[pve-devel] [PATCH container 2/2] api/destroy: repeat early checks after locking
Fabian Grünbichler
f.gruenbichler at proxmox.com
Mon Apr 27 10:24:25 CEST 2020
and check_lock before forking as well
Signed-off-by: Fabian Grünbichler <f.gruenbichler at proxmox.com>
---
Notes:
bested viewed with -w --patience
src/PVE/API2/LXC.pm | 31 ++++++++++++++++++++-----------
1 file changed, 20 insertions(+), 11 deletions(-)
diff --git a/src/PVE/API2/LXC.pm b/src/PVE/API2/LXC.pm
index 148ba6a..21899d0 100644
--- a/src/PVE/API2/LXC.pm
+++ b/src/PVE/API2/LXC.pm
@@ -646,20 +646,28 @@ __PACKAGE__->register_method({
my $vmid = $param->{vmid};
# test if container exists
+
my $conf = PVE::LXC::Config->load_config($vmid);
- my $storage_cfg = cfs_read_file("storage.cfg");
- PVE::LXC::Config->check_protection($conf, "can't remove CT $vmid");
+ my $early_checks = sub {
+ my ($conf) = @_;
+ PVE::LXC::Config->check_protection($conf, "can't remove CT $vmid");
+ PVE::LXC::Config->check_lock($conf);
- my $ha_managed = PVE::HA::Config::service_is_configured("ct:$vmid");
+ my $ha_managed = PVE::HA::Config::service_is_configured("ct:$vmid");
- if (!$param->{purge}) {
- die "unable to remove CT $vmid - used in HA resources and purge parameter not set.\n"
- if $ha_managed;
+ if (!$param->{purge}) {
+ die "unable to remove CT $vmid - used in HA resources and purge parameter not set.\n"
+ if $ha_managed;
- # do not allow destroy if there are replication jobs without purge
- my $repl_conf = PVE::ReplicationConfig->new();
- $repl_conf->check_for_existing_jobs($vmid);
- }
+ # do not allow destroy if there are replication jobs without purge
+ my $repl_conf = PVE::ReplicationConfig->new();
+ $repl_conf->check_for_existing_jobs($vmid);
+ }
+
+ return $ha_managed;
+ };
+
+ $early_checks->($conf);
my $running_error_msg = "unable to destroy CT $vmid - container is running\n";
die $running_error_msg if !$param->{force} && PVE::LXC::check_running($vmid); # check early
@@ -667,7 +675,7 @@ __PACKAGE__->register_method({
my $code = sub {
# reload config after lock
$conf = PVE::LXC::Config->load_config($vmid);
- PVE::LXC::Config->check_lock($conf);
+ my $ha_managed = $early_checks->($conf);
if (PVE::LXC::check_running($vmid)) {
die $running_error_msg if !$param->{force};
@@ -679,6 +687,7 @@ __PACKAGE__->register_method({
}
}
+ my $storage_cfg = cfs_read_file("storage.cfg");
PVE::LXC::destroy_lxc_container($storage_cfg, $vmid, $conf, { lock => 'destroyed' });
PVE::AccessControl::remove_vm_access($vmid);
--
2.20.1
More information about the pve-devel
mailing list