From c9c87376f2b2197ad774533ad6a6dd2f631ca105 Mon Sep 17 00:00:00 2001
From: Martin Kletzander <mkletzan@redhat.com>
Date: Thu, 21 Mar 2013 15:59:50 +0100
Subject: [PATCH] lxc: Prevent shutting down the host

When the container has the same '/dev' mount as host (no chroot),
calling domainShutdown(WithFlags) shouldn't shutdown the host it is
running on.
---
 src/lxc/lxc_driver.c | 45 +++++++++++++++++++++++++++-----------------
 1 file changed, 28 insertions(+), 17 deletions(-)

diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
index 8603078d1e..ba14db7a99 100644
--- a/src/lxc/lxc_driver.c
+++ b/src/lxc/lxc_driver.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2010-2012 Red Hat, Inc.
+ * Copyright (C) 2010-2013 Red Hat, Inc.
  * Copyright IBM Corp. 2008
  *
  * lxc_driver.c: linux container driver functions
@@ -2778,13 +2778,19 @@ lxcDomainShutdownFlags(virDomainPtr dom,
     virLXCDriverPtr driver = dom->conn->privateData;
     virLXCDomainObjPrivatePtr priv;
     virDomainObjPtr vm;
+    virDomainFSDefPtr root;
     char *vroot = NULL;
     int ret = -1;
-    int rc;
+    int rc = 0;
+    bool methodSignal;
+    bool methodInitctl;
 
     virCheckFlags(VIR_DOMAIN_SHUTDOWN_INITCTL |
                   VIR_DOMAIN_SHUTDOWN_SIGNAL, -1);
 
+    methodSignal = !!(flags & VIR_DOMAIN_SHUTDOWN_SIGNAL);
+    methodInitctl = !!(flags & VIR_DOMAIN_SHUTDOWN_INITCTL);
+
     lxcDriverLock(driver);
     vm = virDomainObjListFindByUUID(driver->domains, dom->uuid);
     lxcDriverUnlock(driver);
@@ -2798,6 +2804,7 @@ lxcDomainShutdownFlags(virDomainPtr dom,
     }
 
     priv = vm->privateData;
+    root = virDomainGetRootFilesystem(vm->def);
 
     if (!virDomainObjIsActive(vm)) {
         virReportError(VIR_ERR_OPERATION_INVALID,
@@ -2817,27 +2824,31 @@ lxcDomainShutdownFlags(virDomainPtr dom,
         goto cleanup;
     }
 
-    if (flags == 0 ||
-        (flags & VIR_DOMAIN_SHUTDOWN_INITCTL)) {
-        if ((rc = virInitctlSetRunLevel(VIR_INITCTL_RUNLEVEL_POWEROFF,
-                                        vroot)) < 0) {
+    if (root && root->src) {
+        if (flags == 0)
+            methodSignal = methodInitctl = true;
+    } else if (methodInitctl) {
+        virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
+                       _("Cannot shutdown container using initctl "
+                         "without separated namespace"));
+        goto cleanup;
+    } else {
+        methodSignal = true;
+    }
+
+    if (methodInitctl) {
+        rc = virInitctlSetRunLevel(VIR_INITCTL_RUNLEVEL_POWEROFF, vroot);
+        if (rc < 0)
             goto cleanup;
-        }
-        if (rc == 0 && flags != 0 &&
-            ((flags & ~VIR_DOMAIN_SHUTDOWN_INITCTL) == 0)) {
+        if (rc == 0 && !methodSignal) {
             virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
                            _("Container does not provide an initctl pipe"));
             goto cleanup;
         }
-    } else {
-        rc = 0;
     }
-
-    if (rc == 0 &&
-        (flags == 0 ||
-         (flags & VIR_DOMAIN_SHUTDOWN_SIGNAL))) {
-        if (kill(priv->initpid, SIGTERM) < 0 &&
-            errno != ESRCH) {
+    if (rc == 0 && methodSignal) {
+        ret = kill(priv->initpid, SIGTERM);
+        if (ret < 0 && errno != ESRCH) {
             virReportSystemError(errno,
                                  _("Unable to send SIGTERM to init pid %llu"),
                                  (unsigned long long)priv->initpid);
-- 
GitLab