Some OCI container runtimes (in particular the hypervisor
based ones) will typically create a shim process between
the hypervisor and the runtime caller, in order to not
rely on the hypervisor process for e.g. forwarding the
output streams or getting a command exit code.
With these runtimes we need to monitor a different process
than the runtime one when executing a command inside a
running container. The natural place to do so is conmon
and thus we add a new option to conmon for calling the
runtime exec command, monitor the PID and then return the
running command exit code through the sync pipe to the
parent.
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
waitpid fills its second argument with a value that
contains the process exit code in the 8 least significant
bits. Instead of returning the complete value and then
convert it from ocid, return the exit status directly
by using WEXITSTATUS from conmon.
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
We need to be able pass both the bundle path and the pid file
paths to conmon from ocid.
The former is mandatory when creating an OCI container:
https://github.com/opencontainers/runtime-spec/blob/master/runtime.md#create
And it makes sense to provide a full path for the latter as the
current hardcoded relative path may lead to errors if e.g. the
runtime chdir() before creating the PID file.
In both cases we try to create default reasonable values when
they are left empty by the caller.
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
conmon uses getopt() even if it's a glib based application,
and therefore could use the much more modern and flexible
GOptionContext mechanism. Fixes#89
Signed-off-by: Alvaro Lopez Ortega <alvaro@gnu.org>
