New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
liblxc->start does not close fds in intermediate process #354
Comments
Can you show in detail (ls -l /proc/pid/fd of both processes) which fds you think are not being removed? The lxc_check_inherited() call happens at the top of lxc_start(), so that both the lxc monitor (2) and the lxc init (3) should have all fds closed. In fact, when I try to test this on my laptop, all fds are closed. So I'd be curious to see what fds are being closed and how we're doing it wrong in lxc_check_inherited(). |
This issue is not about lxc monitor, see my ps axf output: |
OK, I've solved the problem, the flag 'close_all_fds' was not set. lxccontainer.c line 469, there is a comment: "daemonize implies close_all_fds so set it" |
Looks like an oversight. The default wasn't daemonize=1 until recently, I think the line setting c->daemonize = true in lxc_container_new should |
Note, a patch to this effect should be accepted if you send it. |
Hi, any news on this issue? I think I just hit it from both Ruby and Python bindings. When I start a recently created container, there's always a process hanging left over. The code I'm using to test is: https://gist.github.com/tripledes/330533a9589aed1a88d4 With that simple code, the results are the container is created and started, but there's a process left behind.
Stracing the whole thing with "-ff" and writing the output to files shows the process calling epoll_create(2), it returns fd 16 (I haven't seen any other syscall returning 16 as fd in the output), throughout the file, there are several calls to epoll_wait with same fd as first parameter and finally the last line of the file shows:
So, I'm I missing anything that is causing this behavior ? is it related to this issue or should I open a new one? I've been able to reproduce it with both Ruby and Python, so I presume is liblxc related but I could be wrong. Thanks. UPDATE: Using the following C code: https://gist.github.com/tripledes/7f49cee18a8292e4652e , which is a slightly modified version of the example shown at: https://www.stgraber.org/2014/02/05/lxc-1-0-scripting-with-the-api/. I'm able to reproduce the issue, the command is still shown in the process table but the prompt has returned and stracing to the process shows same epoll_wait() call. |
Quoting Sergio Jimenez (notifications@github.com):
No, would you like to send a patch? |
@hallyn I can try, I cannot promise and I might need some help :-) I'll be back from holidays in few days then I'll try to find out where the issue is. |
I experience a possibly-related problem on lxc 1.0.6. I have a service process (daemon) which is using lxc via system() calls Previously, on 0.7.5 (iirc) the following did not make container processes inherit parent fd's: On lxc 1.0.6 instead the same command gets the fd's inherited. Adding -C fixes the situation, even though manpage tells that -d should imply -C. Could the problem be related to the fact that calling process is already a daemon? |
@tripledes |
@hallyn thanks for letting us to know, do you have a URL to the thread on the mailing list? |
When containers request to be daemonized, close-all-fd is set to true. But when we switched ot daemonize-by-default we didn't set close-all-fd by default. Fix that. In order to do that we have to always have a lxc_conf object. As a consequence, after this patch we can drop a bunch of checks for c->lxc_conf existing. We should consider removing those. This patch does not do that. This should close #354 Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com> Acked-by: Stéphane Graber <stgraber@ubuntu.com>
When containers request to be daemonized, close-all-fd is set to true. But when we switched ot daemonize-by-default we didn't set close-all-fd by default. Fix that. In order to do that we have to always have a lxc_conf object. As a consequence, after this patch we can drop a bunch of checks for c->lxc_conf existing. We should consider removing those. This patch does not do that. This should close lxc#354 Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com> Acked-by: Stéphane Graber <stgraber@ubuntu.com>
I am trying to use liblxc in my project. Previously I was using
libvirt and everything was ok, but after switching to lxc I found
one issue.
After invoking lxc->start ps shows sth like this:
_ (1) my-process
_ _ (2) my-process (forked)
_ _ (3) container-init
The problem is with process (2). It appears that this process holds
all the file descriptor copied from process (1). In my case it's a
real problem because one of this file descriptors is a dbus socket
and after process (1) death, process (2) still holds process (1)
dbus name.
The text was updated successfully, but these errors were encountered: