Documentation
¶
Overview ¶
*
- This file is a bit funny. The goal here is to use setns() to manipulate
- files inside the container, so we don't have to reason about the paths to
- make sure they don't escape (we can simply rely on the kernel for
- correctness). Unfortunately, you can't setns() to a mount namespace with a
- multi-threaded program, which every golang binary is. However, by declaring
- our init as an initializer, we can capture process control before it is
- transferred to the golang runtime, so we can then setns() as we'd like
- before golang has a chance to set up any threads. So, we implement two new
- lxd fork* commands which are captured here, and take a file on the host fs
- and copy it into the container ns. *
- An alternative to this would be to move this code into a separate binary,
- which of course has problems of its own when it comes to packaging (how do
- we find the binary, what do we do if someone does file push and it is
- missing, etc.). After some discussion, even though the embedded method is
- somewhat convoluted, it was preferred.
Package main is a generated protocol buffer package.
It is generated from these files:
lxd/migrate.proto
It has these top-level messages:
IDMapType Config Device Snapshot MigrationHeader MigrationControl
Source Files
¶
- api_1.0.go
- api_internal.go
- apparmor.go
- certificates.go
- cgroup.go
- container.go
- container_delete.go
- container_exec.go
- container_file.go
- container_get.go
- container_logs.go
- container_lxc.go
- container_patch.go
- container_post.go
- container_put.go
- container_snapshot.go
- container_state.go
- containers.go
- containers_get.go
- containers_post.go
- daemon.go
- daemon_config.go
- daemon_images.go
- db.go
- db_certificates.go
- db_config.go
- db_containers.go
- db_devices.go
- db_images.go
- db_networks.go
- db_patches.go
- db_profiles.go
- db_storage_pools.go
- db_storage_volumes.go
- db_update.go
- debug.go
- devices.go
- devlxd.go
- devlxd_gc.go
- events.go
- images.go
- main.go
- main_activateifneeded.go
- main_callhook.go
- main_daemon.go
- main_forkexec.go
- main_forkgetnet.go
- main_forkmigrate.go
- main_forkstart.go
- main_import.go
- main_init.go
- main_migratedumpsuccess.go
- main_netcat.go
- main_nsexec.go
- main_ready.go
- main_shutdown.go
- main_waitready.go
- migrate.go
- migrate.pb.go
- networks.go
- networks_config.go
- networks_iptables.go
- networks_utils.go
- operations.go
- patches.go
- profiles.go
- profiles_utils.go
- response.go
- rsync.go
- seccomp.go
- storage.go
- storage_64bit.go
- storage_btrfs.go
- storage_cgo.go
- storage_dir.go
- storage_lvm.go
- storage_lvm_utils.go
- storage_migration.go
- storage_mock.go
- storage_pools.go
- storage_pools_config.go
- storage_pools_utils.go
- storage_shared.go
- storage_utils.go
- storage_volumes.go
- storage_volumes_config.go
- storage_volumes_utils.go
- storage_zfs.go
- storage_zfs_utils.go
- util.go
Directories
Click to show internal directories.
Click to hide internal directories.