[lxc-devel] [PATCH 1/1] conf.c: if we don't specify a rootfs, we still need proc mounted
Stéphane Graber
stgraber at ubuntu.com
Mon Jun 10 14:59:12 UTC 2013
Sounds good. Only failure case would be if /proc doesn't exist in the host
rootfs, but that's pretty unlikely to ever be the case considering the host
wouldn't be terribly likely to even boot should that be the case.
Acked-by: Stéphane Graber <stgraber at ubuntu.com>
On Mon, Jun 10, 2013 at 09:34:06AM -0500, Serge Hallyn wrote:
> otherwise we won't be allowed to set an apparmor context (on pid 1)
>
> Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> ---
> src/lxc/conf.c | 8 +++++---
> 1 file changed, 5 insertions(+), 3 deletions(-)
>
> diff --git a/src/lxc/conf.c b/src/lxc/conf.c
> index a1aee14..4e3d605 100644
> --- a/src/lxc/conf.c
> +++ b/src/lxc/conf.c
> @@ -2851,9 +2851,11 @@ int lxc_setup(const char *name, struct lxc_conf *lxc_conf)
> #if HAVE_APPARMOR /* || HAVE_SMACK || HAVE_SELINUX */
> INFO("rootfs path is .%s., mount is .%s.", lxc_conf->rootfs.path,
> lxc_conf->rootfs.mount);
> - if (lxc_conf->rootfs.path == NULL || strlen(lxc_conf->rootfs.path) == 0)
> - mounted = 0;
> - else
> + if (lxc_conf->rootfs.path == NULL || strlen(lxc_conf->rootfs.path) == 0) {
> + if (mount("proc", "/proc", "proc", 0, NULL))
> + return -1;
> + mounted = 1;
> + } else
> mounted = lsm_mount_proc_if_needed(lxc_conf->rootfs.path, lxc_conf->rootfs.mount);
> if (mounted == -1) {
> SYSERROR("failed to mount /proc in the container.");
> --
> 1.7.9.5
>
>
> ------------------------------------------------------------------------------
> How ServiceNow helps IT people transform IT departments:
> 1. A cloud service to automate IT design, transition and operations
> 2. Dashboards that offer high-level views of enterprise services
> 3. A single system of record for all IT processes
> http://p.sf.net/sfu/servicenow-d2d-j
> _______________________________________________
> Lxc-devel mailing list
> Lxc-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/lxc-devel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20130610/d4de57fc/attachment.pgp>
More information about the lxc-devel
mailing list