[pve-devel] [PATCH v2 container 2/4] added $skiplock parameter for pct start/stop

Wolfgang Bumiller w.bumiller at proxmox.com
Mon Feb 8 08:48:26 CET 2016


Like with qemu the root user can use -skiplock with 'pct
start' and 'pct stop'.

This does not alter the container's lxc config, instead we
pass PVE_SKIPLOCK=1 via the environment which will be seen
from the prestart hook but not from inside the container.
---
 src/PVE/API2/LXC/Status.pm | 16 ++++++++++++++--
 src/lxc-pve-prestart-hook  |  2 +-
 2 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/src/PVE/API2/LXC/Status.pm b/src/PVE/API2/LXC/Status.pm
index 1c80355..cd7f04d 100644
--- a/src/PVE/API2/LXC/Status.pm
+++ b/src/PVE/API2/LXC/Status.pm
@@ -112,6 +112,7 @@ __PACKAGE__->register_method({
 	properties => {
 	    node => get_standard_option('pve-node'),
 	    vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid_stopped }),
+	    skiplock => get_standard_option('skiplock'),
 	},
     },
     returns => {
@@ -128,6 +129,10 @@ __PACKAGE__->register_method({
 
 	my $vmid = extract_param($param, 'vmid');
 
+	my $skiplock = extract_param($param, 'skiplock');
+	raise_param_exc({ skiplock => "Only root may use this option." })
+	    if $skiplock && $authuser ne 'root at pam';
+
 	die "CT $vmid already running\n" if PVE::LXC::check_running($vmid);
 
 	PVE::Cluster::check_cfs_quorum();
@@ -163,12 +168,14 @@ __PACKAGE__->register_method({
 		    die "you can't start a CT if it's a template\n"
 			if PVE::LXC::is_template($conf);
 
-		    PVE::LXC::check_lock($conf);
+		    PVE::LXC::check_lock($conf) if !$skiplock;
 
 		    my $storage_cfg = cfs_read_file("storage.cfg");
 
 		    PVE::LXC::update_lxc_config($storage_cfg, $vmid, $conf);
 
+		    local $ENV{PVE_SKIPLOCK}=1 if $skiplock;
+
 		    my $cmd = ['lxc-start', '-n', $vmid];
 
 		    run_command($cmd);
@@ -198,6 +205,7 @@ __PACKAGE__->register_method({
 	properties => {
 	    node => get_standard_option('pve-node'),
 	    vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid_running }),
+	    skiplock => get_standard_option('skiplock'),
 	},
     },
     returns => {
@@ -214,6 +222,10 @@ __PACKAGE__->register_method({
 
 	my $vmid = extract_param($param, 'vmid');
 
+	my $skiplock = extract_param($param, 'skiplock');
+	raise_param_exc({ skiplock => "Only root may use this option." })
+	    if $skiplock && $authuser ne 'root at pam';
+
 	die "CT $vmid not running\n" if !PVE::LXC::check_running($vmid);
 
 	if (PVE::HA::Config::vm_is_ha_managed($vmid) && $rpcenv->{type} ne 'ha') {
@@ -244,7 +256,7 @@ __PACKAGE__->register_method({
 
 		    my $conf = PVE::LXC::load_config($vmid);
 
-		    PVE::LXC::check_lock($conf);
+		    PVE::LXC::check_lock($conf) if !$skiplock;
 
 		    my $cmd = ['lxc-stop', '-n', $vmid, '--kill'];
 
diff --git a/src/lxc-pve-prestart-hook b/src/lxc-pve-prestart-hook
index 1ba957f..d52cbbc 100755
--- a/src/lxc-pve-prestart-hook
+++ b/src/lxc-pve-prestart-hook
@@ -63,7 +63,7 @@ __PACKAGE__->register_method ({
 	return undef if ! -f PVE::LXC::config_file($vmid);
 
 	my $conf = PVE::LXC::load_config($vmid);
-	PVE::LXC::check_lock($conf);
+	PVE::LXC::check_lock($conf) if !$ENV{PVE_SKIPLOCK};
 
 	my $storage_cfg = PVE::Storage::config();
 
-- 
2.1.4





More information about the pve-devel mailing list