From 1e99ee6ff7f47db2052e226d7b071e31ff33b56c Mon Sep 17 00:00:00 2001 From: Sean Whitton Date: Wed, 4 Aug 2021 17:09:47 -0700 Subject: add LXC properties, :LXC{,-UNPRIV-ATTACH} connections, WITH-HOMEDIR Signed-off-by: Sean Whitton --- doc/connections.rst | 10 +++++----- doc/ideas.rst | 5 +++-- 2 files changed, 8 insertions(+), 7 deletions(-) (limited to 'doc') diff --git a/doc/connections.rst b/doc/connections.rst index 1f88f71..236df5b 100644 --- a/doc/connections.rst +++ b/doc/connections.rst @@ -144,11 +144,11 @@ Connections which use setns(2) to enter containers -------------------------------------------------- When the current connection is a Lisp-type connection, connection types which -enter Linux containers, such as ``:SYSTEMD-MACHINED``, invoke the setns(2) -system call directly. The implementation of this is the connection type -``CONSFIGURATOR.CONNECTION.LINUX-NAMESPACE::SETNS``. The implementation of -the ``POST-FORK`` generic for that connection type is structured similarly to -the nsenter(1) command from util-linux. This has the advantage that +enter Linux containers, such as ``:LXC`` and ``:SYSTEMD-MACHINED``, invoke the +setns(2) system call directly. The implementation of this is the connection +type ``CONSFIGURATOR.CONNECTION.LINUX-NAMESPACE::SETNS``. The implementation +of the ``POST-FORK`` generic for that connection type is structured similarly +to the nsenter(1) command from util-linux. This has the advantage that ``CONSFIGURATOR.CONNECTION.LINUX-NAMESPACE::SETNS`` should be reusable for implementing connection types which enter other kinds of Linux container; the container runtime-specific code is limited to determining the PID of the diff --git a/doc/ideas.rst b/doc/ideas.rst index 8ce7fb9..72f02ff 100644 --- a/doc/ideas.rst +++ b/doc/ideas.rst @@ -52,8 +52,9 @@ Core number of hosts. Now that we don't call fork(2) while executing deployments, we ought to be able to do this using threads, and so it can work in the root Lisp too. However, we still use ``WITH-CURRENT-DIRECTORY`` - in various places. Perhaps that macro could be changed to only affect RUN, - MRUN etc. for the sake of enabling multithreading. + in various places, and temporarily set HOME in ``WITH-HOMEDIR``. Perhaps + ``WITH-CURRENT-DIRECTORY`` could be changed to only affect RUN, MRUN + etc. for the sake of enabling multithreading. - It might be useful to have a restart for the case where an attempt is made to apply a list of properties containing some ``:LISP`` properties with a -- cgit v1.2.3