[lxc-devel] [PATCH] overlayfs_clone: rsync the mounted rootfs
Stéphane Graber
stgraber at ubuntu.com
Mon Sep 21 15:38:11 UTC 2015
On Thu, Sep 17, 2015 at 05:26:12PM +0000, Serge Hallyn wrote:
> Closes #655
>
> We can't rsync the delta as unpriv user because we can't create
> the chardevs representing a whiteout. We can however rsync the
> rootfs and have the kernel create the whiteouts for us.
>
> do_rsync: pass --delete
>
> Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> ---
> src/lxc/bdev.c | 84 ++++++++++++++++++++++++++++++++++++++++++++++++----------
> 1 file changed, 70 insertions(+), 14 deletions(-)
>
> diff --git a/src/lxc/bdev.c b/src/lxc/bdev.c
> index ada3958..1694adb 100644
> --- a/src/lxc/bdev.c
> +++ b/src/lxc/bdev.c
> @@ -72,6 +72,11 @@
>
> lxc_log_define(bdev, lxc);
>
> +struct ovl_rsync_data {
> + struct bdev *orig;
> + struct bdev *new;
> +};
> +
> struct rsync_data_char {
> char *src;
> char *dest;
> @@ -98,7 +103,7 @@ static int do_rsync(const char *src, const char *dest)
> s[l-2] = '/';
> s[l-1] = '\0';
>
> - execlp("rsync", "rsync", "-aHX", s, dest, (char *)NULL);
> + execlp("rsync", "rsync", "-aHX", "--delete", s, dest, (char *)NULL);
> exit(1);
> }
>
> @@ -2328,6 +2333,68 @@ static int rsync_delta_wrapper(void *data)
> return rsync_delta(arg);
> }
>
> +static int ovl_rsync(struct ovl_rsync_data *data)
> +{
> + if (setgid(0) < 0) {
> + ERROR("Failed to setgid to 0");
> + return -1;
> + }
> + if (setgroups(0, NULL) < 0)
> + WARN("Failed to clear groups");
> + if (setuid(0) < 0) {
> + ERROR("Failed to setuid to 0");
> + return -1;
> + }
> +
> + if (unshare(CLONE_NEWNS) < 0) {
> + SYSERROR("Unable to unshare mounts ns");
> + return -1;
> + }
> + if (detect_shared_rootfs()) {
> + if (mount(NULL, "/", NULL, MS_SLAVE|MS_REC, NULL)) {
> + SYSERROR("Failed to make / rslave");
> + ERROR("Continuing...");
> + }
> + }
> + if (overlayfs_mount(data->orig) < 0) {
> + ERROR("Failed mounting original container fs");
> + return -1;
> + }
> + if (overlayfs_mount(data->new) < 0) {
> + ERROR("Failed mounting new container fs");
> + return -1;
> + }
> + if (do_rsync(data->orig->dest, data->new->dest) < 0) {
> + ERROR("rsyncing %s to %s", data->orig->dest, data->new->dest);
> + return -1;
> + }
> +
> + return 0;
> +}
> +
> +static int ovl_rsync_wrapper(void *data)
> +{
> + struct ovl_rsync_data *arg = data;
> + return ovl_rsync(arg);
> +}
> +
> +static int ovl_do_rsync(struct bdev *orig, struct bdev *new, struct lxc_conf *conf)
> +{
> + int ret = -1;
> + struct ovl_rsync_data rdata;
> +
> + rdata.orig = orig;
> + rdata.new = new;
> + if (am_unpriv())
> + ret = userns_exec_1(conf, ovl_rsync_wrapper, &rdata);
> + else
> + ret = ovl_rsync(&rdata);
> + if (ret)
> + ERROR("copying overlayfs delta");
> +
> + return ret;
> +}
> +
> static int overlayfs_clonepaths(struct bdev *orig, struct bdev *new, const char *oldname,
> const char *cname, const char *oldpath, const char *lxcpath, int snap,
> uint64_t newsize, struct lxc_conf *conf)
> @@ -2460,19 +2527,6 @@ static int overlayfs_clonepaths(struct bdev *orig, struct bdev *new, const char
> WARN("Failed to update ownership of %s", work);
> free(work);
>
> - struct rsync_data_char rdata;
> - rdata.src = odelta;
> - rdata.dest = ndelta;
> - if (am_unpriv())
> - ret = userns_exec_1(conf, rsync_delta_wrapper, &rdata);
> - else
> - ret = rsync_delta(&rdata);
> - if (ret) {
> - free(osrc);
> - free(ndelta);
> - ERROR("copying overlayfs delta");
> - return -1;
> - }
> len = strlen(nsrc) + strlen(ndelta) + 12;
> new->src = malloc(len);
> if (!new->src) {
> @@ -2485,6 +2539,8 @@ static int overlayfs_clonepaths(struct bdev *orig, struct bdev *new, const char
> free(ndelta);
> if (ret < 0 || ret >= len)
> return -ENOMEM;
> +
> + return ovl_do_rsync(orig, new, conf);
> } else {
> ERROR("overlayfs clone of %s container is not yet supported",
> orig->type);
> --
> 2.5.0
>
> _______________________________________________
> lxc-devel mailing list
> lxc-devel at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-devel
--
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20150921/2622ef0f/attachment-0001.sig>
More information about the lxc-devel
mailing list