New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
vmspawn: open dbus session in VM #32482
vmspawn: open dbus session in VM #32482
Conversation
src/vmspawn/vmspawn.c
Outdated
|
||
(void) sd_event_add_signal(event, NULL, SIGINT | SD_EVENT_SIGNAL_PROCMASK, request_reboot, &ssh_info); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It seems wrong to handle SIGINT as reboot in vmspawn itself. machined is documented to send SIGINT to the container's init process, but that is very different from the container manager. I don't think handling SIGINT in vmspawn as a workaround is going to work.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this is possible using GetUnitByPID(1) then calling KillUnit(<unit of pid 1>, "leader", )
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So I have a pushed a new version which behaves like this, I couldn't get mkosi to build an image in time though so please test this before merging.
",argv4=-o,argv5=IdentityFile=", private_key_path, | ||
",argv6=-p,argv7=", port_str, | ||
",argv8=--", | ||
",argv9=root@vsock/", cid_str, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure we should unconditionally connect as root here
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What would you suggest instead?
My rationale for connecting as root was that we need to get a privileged connection to the system bus so root was required in order to get a privileged connection?
This commit adds the new varlink interface io.systemd.Machine at /run/systemd/machine/io.systemd.Machine with a single method Register It supports all combinations of RegisterMachine[WithSSH,WithNetwork] all under the same method.
Also adds three properties: - VsockCid: the VSOCK CID of the VM - SshAddress: the address of the VM in a format SSH can connect to - SshPrivateKeyPath: the path to the SSH private key to use to connect to the VM. GetMachineSSHInfo is essentially a convenience method to query both the SshAddress and SshPrivateKeyPath properties at once.
701929e
to
bbd1de4
Compare
Important An -rc1 tag has been created and a release is being prepared, so please note that PRs introducing new features and APIs will be held back until the new version has been released. |
bbd1de4
to
3be425e
Compare
Continuing on #32701 |
In order to support rebooting / shutting down the VM nicely we need to be able to talk to D-BUS inside the VM.
This is enabled by constructing a remote D-BUS address manually as the existing sd_bus_set_address_system_remote function does not parse the address correctly.
This PR is based on #32208 the new commits on top of it are the latest 3 commits.
These changes allow vmspawn to support machinectl kill and machinectl reboot without any changes to machinectl.