X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=src%2Fplanetlab.c;h=b236b9da3b964350d2bb978c39853fa85e400d0a;hb=f19c72d19b6df6739cae1871b710c37ef9e4f067;hp=15cc7e52a42a2973f41a1de4c567e90c44c9e0b5;hpb=569c62a4ed4d2ab13516bbf1f68e1a71205aa2c6;p=util-vserver-pl.git

diff --git a/src/planetlab.c b/src/planetlab.c
index 15cc7e5..b236b9d 100644
--- a/src/planetlab.c
+++ b/src/planetlab.c
@@ -44,6 +44,8 @@ POSSIBILITY OF SUCH DAMAGE.
 #include <ctype.h>
 #include <sys/resource.h>
 #include <fcntl.h>
+#define _GNU_SOURCE 
+#include <sched.h>
 
 #include "vserver.h"
 #include "planetlab.h"
@@ -59,11 +61,12 @@ POSSIBILITY OF SUCH DAMAGE.
 #endif
 
 static int
-create_context(xid_t ctx, uint64_t bcaps)
+create_context(xid_t ctx, uint64_t bcaps, uint32_t unshare_flags)
 {
   struct vc_ctx_caps   vc_caps;
   struct vc_net_flags  vc_nf;
   struct vc_net_caps   vc_ncaps;
+  uint32_t unshare_mask;
 
   /* Create network context */
   if (vc_net_create(ctx) == VC_NOCTX) {
@@ -88,12 +91,18 @@ tag:
     return -1;
 
 process:
+
   /*
    * Create context info - this sets the STATE_SETUP and STATE_INIT flags.
    */
   if (vc_ctx_create(ctx, 0) == VC_NOCTX)
     return -1;
 
+    if (unshare_mask != 0) {
+      unshare(unshare_mask);
+      vc_set_namespace(ctx, unshare_mask);
+  }
+
   /* Set capabilities - these don't take effect until SETUP flag is unset */
   vc_caps.bcaps = bcaps;
   vc_caps.bmask = ~0ULL;  /* currently unused */
@@ -143,11 +152,15 @@ pl_chcontext(xid_t ctx, uint64_t bcaps, const struct sliver_resources *slr)
 
       if (vc_get_cflags(ctx, &vc_flags))
 	{
+        uint32_t unshare_mask;
 	  if (errno != ESRCH)
 	    return -1;
 
+       /* Unshare the net namespace if the slice if requested in the local slice configuration */
+        unshare_mask = get_space_flag(ctx);
+
 	  /* context doesn't exist - create it */
-	  if (create_context(ctx, bcaps))
+	  if (create_context(ctx, bcaps, unshare_mask))
 	    {
 	      if (errno == EEXIST)
 		/* another process beat us in a race */
@@ -179,6 +192,14 @@ pl_chcontext(xid_t ctx, uint64_t bcaps, const struct sliver_resources *slr)
     migrate:
       if (net_migrated || !vc_net_migrate(ctx))
 	{
+        uint32_t unshare_mask;
+      /* Unshare the net namespace if the slice if requested in the local slice configuration */
+      unshare_mask = get_space_flag(ctx);
+      if (unshare_mask != 0) {
+          vc_enter_namespace(ctx, unshare_mask);
+          unshare(unshare_mask);
+      }
+
 	  if (!vc_tag_migrate(ctx) && !vc_ctx_migrate(ctx, 0))
 	    break;  /* done */
 	  net_migrated = 1;
@@ -251,6 +272,7 @@ struct pl_resources {
 	if (index < len) index++; else goto out;
 
 #define VSERVERCONF "/etc/vservers/"
+
 void
 pl_get_limits(const char *context, struct sliver_resources *slr)
 {