+http://linux-vserver.org/Proc-Security"
+}
+
+
+function _setSingleDiskLimit
+{
+ local vdir=$1
+ local dlimit=$2
+ local space_used=
+ local space_total=
+ local inodes_used=
+ local inodes_total=
+ local reserved=
+ local directory=
+ local ctx=
+
+ getFileValue ctx "$vdir/context"
+ getFileValue directory "$dlimit/directory" || return 0
+ getFileValue space_total "$dlimit/space_total" || return 0
+ getFileValue inodes_total "$dlimit/inodes_total" || return 0
+ getFileValue reserved "$dlimit/reserved" || return 0
+
+ local cachename=$ctx$directory
+ cachename=dlimits/${cachename//\//_}
+
+ test -e "$vdir/cache/$cachename" && . "$vdir/cache/$cachename"
+ # Remove the cache so if the machine goes down unexpectedly, we won't have a stale cache
+ $_RM -f "$vdir/cache/$cachename"
+
+ if test -z "$inodes_used" -o -z "$space_used"; then
+ local tmpvdu
+ tmpvdu=`$_VDU --xid $ctx --space --inodes --script "$directory"`
+ inodes_used=${tmpvdu##* }
+ space_used=${tmpvdu%% *}
+ fi
+
+ $_VDLIMIT --xid $ctx \
+ --set space_used=$space_used \
+ --set space_total=$space_total \
+ --set inodes_used=$inodes_used \
+ --set inodes_total=$inodes_total \
+ --set reserved=$reserved \
+ "$directory"
+}
+
+
+function setDiskLimits
+{
+ local vdir=$1
+ local dlimit
+
+ # Disk Limits without a static context are useless
+ test -e "$vdir"/context || return 0
+
+ for dlimit in "$vdir/dlimits/"*; do
+ test -d "$dlimit" || continue
+ test ! -e "$dlimit/disabled" || continue
+
+ _setSingleDiskLimit "$vdir" "$dlimit"
+ done
+}
+
+
+function _saveSingleDiskLimit
+{
+ local vdir=$1
+ local dlimit=$2
+ local ctx=
+ local directory=
+
+ getFileValue ctx "$vdir/context"
+ getFileValue directory "$dlimit/directory" || return 0
+
+ local cachename=$ctx$directory
+ cachename=${cachename//\//_}
+
+ # Things are getting ugly here... LFS says that /var/cache (where
+ # cachename is usually pointing to) can vanish and applications
+ # have to deal with it. So, we have to interprete the $vdir/cache
+ # symlink and have to create the needed directories manually.
+ if test -d "$vdir/cache"; then
+ : # ok, exists already
+ elif test -L "$vdir/cache"; then
+ # it's a dangling symlink
+ local link
+ link=$($_READLINK "$vdir/cache")
+ ( cd $vdir && $_MKDIR -p "$link" )
+ else
+ return 0
+ fi
+
+ test -d "$vdir/cache"
+ $_MKDIR -p "$vdir"/cache/dlimits
+
+ $_VDLIMIT --xid $ctx "$directory" | \
+ $_GREP '_used=' > "$vdir/cache/dlimits/$cachename"
+
+ $_VDLIMIT --xid $ctx --remove "$directory"
+}
+
+
+function saveDiskLimits
+{
+ local vdir=$1
+ local dlimit
+
+ test -e "$vdir"/context || return 0
+
+ for dlimit in "$vdir/dlimits/"*; do
+ test -d "$dlimit" || continue
+ test ! -e "$dlimit/disabled" || continue
+
+ _saveSingleDiskLimit "$vdir" "$dlimit"
+ done
+}
+
+function _namespaceCleanup
+{
+ local vdir="$1"
+ local root=$($_VSERVER_INFO "$1" VDIR 1)
+ local -a list
+ local -a skip
+ local tmp
+
+ getFileArray skip "$vdir"/namespace-cleanup-skip \
+ "$__CONFDIR"/.defaults/namespace-cleanup-skip || :
+
+ # these are things that have to be accessible post-cleanup
+ for tmp in "$root" "$__SBINDIR" "$__PKGLIBDIR" "$vdir" \
+ "$__PKGSTATEDIR" "$__LOCKDIR" /usr/local /tmp "${skip[@]}"; do
+ while test -n "$tmp"; do
+ list=( "${list[@]}" "$tmp" )
+ tmp="${tmp%/*}"
+ done
+ done
+
+ local -a list_umount
+ while read dev path opts; do
+ test -n "$path" || continue
+ for i in "$root" /dev /proc; do
+ test "${path#$i}" != "$path" && continue 2
+ done
+ for i in "${list[@]}" /; do
+ test "$path" = "$i" && continue 2
+ done
+ # unmount them in reverse order so mounts further down the tree get unmounted first
+ list_umount=( "$path" "${list_umount[@]}" )
+ done < /proc/mounts
+ # separate loop to avoid races while reading /proc/mounts
+ for i in "${list_umount[@]}"; do
+ $_UMOUNT -l -n "$i"
+ done
+}
+
+function loadDeviceMap
+{
+ local xid="$1"
+ local dir="$2"
+ local flags device target
+
+ test -d "$dir" || return 0
+
+ for i in "$dir"/*; do
+ test -d "$i" || continue
+
+ local -a vdevmap_opts=()
+ test -e "$i/create" && vdevmap_opts=( "${vdevmap_opts[@]}" --create )
+ test -e "$i/open" && vdevmap_opts=( "${vdevmap_opts[@]}" --open )
+ test -e "$i/remap" && vdevmap_opts=( "${vdevmap_opts[@]}" --remap )
+
+ getFileValue flags "$i/flags" || :
+ getFileValue device "$i/device" || :
+ getFileValue target "$i/target" || :
+ vdevmap_opts=( "${vdevmap_opts[@]}" ${flags:+--flags "$flags"} \
+ ${device:+--device "$device"} ${target:+--target "$target"} )
+
+ $_VDEVMAP --xid "$xid" "${vdevmap_opts[@]}" || return $?
+ done