vmspawn: open dbus session in VM #32482
Conversation
github-actions
bot
added
the
please-review
src/vmspawn/vmspawn.c
Outdated
|
|
||
| (void) sd_event_add_signal(event, NULL, SIGINT | SD_EVENT_SIGNAL_PROCMASK, request_reboot, &ssh_info); |
There was a problem hiding this comment.
It seems wrong to handle SIGINT as reboot in vmspawn itself. machined is documented to send SIGINT to the container's init process, but that is very different from the container manager. I don't think handling SIGINT in vmspawn as a workaround is going to work.
There was a problem hiding this comment.
I think this is possible using GetUnitByPID(1) then calling KillUnit(<unit of pid 1>, "leader", )
There was a problem hiding this comment.
So I have a pushed a new version which behaves like this, I couldn't get mkosi to build an image in time though so please test this before merging.
| ",argv4=-o,argv5=IdentityFile=", private_key_path, | ||
| ",argv6=-p,argv7=", port_str, | ||
| ",argv8=--", | ||
| ",argv9=root@vsock/", cid_str, |
There was a problem hiding this comment.
I'm not sure we should unconditionally connect as root here
There was a problem hiding this comment.
What would you suggest instead?
My rationale for connecting as root was that we need to get a privileged connection to the system bus so root was required in order to get a privileged connection?
This commit adds the new varlink interface io.systemd.Machine at /run/systemd/machine/io.systemd.Machine with a single method Register It supports all combinations of RegisterMachine[WithSSH,WithNetwork] all under the same method.
Also adds three properties: - VsockCid: the VSOCK CID of the VM - SshAddress: the address of the VM in a format SSH can connect to - SshPrivateKeyPath: the path to the SSH private key to use to connect to the VM. GetMachineSSHInfo is essentially a convenience method to query both the SshAddress and SshPrivateKeyPath properties at once.
sam-leonard-ct
force-pushed
the
vmspawn/open-machine-dbus-session
branch
from
701929e
to
bbd1de4
Compare
|
Important An -rc1 tag has been created and a release is being prepared, so please note that PRs introducing new features and APIs will be held back until the new version has been released. |
sam-leonard-ct
force-pushed
the
vmspawn/open-machine-dbus-session
branch
from
bbd1de4
to
3be425e
Compare
bluca
added
replaced-by-newer-pr
and removed
please-review
|
Continuing on #32701 |
In order to support rebooting / shutting down the VM nicely we need to be able to talk to D-BUS inside the VM.
This is enabled by constructing a remote D-BUS address manually as the existing sd_bus_set_address_system_remote function does not parse the address correctly.
This PR is based on #32208 the new commits on top of it are the latest 3 commits.
These changes allow vmspawn to support machinectl kill and machinectl reboot without any changes to machinectl.