.patch
 #do-not-use-config-path-for-rootfs.patch
 run-lxcnetaddbr.patch
+0001-added-stop-hook-entries.patch
+0002-run-stop-hook-between-STOPPING-and-STOPPED-states.patch
+0003-pass-namespace-handles-to-the-stop-hook.patch
+0004-document-the-stop-hook.patch
+0005-added-the-unmount-namespace-hook.patch
+0006-hooks-put-binary-hooks-in-usr-lib-lxc-hooks.patch
-- 
2.1.4




More information about the pve-devel mailing list