[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[Libguestfs] [REVIEW ONLY] Ensure atomic creation of a cached appliance



Cached appliances are discovered by their predictable path. Previously we were
creating a cached appliance directly in this predictable path. This had at least
2 undesirable effects:

* Interrupting appliance creation would leave a corrupt appliance
* 2 processes could simultaneously attempt to create the same appliance, causing
  corruption.

This patch causes the cached appliance to be created in a temporary directory,
and then renamed to the predictable path. As rename is an atomic operation, this
makes the whole creation atomic.

This patch also changes the predictable path to have a prefix of 'guestfs.'.
This will make it simpler for system administrators to clean up old cached
appliances.

Note that this version of the patch doesn't cleanup the temporary directory of a
guestfs process which didn't win an appliance creation race.
---
 regressions/test-launch-race.pl |   53 +++++++++++++++++++++++++++++++++++++++
 src/appliance.c                 |   49 ++++++++++++++++++++++++++---------
 2 files changed, 89 insertions(+), 13 deletions(-)
 create mode 100755 regressions/test-launch-race.pl

diff --git a/regressions/test-launch-race.pl b/regressions/test-launch-race.pl
new file mode 100755
index 0000000..b9e8e52
--- /dev/null
+++ b/regressions/test-launch-race.pl
@@ -0,0 +1,53 @@
+#!/usr/bin/perl
+# Copyright (C) 2010 Red Hat Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+# Test that 2 simultaneous launches in a clean cache directory will both succeed
+
+use strict;
+use warnings;
+
+use File::Temp qw(tempdir);
+use POSIX;
+
+use Sys::Guestfs;
+
+# Use a temporary TMPDIR to ensure it's clean
+my $tmpdir = tempdir (CLEANUP => 1);
+$ENV{TMPDIR} = $tmpdir;
+
+my $testimg = $tmpdir.'/test.img';
+system("touch $testimg");
+
+my $pid = fork();
+die("fork failed: $!") if ($pid < 0);
+
+if ($pid > 0) {
+    my $g = Sys::Guestfs->new();
+    $g->add_drive($testimg);
+    $g->launch();
+    _exit(0);
+}
+
+my $g = Sys::Guestfs->new();
+$g->add_drive($testimg);
+$g->launch();
+$g = undef;
+
+waitpid($pid, 0);
+die ("child failed") unless ($? == 0);
+
+system("ls -l $tmpdir");
diff --git a/src/appliance.c b/src/appliance.c
index 8b1630e..9fce3e6 100644
--- a/src/appliance.c
+++ b/src/appliance.c
@@ -18,6 +18,7 @@
 
 #include <config.h>
 
+#include <errno.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <stdarg.h>
@@ -240,9 +241,9 @@ check_for_cached_appliance (guestfs_h *g,
 {
   const char *tmpdir = guestfs_tmpdir ();
 
-  size_t len = strlen (tmpdir) + strlen (checksum) + 2;
+  size_t len = strlen (tmpdir) + strlen (checksum) + 10;
   char cachedir[len];
-  snprintf (cachedir, len, "%s/%s", tmpdir, checksum);
+  snprintf (cachedir, len, "%s/guestfs.%s", tmpdir, checksum);
 
   /* Touch the directory to prevent it being deleting in a rare race
    * between us doing the checks and a tmp cleaner running.  Note this
@@ -333,28 +334,50 @@ build_supermin_appliance (guestfs_h *g,
     guestfs___print_timestamped_message (g, "begin building supermin appliance");
 
   const char *tmpdir = guestfs_tmpdir ();
-  size_t cdlen = strlen (tmpdir) + strlen (checksum) + 2;
-  char cachedir[cdlen];
-  snprintf (cachedir, cdlen, "%s/%s", tmpdir, checksum);
 
-  /* Don't worry about this failing, because the
-   * febootstrap-supermin-helper command will fail if the directory
-   * doesn't exist.  Note the directory might already exist, eg. if a
-   * tmp cleaner has removed the existing appliance but not the
-   * directory itself.
-   */
-  (void) mkdir (cachedir, 0755);
+  size_t tmpcdlen = strlen (tmpdir) + 18;
+  char tmpcd[tmpcdlen];
+  snprintf (tmpcd, tmpcdlen, "%s/guestfs.XXXXXXXX", tmpdir);
+
+  if (NULL == mkdtemp (tmpcd)) {
+    error (g, _("failed to create temporary cache directory: %m"));
+    return -1;
+  }
 
   if (g->verbose)
     guestfs___print_timestamped_message (g, "run febootstrap-supermin-helper");
 
-  int r = run_supermin_helper (g, supermin_path, cachedir, cdlen);
+  int r = run_supermin_helper (g, supermin_path, tmpcd, tmpcdlen);
   if (r == -1)
     return -1;
 
   if (g->verbose)
     guestfs___print_timestamped_message (g, "finished building supermin appliance");
 
+  size_t cdlen = strlen (tmpdir) + strlen (checksum) + 10;
+  char cachedir[cdlen];
+  snprintf (cachedir, cdlen, "%s/guestfs.%s", tmpdir, checksum);
+
+  /* Make the temporary directory world readable */
+  if (chmod (tmpcd, 0755) == -1) {
+    error (g, _("error changing permissions on temporary cache directory: %m"));
+  }
+
+  /* Try to rename the temporary directory to its non-temporary name */
+  if (rename (tmpcd, cachedir) == -1) {
+    /* If the cache directory now exists, we may have been racing with another
+     * libguestfs process. Check the new directory and use it if it's valid. */
+    if (errno == ENOTEMPTY || errno == EEXIST) {
+      return check_for_cached_appliance (g, supermin_path, checksum,
+                                         kernel, initrd, appliance);
+    }
+
+    else {
+      error (g, _("error renaming temporary cache directory: %m"));
+      return -1;
+    }
+  }
+
   *kernel = safe_malloc (g, cdlen + 8 /* / + "kernel" + \0 */);
   *initrd = safe_malloc (g, cdlen + 8 /* / + "initrd" + \0 */);
   *appliance = safe_malloc (g, cdlen + 6 /* / + "root" + \0 */);

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]