vbatts/cri-o
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

conmon: add new option to call cleanup program at exit

Browse source 
add the possibility to run a custom command, and optionally provide
additional arguments to it, when conmon exits.

For example, it could be possible to delete the terminated container
with:

conmon [...] --exit-command /usr/bin/runc \
             --exit-command-arg delete \
             --exit-command-arg $CONTAINER_UUID

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This commit is contained in:
Giuseppe Scrivano 2018-02-23 12:17:04 +01:00
parent 74cd1ec97c
commit e6145b3596
No known key found for this signature in database
GPG key ID: 263D6DF2E163E1EA
1 changed files with 32 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
conmon/conmon.c
View file

@ -116,6 +116,8 @@ static int opt_timeout = 0;
static int64_t opt_log_size_max = -1; static int64_t opt_log_size_max = -1;
static char *opt_socket_path = DEFAULT_SOCKET_PATH; static char *opt_socket_path = DEFAULT_SOCKET_PATH;
static bool opt_no_new_keyring = false; static bool opt_no_new_keyring = false;
static char *opt_exit_command = NULL;
static gchar **opt_exit_args = NULL;
static GOptionEntry opt_entries[] = static GOptionEntry opt_entries[] =
{ {
{ "terminal", 't', 0, G_OPTION_ARG_NONE, &opt_terminal, "Terminal", NULL }, { "terminal", 't', 0, G_OPTION_ARG_NONE, &opt_terminal, "Terminal", NULL },
@ -132,6 +134,8 @@ static GOptionEntry opt_entries[] =
{ "exec", 'e', 0, G_OPTION_ARG_NONE, &opt_exec, "Exec a command in a running container", NULL }, { "exec", 'e', 0, G_OPTION_ARG_NONE, &opt_exec, "Exec a command in a running container", NULL },
{ "exec-process-spec", 0, 0, G_OPTION_ARG_STRING, &opt_exec_process_spec, "Path to the process spec for exec", NULL }, { "exec-process-spec", 0, 0, G_OPTION_ARG_STRING, &opt_exec_process_spec, "Path to the process spec for exec", NULL },
{ "exit-dir", 0, 0, G_OPTION_ARG_STRING, &opt_exit_dir, "Path to the directory where exit files are written", NULL }, { "exit-dir", 0, 0, G_OPTION_ARG_STRING, &opt_exit_dir, "Path to the directory where exit files are written", NULL },
{ "exit-command", 0, 0, G_OPTION_ARG_STRING, &opt_exit_command, "Path to the program to execute when the container terminates its execution", NULL },
{ "exit-command-arg", 0, 0, G_OPTION_ARG_STRING_ARRAY, &opt_exit_args, "Additional arg to pass to the exit command. Can be specified multiple times", NULL },
{ "log-path", 'l', 0, G_OPTION_ARG_STRING, &opt_log_path, "Log file path", NULL }, { "log-path", 'l', 0, G_OPTION_ARG_STRING, &opt_log_path, "Log file path", NULL },
{ "timeout", 'T', 0, G_OPTION_ARG_INT, &opt_timeout, "Timeout in seconds", NULL }, { "timeout", 'T', 0, G_OPTION_ARG_INT, &opt_timeout, "Timeout in seconds", NULL },
{ "log-size-max", 0, 0, G_OPTION_ARG_INT64, &opt_log_size_max, "Maximum size of log file", NULL }, { "log-size-max", 0, 0, G_OPTION_ARG_INT64, &opt_log_size_max, "Maximum size of log file", NULL },
@ -1087,6 +1091,31 @@ static void setup_oom_handling(int container_pid)
g_unix_fd_add (oom_event_fd, G_IO_IN, oom_cb, NULL); g_unix_fd_add (oom_event_fd, G_IO_IN, oom_cb, NULL);
} }
static void do_exit_command()
{
gchar **args;
size_t n_args = 0;
/* Count the additional args, if any. */
if (opt_exit_args)
for (; opt_exit_args[n_args]; n_args++);
args = malloc(sizeof (gchar *) * (n_args + 2));
if (args == NULL)
_exit(EXIT_FAILURE);
args[0] = opt_exit_command;
if (opt_exit_args)
for (n_args = 0; opt_exit_args[n_args]; n_args++)
args[n_args + 1] = opt_exit_args[n_args];
args[n_args + 1] = NULL;
execve(opt_exit_command, args, NULL);
/* Should not happen, but better be safe. */
_exit(EXIT_FAILURE);
}
int main(int argc, char *argv[]) int main(int argc, char *argv[])
{ {
int ret; int ret;
@ -1339,6 +1368,9 @@ int main(int argc, char *argv[])
exit(127); exit(127);
} }
if (opt_exit_command)
atexit(do_exit_command);
g_ptr_array_free (runtime_argv, TRUE); g_ptr_array_free (runtime_argv, TRUE);
/* The runtime has that fd now. We don't need to touch it anymore. */ /* The runtime has that fd now. We don't need to touch it anymore. */