[lxc-devel] [lxd/master] lxd: do run if we fail to mount shmounts

[hallyn on Github]

A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 632 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20160413/57948b31/attachment.bin>
-------------- next part --------------
From 92b5048dd242bcb2b1e30f0a60012785861219ce Mon Sep 17 00:00:00 2001
From: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: Wed, 13 Apr 2016 18:09:48 +0000
Subject: [PATCH] lxd: do run if we fail to mount shmounts

If a container is setup without security.nesting = true, and someone
runs lxd in that container, we want lxd to run but fail (with clear
error) when starting a container.  Otherwise 'lxc list' and
dpkg-reconfigure lxd will hang forever, with errors going only to
syslog.

Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
---
 lxd/container_lxc.go | 4 ++++
 lxd/daemon.go        | 7 ++++++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go
index 68b25e1..5e64a0a 100644
--- a/lxd/container_lxc.go
+++ b/lxd/container_lxc.go
@@ -1115,6 +1115,10 @@ func (c *containerLXC) Start(stateful bool) error {
 		wgStopping.Wait()
 	}
 
+	if !c.daemon.SharedMounts {
+		return fmt.Errorf("Daemon failed to setup shared mounts")
+	}
+
 	// Run the shared start code
 	configPath, err := c.startCommon()
 	if err != nil {
diff --git a/lxd/daemon.go b/lxd/daemon.go
index 6fc384d..bda6053 100644
--- a/lxd/daemon.go
+++ b/lxd/daemon.go
@@ -81,6 +81,8 @@ type Daemon struct {
 	shutdownChan        chan bool
 	resetAutoUpdateChan chan bool
 	execPath            string
+	// did we manage to setup shared mounts?
+	SharedMounts bool
 
 	Storage storage
 
@@ -761,7 +763,10 @@ func (d *Daemon) Init() error {
 	}
 
 	if err := setupSharedMounts(); err != nil {
-		return err
+		d.SharedMounts = false
+		shared.Log.Error("Error setting up shared mounts base", log.Ctx{"err": err})
+	} else {
+		d.SharedMounts = true
 	}
 
 	if !d.MockMode {