From 0b73a6c5d4a3674f24d6c3e0e6bd1bd0c8f5eab2 Mon Sep 17 00:00:00 2001 From: jikai Date: Thu, 25 Apr 2024 09:51:14 +0000 Subject: [PATCH 21/22] remove lcr-created spec only if create failed Signed-off-by: jikai --- src/lcrcontainer.c | 8 +++---- src/lcrcontainer_extend.c | 45 +++++++++++++++++++++++++++++++++++++++ src/lcrcontainer_extend.h | 2 ++ 3 files changed, 50 insertions(+), 5 deletions(-) diff --git a/src/lcrcontainer.c b/src/lcrcontainer.c index 4256799..71dfe61 100644 --- a/src/lcrcontainer.c +++ b/src/lcrcontainer.c @@ -184,15 +184,13 @@ bool lcr_create(const char *name, const char *lcrpath, void *oci_config) bret = true; out_unlock: + if (!bret) { + lcr_delete_spec(c, oci_spec); + } if (partial_fd >= 0) { close(partial_fd); remove_partial(c); } - if (!bret) { - if (!c->destroy(c)) { - WARN("Unable to clean lxc resources"); - } - } lxc_container_put(c); isula_libutils_free_log_prefix(); return bret; diff --git a/src/lcrcontainer_extend.c b/src/lcrcontainer_extend.c index 321be8c..d70f5a6 100644 --- a/src/lcrcontainer_extend.c +++ b/src/lcrcontainer_extend.c @@ -986,3 +986,48 @@ out_free_conf: return ret; } + +static void delete_specific_spec(const char *bundle, const char *name) +{ + char filepath[PATH_MAX] = { 0 }; + int nret = snprintf(filepath, sizeof(filepath), "%s/%s", bundle, name); + if (nret < 0 || (size_t)nret >= sizeof(filepath)) { + ERROR("Failed to print string"); + return; + } + + if (unlink(filepath) != 0) { + SYSERROR("Failed to delete %s", filepath); + return; + } +} + +void lcr_delete_spec(const struct lxc_container *c, oci_runtime_spec *container) +{ + const char *path = NULL; + const char *name = NULL; + char *bundle = NULL; + + if (c == NULL || c->name == NULL || container == NULL) { + ERROR("Invalid arguments"); + return; + } + + path = c->config_path ? c->config_path : LCRPATH; + name = c->name; + bundle = lcr_get_bundle(path, name); + if (bundle == NULL) { + return; + } + + if (container->hooks != NULL) { + delete_specific_spec(bundle, OCIHOOKSFILE); + } + + delete_specific_spec(bundle, "config"); + + // There might not exist seccomp file, try to delete anyway + delete_specific_spec(bundle, "seccomp"); + + free(bundle); +} diff --git a/src/lcrcontainer_extend.h b/src/lcrcontainer_extend.h index f524a4a..5a55b10 100644 --- a/src/lcrcontainer_extend.h +++ b/src/lcrcontainer_extend.h @@ -78,6 +78,8 @@ bool lcr_save_spec(const char *name, const char *lcrpath, const struct lcr_list bool translate_spec(const struct lxc_container *c, oci_runtime_spec *container); +void lcr_delete_spec(const struct lxc_container *c, oci_runtime_spec *container); + #ifdef __cplusplus } #endif -- 2.34.1