Modify getMyIP to cache the local machine's IP address, and
return it without further accessing of the underlying resolver
libraries during subsequent invocations.
getMyIP is called roughly once a second from within monitor_loop
when refreshing CPU utilization in the bottom-right corner of
the GUI window. Other, dedicated CPU usage windows might also
call getMyIP at regular intervals.
With systemd commit cda458a54 (between v232 and v233), the
implementation of gethostbyname4_r() was updated to a more
intransigently standard-compliant error reporting convention,
which in turn causes glibc to retry in a more labor intensive
way (see https://github.com/systemd/systemd/pull/5359).
Under certain circumstances depending on the local hostname
and IP configuration, the glibc/systemd back-end resolver
routines triggered by getMyIP's call to [socket ...] and
[fconfigure ...] end up taking long enough to noticeably slow
down refreshing the main core-gui window, to the point where
interaction with the GUI becomes difficult.
Signed-off-by: Gabriel Somlo <glsomlo@cert.org>
Building compliant RPM packages for Fedora/RHEL/Centos requires all
dependencies to be satisfied via the distribution specific packaging
infrastructure (i.e. rpm + yum|dnf). To ensure that packages correctly
pull in their dependencies (i.e., without relying on side-loaded
software that just happens to be installed on the host where they're
being built), the best practice recommended is to build them in "mock".
E.g.,
rpmbuild -bs core.spec
mock -r fedora-rawhide-x86_64 core-*.src.rpm
This patch modifies the enclosed spec file to correctly list all
other RPM packages required to build and run core-* RPMs.
Note that at the time of this writing the "python-logzero" package
is pending release into the Fedora (26 and newer) repositories:
https://bugzilla.redhat.com/show_bug.cgi?id=1514100
Signed-off-by: Gabriel Somlo <glsomlo@cert.org>
On x86_64, the "core_python_netns" module is installed into ${pyexecdir},
a.k.a. %{python_sitearch}, a.k.a. "/usr/lib64/python2.7/site-packages".
Adding ${pyexecdir} to $PYTHONPATH will prevent the "install" target in
"daemon/src/Makefile" from failing.
Signed-off-by: Gabriel Somlo <glsomlo@cert.org>
Since version 5.0, python modules (e.g. core, corens3, and netns)
are installed as .egg bundles, and are not available for importing
by default, unless explicitly we use "pkg-resources.require()".
Signed-off-by: Gabriel Somlo <glsomlo@cert.org>
The umount method was used to remove private mount points before
tearing down a node. Since non-persistend mount namespaces are
automatically cleaned up by he kernel, this method is now unused.
Signed-off-by: Gabriel Somlo <glsomlo@cert.org>
A node's private mounts are currently removed before killing
vnoded, which makes them unavailable during container service
shutdown. Any such service accessing the filesystem for atexit()
cleanup (e.g., rsyslogd), will do so on the host filesystem
instead, very likely causing unintended damage.
For example, the default behavior of rsyslogd is to remove its
listening socket (/dev/log, or /run/systemd/journal/dev-log) at
shutdown from its atexit() handler. If the node's private '/dev'
or '/run/systemd/journal' mount has already been removed, the
host-side /dev/log or /run/systemd/journal/dev-log sockets will
be removed instead!
Since non-persistent (mount) namespaces are automatically
destroyed by the kernel when the last process referencing them
is killed, we should simply rely on that behavior instead of
explicitly (and prematurely) unmounting a node's private
directories during shutdown.
Signed-off-by: Gabriel Somlo <glsomlo@cert.org>
