[pve-devel] [PATCH container 1/1] add hookscript to containers

Dominik Csapak d.csapak at proxmox.com
Wed Jan 23 15:38:21 CET 2019 

On 1/23/19 3:29 PM, Fabian Grünbichler wrote:
> same as qemu-server, I'd limit adding a hookscript to a CT config to
> root at pam (for now).

yes you are correct

i thought we had the same default as for vms (new ones default to
root at pam only, maybe we should do this for cts also?)

> 
> On Mon, Jan 21, 2019 at 09:44:36AM +0100, Dominik Csapak wrote:
>> this adds the config (hookscript) and executes it
>> on four points in time for the container
>>
>> the same notes as with vms are in place regarding
>> when the script is called
>>
>> Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
>> ---
>>   src/PVE/LXC.pm            |  6 ++++++
>>   src/PVE/LXC/Config.pm     | 18 +++++++++++++++++-
>>   src/lxc-pve-poststop-hook |  3 +++
>>   3 files changed, 26 insertions(+), 1 deletion(-)
>>
>> diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
>> index ab15ec0..445f9c0 100644
>> --- a/src/PVE/LXC.pm
>> +++ b/src/PVE/LXC.pm
>> @@ -26,6 +26,7 @@ use PVE::AccessControl;
>>   use PVE::ProcFSTools;
>>   use PVE::Syscall;
>>   use PVE::LXC::Config;
>> +use PVE::GuestHelpers;
>>   
>>   use Time::HiRes qw (gettimeofday);
>>   
>> @@ -1912,11 +1913,13 @@ sub vm_start {
>>   
>>       my $cmd = ['systemctl', 'start', "pve-container\@$vmid"];
>>   
>> +    PVE::GuestHelpers::exec_hookscript($conf, $vmid, 'pre-start', 1);
>>       eval { PVE::Tools::run_command($cmd); };
>>       if (my $err = $@) {
>>   	unlink $skiplock_flag_fn;
>>   	die $err;
>>       }
>> +    PVE::GuestHelpers::exec_hookscript($conf, $vmid, 'post-start');
>>   
>>       return;
>>   }
>> @@ -1939,6 +1942,9 @@ sub vm_stop {
>>   	die "failed to open container ${vmid}'s command socket: $!\n";
>>       }
>>   
>> +    my $conf = PVE::LXC::Config->load_config($vmid);
>> +    PVE::GuestHelpers::exec_hookscript($conf, $vmid, 'pre-stop');
>> +
>>       # Stop the container:
>>   
>>       my $cmd = ['lxc-stop', '-n', $vmid];
>> diff --git a/src/PVE/LXC/Config.pm b/src/PVE/LXC/Config.pm
>> index 061ec8e..c1e2011 100644
>> --- a/src/PVE/LXC/Config.pm
>> +++ b/src/PVE/LXC/Config.pm
>> @@ -457,6 +457,12 @@ my $confdesc = {
>>   	format => $features_desc,
>>   	description => "Allow containers access to advanced features.",
>>       },
>> +    hookscript => {
>> +	optional => 1,
>> +	type => 'string',
>> +	format => 'pve-volume-id',
>> +	description => 'Script that will be exectued during various steps in the containers lifetime.',
>> +    },
>>   };
>>   
>>   my $valid_lxc_conf_keys = {
>> @@ -896,7 +902,7 @@ sub update_pct_config {
>>   		delete $conf->{$opt};
>>   		PVE::LXC::write_cgroup_value("memory", $vmid,
>>   					     "memory.memsw.limit_in_bytes", -1);
>> -	    } elsif ($opt eq 'description' || $opt eq 'onboot' || $opt eq 'startup') {
>> +	    } elsif ($opt eq 'description' || $opt eq 'onboot' || $opt eq 'startup' || $opt eq 'hookscript') {
>>   		delete $conf->{$opt};
>>   	    } elsif ($opt eq 'nameserver' || $opt eq 'searchdomain' ||
>>   		     $opt eq 'tty' || $opt eq 'console' || $opt eq 'cmode') {
>> @@ -1091,6 +1097,16 @@ sub update_pct_config {
>>   	} elsif ($opt eq 'features') {
>>   	    next if $hotplug_error->($opt);
>>   	    $conf->{$opt} = $value;
>> +	} elsif ($opt eq 'hookscript') {
>> +	    my $storage_cfg = PVE::Storage::config();
>> +	    my ($path, undef, $type) = PVE::Storage::path($storage_cfg, $value);
>> +
>> +	    die "'$value' is not in the scripts directory\n"
>> +		if $type ne 'scripts';
>> +
>> +	    warn "script '$path' is not found, setting anyway\n"
>> +		if ! -f $path;
> 
> and also here - does this really make sense?
> 

same rationale as for vms

>> +	    $conf->{$opt} = $value;
>>   	} else {
>>   	    die "implement me: $opt";
>>   	}
>> diff --git a/src/lxc-pve-poststop-hook b/src/lxc-pve-poststop-hook
>> index 654aa26..dc7938e 100755
>> --- a/src/lxc-pve-poststop-hook
>> +++ b/src/lxc-pve-poststop-hook
>> @@ -20,6 +20,7 @@ use PVE::CLIHandler;
>>   use PVE::Storage;
>>   use PVE::Storage::Plugin;
>>   use PVE::LXC;
>> +use PVE::GuestHelpers;
>>   use Data::Dumper;
>>   
>>   use base qw(PVE::CLIHandler);
>> @@ -90,6 +91,8 @@ __PACKAGE__->register_method ({
>>   	    exit(1);
>>   	}
>>   
>> +	PVE::GuestHelpers::exec_hookscript($conf, $vmid, 'post-stop');
>> +
>>   	return undef;
>>       }});
>>   
>> -- 
>> 2.11.0
>>
>>
>> _______________________________________________
>> pve-devel mailing list
>> pve-devel at pve.proxmox.com
>> https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
> 
> _______________________________________________
> pve-devel mailing list
> pve-devel at pve.proxmox.com
> https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
>

More information about the pve-devel mailing list