[lxc-devel] [PATCH 1/1] conf.c: if we don't specify a rootfs, we still need proc mounted
Serge Hallyn
serge.hallyn at ubuntu.com
Mon Jun 10 15:55:12 UTC 2013
Quoting Stéphane Graber (stgraber at ubuntu.com):
> Sounds good. Only failure case would be if /proc doesn't exist in the host
> rootfs, but that's pretty unlikely to ever be the case considering the host
> wouldn't be terribly likely to even boot should that be the case.
Yeah it might be worth simply logging and then ignoring the mount
failure. I'll update the patch to do that and then push, thanks.
> Acked-by: Stéphane Graber <stgraber at ubuntu.com>
>
> On Mon, Jun 10, 2013 at 09:34:06AM -0500, Serge Hallyn wrote:
> > otherwise we won't be allowed to set an apparmor context (on pid 1)
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > ---
> > src/lxc/conf.c | 8 +++++---
> > 1 file changed, 5 insertions(+), 3 deletions(-)
> >
> > diff --git a/src/lxc/conf.c b/src/lxc/conf.c
> > index a1aee14..4e3d605 100644
> > --- a/src/lxc/conf.c
> > +++ b/src/lxc/conf.c
> > @@ -2851,9 +2851,11 @@ int lxc_setup(const char *name, struct lxc_conf *lxc_conf)
> > #if HAVE_APPARMOR /* || HAVE_SMACK || HAVE_SELINUX */
> > INFO("rootfs path is .%s., mount is .%s.", lxc_conf->rootfs.path,
> > lxc_conf->rootfs.mount);
> > - if (lxc_conf->rootfs.path == NULL || strlen(lxc_conf->rootfs.path) == 0)
> > - mounted = 0;
> > - else
> > + if (lxc_conf->rootfs.path == NULL || strlen(lxc_conf->rootfs.path) == 0) {
> > + if (mount("proc", "/proc", "proc", 0, NULL))
> > + return -1;
> > + mounted = 1;
> > + } else
> > mounted = lsm_mount_proc_if_needed(lxc_conf->rootfs.path, lxc_conf->rootfs.mount);
> > if (mounted == -1) {
> > SYSERROR("failed to mount /proc in the container.");
> > --
> > 1.7.9.5
> >
> >
> > ------------------------------------------------------------------------------
> > How ServiceNow helps IT people transform IT departments:
> > 1. A cloud service to automate IT design, transition and operations
> > 2. Dashboards that offer high-level views of enterprise services
> > 3. A single system of record for all IT processes
> > http://p.sf.net/sfu/servicenow-d2d-j
> > _______________________________________________
> > Lxc-devel mailing list
> > Lxc-devel at lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/lxc-devel
More information about the lxc-devel
mailing list