[pve-devel] applied: [PATCH container 1/2] fix #2412: ct destroy: only delete config after deleted from pools, fw

Thomas Lamprecht t.lamprecht at proxmox.com
Fri Oct 18 12:52:53 CEST 2019 

commit message stolen from:
https://pve.proxmox.com/pipermail/pve-devel/2019-October/039594.html

Between calling destroy_lxc_container and removing the ID from
user.cfg (remove_vm_access) creating a new CT with this ID was
possible. CTs could go missing from pools as a consequence.

unlinking must happen at the very end of the deletion
process to avoid that other nodes use the ID in the meanwhile

Further lock the config after the VM was destroyed with a config lock
named, well, destroyed. This way it's easy to know that the CT was
destroyed but has still the config skelleton and FW, access etc.
stuff possible left over.

Signed-off-by: Thomas Lamprecht <t.lamprecht at proxmox.com>
---
 src/PVE/API2/LXC.pm   | 6 +++++-
 src/PVE/LXC/Config.pm | 2 +-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/PVE/API2/LXC.pm b/src/PVE/API2/LXC.pm
index 6f47cad..3830e5e 100644
--- a/src/PVE/API2/LXC.pm
+++ b/src/PVE/API2/LXC.pm
@@ -671,9 +671,13 @@ __PACKAGE__->register_method({
 
 	    die $running_error_msg if PVE::LXC::check_running($vmid);
 
-	    PVE::LXC::destroy_lxc_container($storage_cfg, $vmid, $conf);
+	    PVE::LXC::destroy_lxc_container($storage_cfg, $vmid, $conf, { lock => 'destroyed' });
+
 	    PVE::AccessControl::remove_vm_access($vmid);
 	    PVE::Firewall::remove_vmfw_conf($vmid);
+
+	    # only now remove the zombie config, else we can have reuse race
+	    PVE::LXC::Config->destroy_config($vmid);
 	};
 
 	my $realcmd = sub { PVE::LXC::Config->lock_config($vmid, $code); };
diff --git a/src/PVE/LXC/Config.pm b/src/PVE/LXC/Config.pm
index 8517de4..44330da 100644
--- a/src/PVE/LXC/Config.pm
+++ b/src/PVE/LXC/Config.pm
@@ -329,7 +329,7 @@ my $confdesc = {
 	optional => 1,
 	type => 'string',
 	description => "Lock/unlock the VM.",
-	enum => [qw(backup create disk fstrim migrate mounted rollback snapshot snapshot-delete)],
+	enum => [qw(backup create destroyed disk fstrim migrate mounted rollback snapshot snapshot-delete)],
     },
     onboot => {
 	optional => 1,
-- 
2.20.1

More information about the pve-devel mailing list