[lxc-devel] [PATCH 1/2] Turn autodev on by default
Stéphane Graber
stgraber at ubuntu.com
Tue Jan 20 23:40:16 UTC 2015
Now that autodev works fine with unprivileged containers and shouldn't
come with any side effect, lets turn it on by default.
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
config/templates/archlinux.common.conf.in | 3 --
config/templates/opensuse.common.conf.in | 3 --
doc/lxc.container.conf.sgml.in | 4 +-
src/lxc/conf.c | 89 +------------------------------
templates/lxc-centos.in | 16 ------
templates/lxc-debian.in | 1 -
templates/lxc-fedora.in | 5 --
templates/lxc-openmandriva.in | 1 -
templates/lxc-oracle.in | 1 -
9 files changed, 3 insertions(+), 120 deletions(-)
diff --git a/config/templates/archlinux.common.conf.in b/config/templates/archlinux.common.conf.in
index 0be1958..8dea976 100644
--- a/config/templates/archlinux.common.conf.in
+++ b/config/templates/archlinux.common.conf.in
@@ -4,9 +4,6 @@ lxc.include = @LXCTEMPLATECONFIG@/common.conf
# Allow for 6 tty devices by default
lxc.tty = 6
-# Turn on autodev for systemd
-lxc.autodev = 1
-
# Disable kmsg
lxc.kmsg = 0
diff --git a/config/templates/opensuse.common.conf.in b/config/templates/opensuse.common.conf.in
index 4026975..b040e95 100644
--- a/config/templates/opensuse.common.conf.in
+++ b/config/templates/opensuse.common.conf.in
@@ -1,9 +1,6 @@
# This derives from the global common config
lxc.include = @LXCTEMPLATECONFIG@/common.conf
-# Enable autodev
-lxc.autodev = 1
-
# Capabilities
# Uncomment these if you don't run anything that needs the capability, and
# would like the container to run with less privilege.
diff --git a/doc/lxc.container.conf.sgml.in b/doc/lxc.container.conf.sgml.in
index 8652373..96d574f 100644
--- a/doc/lxc.container.conf.sgml.in
+++ b/doc/lxc.container.conf.sgml.in
@@ -663,7 +663,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
</term>
<listitem>
<para>
- Set this to 1 to have LXC mount and populate a minimal
+ Set this to 0 to stop LXC from mounting and populating a minimal
<filename>/dev</filename> when starting the container.
</para>
</listitem>
@@ -674,7 +674,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
<refsect2>
<title>Enable kmsg symlink</title>
<para>
- Enable creating /dev/kmsg as symlink to /dev/console. This defaults to 1.
+ Enable creating /dev/kmsg as symlink to /dev/console. This defaults to 1.
</para>
<variablelist>
<varlistentry>
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 0e663e9..f0b2242 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -2504,7 +2504,7 @@ struct lxc_conf *lxc_conf_init(void)
new->loglevel = LXC_LOG_PRIORITY_NOTSET;
new->personality = -1;
- new->autodev = -1;
+ new->autodev = 1;
new->console.log_path = NULL;
new->console.log_fd = -1;
new->console.path = NULL;
@@ -3497,88 +3497,6 @@ int ttys_shift_ids(struct lxc_conf *c)
}
/*
- * This routine is called when the configuration does not already specify a value
- * for autodev (mounting a file system on /dev and populating it in a container).
- * If a hard override value has not be specified, then we try to apply some
- * heuristics to determine if we should switch to autodev mode.
- *
- * For instance, if the container has an /etc/systemd/system directory then it
- * is probably running systemd as the init process and it needs the autodev
- * mount to prevent it from mounting devtmpfs on /dev on it's own causing conflicts
- * in the host.
- *
- * We may also want to enable autodev if the host has devtmpfs mounted on its
- * /dev as this then enable us to use subdirectories under /dev for the container
- * /dev directories and we can fake udev devices.
- */
-struct start_args {
- char *const *argv;
-};
-
-#define MAX_SYMLINK_DEPTH 32
-
-static int check_autodev( const char *rootfs, void *data )
-{
- struct start_args *arg = data;
- int ret;
- int loop_count = 0;
- struct stat s;
- char absrootfs[MAXPATHLEN];
- char path[MAXPATHLEN];
- char abs_path[MAXPATHLEN];
- char *command = "/sbin/init";
-
- if (rootfs == NULL || strlen(rootfs) == 0)
- return -2;
-
- if (!realpath(rootfs, absrootfs))
- return -2;
-
- if( arg && arg->argv[0] ) {
- command = arg->argv[0];
- DEBUG("Set exec command to %s", command );
- }
-
- strncpy( path, command, MAXPATHLEN-1 );
-
- if ( 0 != access(path, F_OK) || 0 != stat(path, &s) )
- return -2;
-
- /* Dereference down the symlink merry path testing as we go. */
- /* If anything references systemd in the path - set autodev! */
- /* Renormalize to the rootfs before each dereference */
- /* Relative symlinks should fall out in the wash even with .. */
- while( 1 ) {
- if ( strstr( path, "systemd" ) ) {
- INFO("Container with systemd init detected - enabling autodev!");
- return 1;
- }
-
- ret = snprintf(abs_path, MAXPATHLEN-1, "%s/%s", absrootfs, path);
- if (ret < 0 || ret > MAXPATHLEN)
- return -2;
-
- ret = readlink( abs_path, path, MAXPATHLEN-1 );
-
- if ( ( ret <= 0 ) || ( ++loop_count > MAX_SYMLINK_DEPTH ) ) {
- break; /* Break out for other tests */
- }
- path[ret] = '\0';
- }
-
- /*
- * Add future checks here.
- * Return positive if we should go autodev
- * Return 0 if we should NOT go autodev
- * Return negative if we encounter an error or can not determine...
- */
-
- /* All else fails, we don't need autodev */
- INFO("Autodev not required.");
- return 0;
-}
-
-/*
* _do_tmp_proc_mount: Mount /proc inside container if not already
* mounted
*
@@ -3793,7 +3711,6 @@ int lxc_setup(struct lxc_handler *handler)
const char *name = handler->name;
struct lxc_conf *lxc_conf = handler->conf;
const char *lxcpath = handler->lxcpath;
- void *data = handler->data;
if (do_rootfs_setup(lxc_conf, name, lxcpath) < 0) {
ERROR("Error setting up rootfs mount after spawn");
@@ -3812,10 +3729,6 @@ int lxc_setup(struct lxc_handler *handler)
return -1;
}
- if (lxc_conf->autodev < 0) {
- lxc_conf->autodev = check_autodev(lxc_conf->rootfs.mount, data);
- }
-
if (lxc_conf->autodev > 0) {
if (mount_autodev(name, lxc_conf->rootfs.mount, lxcpath)) {
ERROR("failed to mount /dev in the container");
diff --git a/templates/lxc-centos.in b/templates/lxc-centos.in
index c2b4db6..fdc307a 100644
--- a/templates/lxc-centos.in
+++ b/templates/lxc-centos.in
@@ -612,8 +612,6 @@ lxc.include = @LXCTEMPLATECONFIG@/centos.common.conf
lxc.arch = $arch
lxc.utsname = $utsname
-lxc.autodev = $auto_dev
-
# When using LXC with apparmor, uncomment the next line to run unconfined:
#lxc.aa_profile = unconfined
@@ -824,20 +822,6 @@ if [ -z "$release" ]; then
fi
fi
-# CentOS 7 and above should run systemd. We need autodev enabled to keep
-# systemd from causing problems.
-#
-# There is some ambiguity here due to the differnce between versioning
-# of point specific releases such as 6.5 and the rolling release 6. We
-# only want the major number here if it's a point release...
-
-mrelease=$(expr $release : '\([0-9]*\)')
-if [ $mrelease -gt 6 ]; then
- auto_dev="1"
-else
- auto_dev="0"
-fi
-
if [ "$(id -u)" != "0" ]; then
echo "This script should be run as 'root'"
exit 1
diff --git a/templates/lxc-debian.in b/templates/lxc-debian.in
index 65093f3..0a3c402 100644
--- a/templates/lxc-debian.in
+++ b/templates/lxc-debian.in
@@ -191,7 +191,6 @@ configure_debian_systemd()
init="$(chroot ${rootfs} dpkg-query --search /sbin/init | cut -d : -f 1)"
if [ "$init" = "systemd-sysv" ]; then
# only appropriate when systemd is PID 1
- echo 'lxc.autodev = 1' >> "$path/config"
echo 'lxc.kmsg = 0' >> "$path/config"
fi
diff --git a/templates/lxc-fedora.in b/templates/lxc-fedora.in
index 210f2e7..36d22c5 100644
--- a/templates/lxc-fedora.in
+++ b/templates/lxc-fedora.in
@@ -1119,13 +1119,8 @@ lxc.include = @LXCTEMPLATECONFIG@/fedora.common.conf
if [ "x$have_systemd" = "x1" ]; then
cat <<EOF >> $config_path/config
-lxc.autodev = 1
lxc.kmsg = 0
EOF
- else
- cat <<EOF >> $config_path/config
-lxc.autodev = 0
-EOF
fi
# Append things which require expansion here...
diff --git a/templates/lxc-openmandriva.in b/templates/lxc-openmandriva.in
index be8023e..46c829d 100644
--- a/templates/lxc-openmandriva.in
+++ b/templates/lxc-openmandriva.in
@@ -229,7 +229,6 @@ copy_configuration()
grep -q "^lxc.rootfs" $config_path/config 2>/dev/null || echo "lxc.rootfs = $rootfs_path" >> $config_path/config
cat <<EOF >> $config_path/config
lxc.utsname = $name
-lxc.autodev = 1
lxc.tty = 4
lxc.pts = 1024
lxc.mount = $config_path/fstab
diff --git a/templates/lxc-oracle.in b/templates/lxc-oracle.in
index 1f65d4c..8ec02da 100644
--- a/templates/lxc-oracle.in
+++ b/templates/lxc-oracle.in
@@ -482,7 +482,6 @@ EOF
# don't create kmsg symlink as it causes journald to use 100% cpu
if [ $container_release_major = "7" ]; then
- echo "lxc.autodev = 1" >>$cfg_dir/config
echo "lxc.kmsg = 0" >>$cfg_dir/config
fi
--
1.9.1
More information about the lxc-devel
mailing list