[lxc-devel] [PATCH] lxc-busybox: check when bind-mounting host libdirs
Serge Hallyn
serge.hallyn at ubuntu.com
Tue May 14 15:29:31 UTC 2013
Quoting Bogdan Purcareata (bogdan.purcareata at freescale.com):
> The patch changes the busybox template behavior to automatically
> mount /lib and /usr/lib. In case one of these folders does not exist,
> starting the container will fail. Also, if there are other lib entries
> on the host - e.g. /usr/lib64 - mount them as well.
>
> Signed-off-by: Bogdan Purcareata <bogdan.purcareata at freescale.com>
Thanks. You're right the first part should be dropped. However
there's no need that I can see for the line you add. The two
lxc.mount.entry = /$dir $dir none ro,bind 0 0
and
lxc.mount.entry = /$dir $rootfs/$dir none ro,bind 0 0
mean the same thing, with the first being preferred as it will work
if you (while high on $drug) decide to back it with a block device :)
Do you mind resending without that line (assuming you agree)? I'll
then ack and push.
> ---
> templates/lxc-busybox.in | 8 +-------
> 1 file changed, 1 insertion(+), 7 deletions(-)
>
> diff --git a/templates/lxc-busybox.in b/templates/lxc-busybox.in
> index cb425ec..49effae 100644
> --- a/templates/lxc-busybox.in
> +++ b/templates/lxc-busybox.in
> @@ -240,13 +240,6 @@ lxc.pts = 1
> #lxc.aa_profile = unconfined
> EOF
>
> -if [ -d "$rootfs/lib" ]; then
> -cat <<EOF >> $path/config
> -lxc.mount.entry = /lib $rootfs/lib none ro,bind 0 0
> -lxc.mount.entry = /usr/lib $rootfs/usr/lib none ro,bind 0 0
> -EOF
> -fi
> -
> libdirs="\
> lib \
> usr/lib \
> @@ -255,6 +248,7 @@ fi
>
> for dir in $libdirs; do
> if [ -d "/$dir" ] && [ -d "$rootfs/$dir" ]; then
> + echo "lxc.mount.entry = /$dir $rootfs/$dir none ro,bind 0 0" >> $path/config
> echo "lxc.mount.entry = /$dir $dir none ro,bind 0 0" >> $path/config
> fi
> done
> --
> 1.7.11.7
>
>
>
> ------------------------------------------------------------------------------
> AlienVault Unified Security Management (USM) platform delivers complete
> security visibility with the essential security capabilities. Easily and
> efficiently configure, manage, and operate all of your security controls
> from a single console and one unified framework. Download a free trial.
> http://p.sf.net/sfu/alienvault_d2d
> _______________________________________________
> Lxc-devel mailing list
> Lxc-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/lxc-devel
More information about the lxc-devel
mailing list