[lxc-devel] [PATCH] skip rootfs pinning for unprivileged containers
S.Çağlar Onur
caglar at 10ur.org
Thu Jan 16 05:01:28 UTC 2014
Signed-off-by: S.Çağlar Onur <caglar at 10ur.org>
---
src/lxc/start.c | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/src/lxc/start.c b/src/lxc/start.c
index 6c07e43..fbdfc05 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -782,11 +782,14 @@ static int lxc_spawn(struct lxc_handler *handler)
/*
* if the rootfs is not a blockdev, prevent the container from
* marking it readonly.
+ *
+ * if the container is unprivileged then skip rootfs pinning
*/
-
- handler->pinfd = pin_rootfs(handler->conf->rootfs.path);
- if (handler->pinfd == -1)
- INFO("failed to pin the container's rootfs");
+ if (lxc_list_empty(&handler->conf->id_map)) {
+ handler->pinfd = pin_rootfs(handler->conf->rootfs.path);
+ if (handler->pinfd == -1)
+ INFO("failed to pin the container's rootfs");
+ }
if (preserve_ns(saved_ns_fd, preserve_mask) < 0)
goto out_delete_net;
--
1.8.3.2
More information about the lxc-devel
mailing list