提交 7adfda0d 编写于 作者: G Gao feng 提交者: Eric Blake

LXC: move the comments to the proper place

The comments is for virLXCControllerSetupPrivateNS.
Signed-off-by: NGao feng <gaofeng@cn.fujitsu.com>
上级 2a3466fa
...@@ -1259,6 +1259,27 @@ virLXCControllerSetupPrivateNS(void) ...@@ -1259,6 +1259,27 @@ virLXCControllerSetupPrivateNS(void)
{ {
int ret = -1; int ret = -1;
/*
* If doing a chroot style setup, we need to prepare
* a private /dev/pts for the child now, which they
* will later move into position.
*
* This is complex because 'virsh console' needs to
* use /dev/pts from the host OS, and the guest OS
* needs to use /dev/pts from the guest.
*
* This means that we (libvirt_lxc) need to see and
* use both /dev/pts instances. We're running in the
* host OS context though and don't want to expose
* the guest OS /dev/pts there.
*
* Thus we call unshare(CLONE_NS) so that we can see
* the guest's new /dev/pts, without it becoming
* visible to the host OS. We also put the root FS
* into slave mode, just in case it was currently
* marked as shared
*/
if (unshare(CLONE_NEWNS) < 0) { if (unshare(CLONE_NEWNS) < 0) {
virReportSystemError(errno, "%s", virReportSystemError(errno, "%s",
_("Cannot unshare mount namespace")); _("Cannot unshare mount namespace"));
...@@ -1287,26 +1308,6 @@ virLXCControllerSetupDevPTS(virLXCControllerPtr ctrl) ...@@ -1287,26 +1308,6 @@ virLXCControllerSetupDevPTS(virLXCControllerPtr ctrl)
VIR_DEBUG("Setting up private /dev/pts"); VIR_DEBUG("Setting up private /dev/pts");
/*
* If doing a chroot style setup, we need to prepare
* a private /dev/pts for the child now, which they
* will later move into position.
*
* This is complex because 'virsh console' needs to
* use /dev/pts from the host OS, and the guest OS
* needs to use /dev/pts from the guest.
*
* This means that we (libvirt_lxc) need to see and
* use both /dev/pts instances. We're running in the
* host OS context though and don't want to expose
* the guest OS /dev/pts there.
*
* Thus we call unshare(CLONE_NS) so that we can see
* the guest's new /dev/pts, without it becoming
* visible to the host OS. We also put the root FS
* into slave mode, just in case it was currently
* marked as shared
*/
mount_options = virSecurityManagerGetMountOptions(ctrl->securityManager, mount_options = virSecurityManagerGetMountOptions(ctrl->securityManager,
ctrl->def); ctrl->def);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册