[lxc-devel] [lxc/master] allow overlay lxc.mount.entry with no rootfs

Wed Feb 3 19:11:44 UTC 2016

A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 430 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20160203/4247ebc2/attachment.bin>
-------------- next part --------------
From f976309678cbb0aec23d9cf0c18f3a015fdac3ec Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at mailbox.org>
Date: Wed, 3 Feb 2016 20:07:57 +0100
Subject: [PATCH] allow overlay lxc.mount.entry with no rootfs

Allow lxc.mount.entry entries for containers without a rootfs.

Signed-off-by: Christian Brauner <christian.brauner at mailbox.org>
---
 src/lxc/bdev/lxcaufs.c    | 40 ++++++++++++++++++++---------------
 src/lxc/bdev/lxcaufs.h    |  3 +++
 src/lxc/bdev/lxcoverlay.c | 54 +++++++++++++++++++++++++++--------------------
 3 files changed, 57 insertions(+), 40 deletions(-)

diff --git a/src/lxc/bdev/lxcaufs.c b/src/lxc/bdev/lxcaufs.c
index 4224ce8..7f311b5 100644
--- a/src/lxc/bdev/lxcaufs.c
+++ b/src/lxc/bdev/lxcaufs.c
@@ -353,6 +353,7 @@ int aufs_mkdir(const struct mntent *mntent, const struct lxc_rootfs *rootfs,
 		const char *lxc_name, const char *lxc_path)
 {
 	char lxcpath[MAXPATHLEN];
+	char *rootfs_path = NULL;
 	char *rootfsdir = NULL;
 	char *scratch = NULL;
 	char *tmp = NULL;
@@ -365,11 +366,9 @@ int aufs_mkdir(const struct mntent *mntent, const struct lxc_rootfs *rootfs,
 	size_t len = 0;
 	size_t rootfslen = 0;
 
-	/* Since we use all of these to check whether the user has given us a
-	 * sane absolute path to create the directories needed for overlay
-	 * lxc.mount.entry entries we consider any of these missing fatal. */
-	if (!rootfs || !rootfs->path || !lxc_name || !lxc_path)
-		goto err;
+	/* When rootfs == NULL we have a container without a rootfs. */
+	if (rootfs && rootfs->path)
+		rootfs_path = rootfs->path;
 
 	opts = lxc_string_split(mntent->mnt_opts, ',');
 	if (opts)
@@ -388,20 +387,27 @@ int aufs_mkdir(const struct mntent *mntent, const struct lxc_rootfs *rootfs,
 	if (!upperdir)
 		goto err;
 
-	ret = snprintf(lxcpath, MAXPATHLEN, "%s/%s", lxc_path, lxc_name);
-	if (ret < 0 || ret >= MAXPATHLEN)
-		goto err;
+	if (rootfs_path) {
+		ret = snprintf(lxcpath, MAXPATHLEN, "%s/%s", lxc_path, lxc_name);
+		if (ret < 0 || ret >= MAXPATHLEN)
+			goto err;
 
-	rootfsdir = aufs_get_rootfs(rootfs->path, &rootfslen);
-	if (!rootfsdir)
-		goto err;
+		rootfsdir = aufs_get_rootfs(rootfs->path, &rootfslen);
+		if (!rootfsdir)
+			goto err;
+	}
 
-	/* We neither allow users to create upperdirs outside the containerdir
-	 * nor inside the rootfs. The latter might be debatable. */
-	if ((strncmp(upperdir, lxcpath, strlen(lxcpath)) == 0) && (strncmp(upperdir, rootfsdir, rootfslen) != 0))
-		if (mkdir_p(upperdir, 0755) < 0) {
-			WARN("Failed to create upperdir");
-		}
+	/*
+	 * We neither allow users to create upperdirs and workdirs outside the
+	 * containerdir nor inside the rootfs. The latter might be debatable.
+	 * When we have a container without a rootfs we skip the checks.
+	 */
+	if (!rootfs_path)
+		ret = mkdir_p(upperdir, 0755);
+	else if ((strncmp(upperdir, lxcpath, strlen(lxcpath)) == 0) && (strncmp(upperdir, rootfsdir, rootfslen) != 0))
+		ret = mkdir_p(upperdir, 0755);
+	if (ret < 0)
+		WARN("Failed to create upperdir");
 
 	fret = 0;
 
diff --git a/src/lxc/bdev/lxcaufs.h b/src/lxc/bdev/lxcaufs.h
index 4746980..fa623f7 100644
--- a/src/lxc/bdev/lxcaufs.h
+++ b/src/lxc/bdev/lxcaufs.h
@@ -42,6 +42,9 @@ struct bdev_specs;
 /* defined conf.h */
 struct lxc_conf;
 
+/* defined in conf.h */
+struct lxc_rootfs;
+
 /*
  * Functions associated with an aufs bdev struct.
  */
diff --git a/src/lxc/bdev/lxcoverlay.c b/src/lxc/bdev/lxcoverlay.c
index d18f062..3227303 100644
--- a/src/lxc/bdev/lxcoverlay.c
+++ b/src/lxc/bdev/lxcoverlay.c
@@ -477,6 +477,7 @@ int ovl_mkdir(const struct mntent *mntent, const struct lxc_rootfs *rootfs,
 	      const char *lxc_name, const char *lxc_path)
 {
 	char lxcpath[MAXPATHLEN];
+	char *rootfs_path = NULL;
 	char *rootfsdir = NULL;
 	char *upperdir = NULL;
 	char *workdir = NULL;
@@ -489,11 +490,9 @@ int ovl_mkdir(const struct mntent *mntent, const struct lxc_rootfs *rootfs,
 	size_t len = 0;
 	size_t rootfslen = 0;
 
-	/* Since we use all of these to check whether the user has given us a
-	 * sane absolute path to create the directories needed for overlay
-	 * lxc.mount.entry entries we consider any of these missing fatal. */
-	if (!rootfs || !rootfs->path || !lxc_name || !lxc_path)
-		goto err;
+	/* When rootfs == NULL we have a container without a rootfs. */
+	if (rootfs && rootfs->path)
+		rootfs_path = rootfs->path;
 
 	opts = lxc_string_split(mntent->mnt_opts, ',');
 	if (opts)
@@ -508,31 +507,40 @@ int ovl_mkdir(const struct mntent *mntent, const struct lxc_rootfs *rootfs,
 			workdir = opts[i] + len;
 	}
 
-	ret = snprintf(lxcpath, MAXPATHLEN, "%s/%s", lxc_path, lxc_name);
-	if (ret < 0 || ret >= MAXPATHLEN)
-		goto err;
+	if (rootfs_path) {
+		ret = snprintf(lxcpath, MAXPATHLEN, "%s/%s", lxc_path, lxc_name);
+		if (ret < 0 || ret >= MAXPATHLEN)
+			goto err;
 
-	rootfsdir = ovl_get_rootfs(rootfs->path, &rootfslen);
-	if (!rootfsdir)
-		goto err;
+		rootfsdir = ovl_get_rootfs(rootfs_path, &rootfslen);
+		if (!rootfsdir)
+			goto err;
 
-	dirlen = strlen(lxcpath);
+		dirlen = strlen(lxcpath);
+	}
 
 	/*
 	 * We neither allow users to create upperdirs and workdirs outside the
 	 * containerdir nor inside the rootfs. The latter might be debatable.
+	 * When we have a container without a rootfs we skip the checks.
 	 */
-	if (upperdir)
-		if ((strncmp(upperdir, lxcpath, dirlen) == 0) && (strncmp(upperdir, rootfsdir, rootfslen) != 0))
-			if (mkdir_p(upperdir, 0755) < 0) {
-				WARN("Failed to create upperdir");
-			}
-
-	if (workdir)
-		if ((strncmp(workdir, lxcpath, dirlen) == 0) && (strncmp(workdir, rootfsdir, rootfslen) != 0))
-			if (mkdir_p(workdir, 0755) < 0) {
-				WARN("Failed to create workdir");
-			}
+	if (upperdir) {
+		if (!rootfs_path)
+			ret = mkdir_p(upperdir, 0755);
+		else if ((strncmp(upperdir, lxcpath, dirlen) == 0) && (strncmp(upperdir, rootfsdir, rootfslen) != 0))
+			ret = mkdir_p(upperdir, 0755);
+		if (ret < 0)
+			WARN("Failed to create upperdir");
+	}
+
+	if (workdir) {
+		if (!rootfs_path)
+			ret = mkdir_p(workdir, 0755);
+		else if ((strncmp(workdir, lxcpath, dirlen) == 0) && (strncmp(workdir, rootfsdir, rootfslen) != 0))
+			ret = mkdir_p(workdir, 0755);
+		if (ret < 0)
+			WARN("Failed to create workdir");
+	}
 
 	fret = 0;
 
