[lxc-devel] [lxc/lxc] d5aa23: add_device_node: act in a chroot
GitHub
noreply at github.com
Fri Feb 7 19:22:05 UTC 2014
Branch: refs/heads/master
Home: https://github.com/lxc/lxc
Commit: d5aa23e662fd9c64bf72df47f74765e5232f0a96
https://github.com/lxc/lxc/commit/d5aa23e662fd9c64bf72df47f74765e5232f0a96
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2014-02-07 (Fri, 07 Feb 2014)
Changed paths:
M src/lxc/lxccontainer.c
Log Message:
-----------
add_device_node: act in a chroot
The goal is to avoid an absolute symlink in the guest redirecting
us to the host's /dev. Thanks to the libvirt team for considering
that possibility!
We want to work on kernels which do not support setns, so we simply
chroot into the container before doing any rm/mknod. If /dev/vda5
is a symlink to /XXX, or /dev is a symlink to /etc, this is now
correctly resolved locally in the chroot.
We would have preferred to use realpath() to check that the resolved
path is not changed, but realpath across /proc/pid/root does not
work as expected.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Acked-by: Stéphane Graber <stgraber at ubuntu.com>
More information about the lxc-devel
mailing list