[lxc-devel] Permission of /dev/null to 0600 when booting daemon mode without logging
Daniel Lezcano
daniel.lezcano at free.fr
Sun Jan 31 22:07:24 UTC 2010
Ryousei Takano wrote:
> Hi daniel and all,
>
> I have ran the CentOS 5 container on the CentOS 5. When lxc-start executes with daemon mode
> and without logging, the permission of /dev/null on the host OS changes from 0666 to 0600.
>
> I guess it is because lxc uses bind mount due to remap from /dev/console to /dev/null with daemon
> mode. The container OS changes the permission of /dev/console at its boot process, and then it
> influences /dev/null on the host OS.
>
> I do not know whether this problem occurs on the other distros.
>
> Here is a simple reproduction code:
>
> #include <stdio.h>
> #include <unistd.h>
> #include <sys/mount.h>
>
> int
> main()
> {
> /* [LXC] setup_console (lxc/conf.c) */
> if (mount("/dev/null", "/dev/console", "none", MS_BIND, 0)) { /* (1) */
> perror("mount");
> return -1;
> }
> /* [CentOS] ??? */
> if (chmod("/dev/console", 0600)) { /* (2) */
> perror("chmod");
> return -1;
> }
> if (umount("/dev/console")) {
> perror("umount");
> return -1;
> }
> return 0;
> }
>
> Any comments and suggestions will be welcome.
Yeah, I will rewrite the console, it sucks.
I had in mind to allocate a pty and bind mount the client side to the
console and then proxy the master to the controlling tty or another fd
if specified in the command line (file, fifo, socket, etc ...).
I rewrote a part of the lxc-console to implement a couple of functions
to be reused.
More information about the lxc-devel
mailing list