diff options
| author | Fabricio Voznika <fvoznika@google.com> | 2018-09-20 18:53:02 -0700 |
|---|---|---|
| committer | Shentubot <shentubot@google.com> | 2018-09-20 18:54:09 -0700 |
| commit | b63c4bfe02d1b88eb12d75d0c7051a006d5cbe7d (patch) | |
| tree | 57d750c87400bf2319895076d4c5fa9cc01a3c9f /runsc/sandbox | |
| parent | 8a938a3f9df631667c5f9e5d4a2185207e492a0d (diff) | |
Set Sandbox.Chroot so it gets cleaned up upon destruction
I've made several attempts to create a test, but the lack of
permission from the test user makes it nearly impossible to
test anything useful.
PiperOrigin-RevId: 213922174
Change-Id: I5b502ca70cb7a6645f8836f028fb203354b4c625
Diffstat (limited to 'runsc/sandbox')
| -rw-r--r-- | runsc/sandbox/chroot.go | 2 | ||||
| -rw-r--r-- | runsc/sandbox/sandbox.go | 14 |
2 files changed, 12 insertions, 4 deletions
diff --git a/runsc/sandbox/chroot.go b/runsc/sandbox/chroot.go index 749bf3782..30a4bae35 100644 --- a/runsc/sandbox/chroot.go +++ b/runsc/sandbox/chroot.go @@ -74,6 +74,8 @@ func setUpChroot() (string, error) { // tearDownChroot unmounts /proc and /runsc from the chroot before deleting the // directory. func tearDownChroot(chroot string) error { + log.Debugf("Removing chroot mounts %q", chroot) + // Unmount /proc. proc := filepath.Join(chroot, "proc") if err := syscall.Unmount(proc, 0); err != nil { diff --git a/runsc/sandbox/sandbox.go b/runsc/sandbox/sandbox.go index 07a6bf388..67244c725 100644 --- a/runsc/sandbox/sandbox.go +++ b/runsc/sandbox/sandbox.go @@ -451,6 +451,7 @@ func (s *Sandbox) createSandboxProcess(spec *specs.Spec, conf *boot.Config, bund if err != nil { return fmt.Errorf("error setting up chroot: %v", err) } + s.Chroot = chroot // Remember path so it can cleaned up. cmd.SysProcAttr.Chroot = chroot cmd.Args[0] = "/runsc" cmd.Path = "/runsc" @@ -549,9 +550,9 @@ func (s *Sandbox) IsRootContainer(cid string) bool { return s.ID == cid } -// Destroy frees all resources associated with the sandbox. -// Destroy returns error if any step fails, and the function can be safely retried. -func (s *Sandbox) Destroy() error { +// Destroy frees all resources associated with the sandbox. It fails fast and +// is idempotent. +func (s *Sandbox) destroy() error { log.Debugf("Destroy sandbox %q", s.ID) if s.Pid != 0 { log.Debugf("Killing sandbox %q", s.ID) @@ -674,7 +675,12 @@ func (s *Sandbox) Stacks() (string, error) { func (s *Sandbox) DestroyContainer(cid string) error { if s.IsRootContainer(cid) { log.Debugf("Destroying root container %q by destroying sandbox", cid) - return s.Destroy() + return s.destroy() + } + + if !s.IsRunning() { + // Sandbox isn't running anymore, container is already destroyed. + return nil } log.Debugf("Destroying container %q in sandbox %q", cid, s.ID) |