Re: call_usermodehelper in containers
From: Oleg Nesterov
Date: Thu Mar 24 2016 - 21:30:25 EST
Hi Ian,
I can't really recall this old discussion, so I can be easily wrong...
On 03/24, Ian Kent wrote:
>
> On Mon, 2013-11-18 at 18:28 +0100, Oleg Nesterov wrote:
> >
> > IOW. Please the the "patch" below. It is obviously incomplete and
> > wrong,
> > and it can be more clear/clean. And probably we need another API. Just
> > to explain what I mean.
I hope you didn't miss this part ;)
In particular, we want to turn task_work_add(..., bool notify) into
task_work_add(..., how_to_notify mask) and this "mask" should allow
to force TIF_SIGPENDING.
> > With this patch call_usermodehelper(..., UMH_IN_MY_NS) should do exec
> > from the caller's namespace.
>
> Umm ... I don't think this can work.
>
> I don't think it can be assumed that the init process of a container
> will behave like an init process.
>
> If you try and do this with a Docker container that has /bin/bash as the
> init process signals never arrive and work doesn't start until some
> other signal arrives
only if it blocks/ignores SIGCHLD? But this doesn't matter, see above and
note the "until we have task_work_add_interruptibel()" in the pseudo-code
I showed.
> I probably don't understand what's actually going on, this is just my
> impression of what I'm seeing.
Or perhaps it is me who misunderstands your concerns.
Oleg.