[lxc-devel] [PATCH] [RFC] lxc: don't call pivot_root if / is on a ramfs
Andrey Wagin
avagin at gmail.com
Wed Oct 8 15:26:51 UTC 2014
2014-10-08 18:44 GMT+04:00 Serge Hallyn <serge.hallyn at ubuntu.com>:
> Quoting Andrew Vagin (avagin at gmail.com):
>> Here is an updated patch.
>>
>> Now ct->rootfs is bind-mounted into /, so we don't need to "bind-mount
>> the root onto itself first".
>
> Hm, interesting. I thought MS_MOVE was central to the approach.
mount --rbind ct_rootfs ct_rootfs
mount --move ct_rootfs /
I think these two commands are equivalent to mount --rbind ct_rootfs /
I have read the code once again. rootfs->mount is always a mount
point, because it used with pivot_root. In this case we don't need to
bind-mount it into itselt or into root. But we should not foget about
userns, where this mount is locked and can't be moved to somewhere.
Please, look at the attached patch. I guess it's the final version.
It remount all useless mount as private and contains a comment why we
bind-mount the root instead of moving it.
Thanks.
>
>> What is about "do the turn-into-slave first"? I don't know.
>> remount_all_slave() is called from do_rootfs_setup(). Is it enough?
>
> Probably not, though one would *think* that any machine which has / on
> ramfs doesn't have / ms_shared. Anyway I was thinking
> remount_all_slave() should be called before your new nf.
lxc_setup
do_rootfs_setup()
remount_all_slave()
...
setup_pivot_root
prepare_ramfs_root()
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-RFC-lxc-don-t-call-pivot_root-if-is-on-a-ramfs.patch
Type: text/x-patch
Size: 5934 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20141008/1d4348a6/attachment.bin>
More information about the lxc-devel
mailing list