=back
-=item B<destroy> I<domain-id>
+=item B<destroy> [I<OPTIONS>] I<domain-id>
Immediately terminate the domain I<domain-id>. This doesn't give the
domain OS any chance to react, and is the equivalent of ripping the
power cord out on a physical machine. In most cases you will want to
use the B<shutdown> command instead.
+B<OPTIONS>
+
+=over 4
+
+=item I<-f>
+
+Allow domain 0 to be destroyed. Because domain cannot destroy itself, this is
+only possible when using a disaggregated toolstack, and is most useful when
+using a hardware domain separated from domain 0.
+
+=back
+
=item B<domid> I<domain-name>
Converts a domain name to a domain id.
libxl_domain_unpause(ctx, domid);
}
-static void destroy_domain(uint32_t domid)
+static void destroy_domain(uint32_t domid, int force)
{
int rc;
- if (domid == 0) {
- fprintf(stderr, "Cannot destroy privileged domain 0.\n\n");
+ if (domid == 0 && !force) {
+ fprintf(stderr, "Not destroying domain 0; use -f to force.\n"
+ "This can only be done when using a disaggregated "
+ "hardware domain and toolstack.\n\n");
exit(-1);
}
rc = libxl_domain_destroy(ctx, domid, 0);
int main_destroy(int argc, char **argv)
{
int opt;
+ int force = 0;
- SWITCH_FOREACH_OPT(opt, "", NULL, "destroy", 1) {
- /* No options */
+ SWITCH_FOREACH_OPT(opt, "f", NULL, "destroy", 1) {
+ case 'f':
+ force = 1;
+ break;
}
- destroy_domain(find_domain(argv[optind]));
+ destroy_domain(find_domain(argv[optind]), force);
return 0;
}
{ "destroy",
&main_destroy, 0, 1,
"Terminate a domain immediately",
- "<Domain>",
+ "[options] <Domain>\n",
+ "-f Permit destroying domain 0, which will only succeed\n"
+ " when run from disaggregated toolstack domain with a\n"
+ " hardware domain distinct from domain 0."
},
{ "shutdown",
&main_shutdown, 0, 1,
projects / xen.git / commitdiff