[lxc-devel] [lxc/master] conf: NOTICE() on mounts on container's /dev
brauner on Github
lxc-bot at linuxcontainers.org
Tue Aug 1 23:32:09 UTC 2017
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 364 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20170801/b39f0572/attachment.bin>
-------------- next part --------------
From 1ae3c19f4775a4a124d39c99f21674bb4ab53440 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 1 Aug 2017 22:00:44 +0200
Subject: [PATCH 01/18] conf: mount_file_entries()
non-functional changes
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/conf.c | 32 ++++++++++++--------------------
1 file changed, 12 insertions(+), 20 deletions(-)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 25d29c20a..016114b83 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1989,35 +1989,27 @@ static int mount_entry_on_relative_rootfs(struct mntent *mntent,
}
static int mount_file_entries(const struct lxc_rootfs *rootfs, FILE *file,
- const char *lxc_name, const char *lxc_path)
+ const char *lxc_name, const char *lxc_path)
{
struct mntent mntent;
char buf[4096];
int ret = -1;
while (getmntent_r(file, &mntent, buf, sizeof(buf))) {
-
- if (!rootfs->path) {
- if (mount_entry_on_systemfs(&mntent))
- goto out;
- continue;
- }
-
- /* We have a separate root, mounts are relative to it */
- if (mntent.mnt_dir[0] != '/') {
- if (mount_entry_on_relative_rootfs(&mntent, rootfs, lxc_name, lxc_path))
- goto out;
- continue;
- }
-
- if (mount_entry_on_absolute_rootfs(&mntent, rootfs, lxc_name, lxc_path))
- goto out;
+ if (!rootfs->path)
+ ret = mount_entry_on_systemfs(&mntent);
+ else if (mntent.mnt_dir[0] != '/')
+ ret = mount_entry_on_relative_rootfs(&mntent, rootfs,
+ lxc_name, lxc_path);
+ else
+ ret = mount_entry_on_absolute_rootfs(&mntent, rootfs,
+ lxc_name, lxc_path);
+ if (ret < 0)
+ return -1;
}
-
ret = 0;
- INFO("mount points have been setup");
-out:
+ INFO("Set up mount entries");
return ret;
}
From 42dff448189dc26970eaf6ad4c4f6e5acd0b8aa4 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 1 Aug 2017 22:03:14 +0200
Subject: [PATCH 02/18] conf: setup_mount()
non-functional changes
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/conf.c | 16 +++++++++-------
1 file changed, 9 insertions(+), 7 deletions(-)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 016114b83..e301a72a5 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -2014,23 +2014,25 @@ static int mount_file_entries(const struct lxc_rootfs *rootfs, FILE *file,
}
static int setup_mount(const struct lxc_rootfs *rootfs, const char *fstab,
- const char *lxc_name, const char *lxc_path)
+ const char *lxc_name, const char *lxc_path)
{
- FILE *file;
+ FILE *f;
int ret;
if (!fstab)
return 0;
- file = setmntent(fstab, "r");
- if (!file) {
- SYSERROR("failed to use '%s'", fstab);
+ f = setmntent(fstab, "r");
+ if (!f) {
+ SYSERROR("Failed to open \"%s\"", fstab);
return -1;
}
- ret = mount_file_entries(rootfs, file, lxc_name, lxc_path);
+ ret = mount_file_entries(rootfs, f, lxc_name, lxc_path);
+ if (ret < 0)
+ ERROR("Failed to set up mount entries");
- endmntent(file);
+ endmntent(f);
return ret;
}
From 6bd0414042858ccaa5ab2ea6169b411bff9258f9 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 1 Aug 2017 22:07:10 +0200
Subject: [PATCH 03/18] conf: make_anonymous_mount_file()
non-functional changes
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/conf.c | 25 ++++++++++++++-----------
1 file changed, 14 insertions(+), 11 deletions(-)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index e301a72a5..dd2b28cae 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -2041,39 +2041,42 @@ FILE *make_anonymous_mount_file(struct lxc_list *mount)
int ret;
char *mount_entry;
struct lxc_list *iterator;
- FILE *file;
+ FILE *f;
int fd = -1;
fd = memfd_create("lxc_mount_file", MFD_CLOEXEC);
if (fd < 0) {
if (errno != ENOSYS)
return NULL;
- file = tmpfile();
+ f = tmpfile();
+ TRACE("Created temporary mount file");
} else {
- file = fdopen(fd, "r+");
+ f = fdopen(fd, "r+");
+ TRACE("Created anonymous mount file");
}
- if (!file) {
- int saved_errno = errno;
+ if (!f) {
+ SYSERROR("Could not create mount file");
if (fd != -1)
close(fd);
- ERROR("Could not create mount entry file: %s.", strerror(saved_errno));
return NULL;
}
lxc_list_for_each(iterator, mount) {
mount_entry = iterator->elem;
- ret = fprintf(file, "%s\n", mount_entry);
+ ret = fprintf(f, "%s\n", mount_entry);
if (ret < strlen(mount_entry))
- WARN("Could not write mount entry to anonymous mount file.");
+ WARN("Could not write mount entry to mount file");
}
- if (fseek(file, 0, SEEK_SET) < 0) {
- fclose(file);
+ ret = fseek(f, 0, SEEK_SET);
+ if (ret < 0) {
+ SYSERROR("Failed to seek mount file");
+ fclose(f);
return NULL;
}
- return file;
+ return f;
}
static int setup_mount_entries(const struct lxc_rootfs *rootfs,
From 19b5d7557baeb0483da26521f41ddb57b8dc8d78 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 1 Aug 2017 22:11:32 +0200
Subject: [PATCH 04/18] conf: setup_mount_entries()
non-functional changes
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/conf.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index dd2b28cae..2ee050265 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -2083,16 +2083,16 @@ static int setup_mount_entries(const struct lxc_rootfs *rootfs,
struct lxc_list *mount, const char *lxc_name,
const char *lxc_path)
{
- FILE *file;
+ FILE *f;
int ret;
- file = make_anonymous_mount_file(mount);
- if (!file)
+ f = make_anonymous_mount_file(mount);
+ if (!f)
return -1;
- ret = mount_file_entries(rootfs, file, lxc_name, lxc_path);
+ ret = mount_file_entries(rootfs, f, lxc_name, lxc_path);
- fclose(file);
+ fclose(f);
return ret;
}
From bdd2b34c4147b663ffa6dc62089233d11e6ec66e Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 1 Aug 2017 22:14:48 +0200
Subject: [PATCH 05/18] conf: mount_entry_on_absolute_rootfs()
non-functional changes
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/conf.c | 28 ++++++++++++----------------
1 file changed, 12 insertions(+), 16 deletions(-)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 2ee050265..ce9507e99 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1927,21 +1927,21 @@ static int mount_entry_on_absolute_rootfs(struct mntent *mntent,
const char *lxc_name,
const char *lxc_path)
{
+ int offset;
char *aux;
- char path[MAXPATHLEN];
- int r, ret = 0, offset;
const char *lxcpath;
+ char path[MAXPATHLEN];
+ int ret = 0;
lxcpath = lxc_global_config_value("lxc.lxcpath");
- if (!lxcpath) {
- ERROR("Out of memory");
+ if (!lxcpath)
return -1;
- }
- /* if rootfs->path is a blockdev path, allow container fstab to
- * use $lxcpath/CN/rootfs as the target prefix */
- r = snprintf(path, MAXPATHLEN, "%s/%s/rootfs", lxcpath, lxc_name);
- if (r < 0 || r >= MAXPATHLEN)
+ /* If rootfs->path is a blockdev path, allow container fstab to use
+ * <lxcpath>/<name>/rootfs" as the target prefix.
+ */
+ ret = snprintf(path, MAXPATHLEN, "%s/%s/rootfs", lxcpath, lxc_name);
+ if (ret < 0 || ret >= MAXPATHLEN)
goto skipvarlib;
aux = strstr(mntent->mnt_dir, path);
@@ -1953,19 +1953,15 @@ static int mount_entry_on_absolute_rootfs(struct mntent *mntent,
skipvarlib:
aux = strstr(mntent->mnt_dir, rootfs->path);
if (!aux) {
- WARN("ignoring mount point '%s'", mntent->mnt_dir);
+ WARN("Ignoring mount point \"%s\"", mntent->mnt_dir);
return ret;
}
offset = strlen(rootfs->path);
skipabs:
-
- r = snprintf(path, MAXPATHLEN, "%s/%s", rootfs->mount,
- aux + offset);
- if (r < 0 || r >= MAXPATHLEN) {
- WARN("pathnme too long for '%s'", mntent->mnt_dir);
+ ret = snprintf(path, MAXPATHLEN, "%s/%s", rootfs->mount, aux + offset);
+ if (ret < 0 || ret >= MAXPATHLEN)
return -1;
- }
return mount_entry_on_generic(mntent, path, rootfs, lxc_name, lxc_path);
}
From 07667a6a1858f76af981d9cca707bce6a2b5d2d9 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 1 Aug 2017 22:15:56 +0200
Subject: [PATCH 06/18] conf: mount_entry_on_systemfs()
non-functional changes
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/conf.c | 10 ++++------
1 file changed, 4 insertions(+), 6 deletions(-)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index ce9507e99..f9ed38c33 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1904,20 +1904,18 @@ static inline int mount_entry_on_generic(struct mntent *mntent,
static inline int mount_entry_on_systemfs(struct mntent *mntent)
{
- char path[MAXPATHLEN];
int ret;
+ char path[MAXPATHLEN];
/* For containers created without a rootfs all mounts are treated as
- * absolute paths starting at / on the host. */
+ * absolute paths starting at / on the host.
+ */
if (mntent->mnt_dir[0] != '/')
ret = snprintf(path, sizeof(path), "/%s", mntent->mnt_dir);
else
ret = snprintf(path, sizeof(path), "%s", mntent->mnt_dir);
-
- if (ret < 0 || ret >= sizeof(path)) {
- ERROR("path name too long");
+ if (ret < 0 || ret >= sizeof(path))
return -1;
- }
return mount_entry_on_generic(mntent, path, NULL, NULL, NULL);
}
From d8b712bc61cb06f808bbf0d77da210c24eba8af8 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 1 Aug 2017 22:18:38 +0200
Subject: [PATCH 07/18] conf: mount_entry_on_generic()
non-functional changes
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/conf.c | 32 +++++++++++++++++++-------------
1 file changed, 19 insertions(+), 13 deletions(-)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index f9ed38c33..c5c056cb7 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1870,30 +1870,36 @@ static int mount_entry_create_dir_file(const struct mntent *mntent,
/* rootfs, lxc_name, and lxc_path can be NULL when the container is created
* without a rootfs. */
static inline int mount_entry_on_generic(struct mntent *mntent,
- const char* path, const struct lxc_rootfs *rootfs,
- const char *lxc_name, const char *lxc_path)
+ const char *path,
+ const struct lxc_rootfs *rootfs,
+ const char *lxc_name,
+ const char *lxc_path)
{
+ int ret;
unsigned long mntflags;
char *mntdata;
- int ret;
- bool optional = hasmntopt(mntent, "optional") != NULL;
- bool dev = hasmntopt(mntent, "dev") != NULL;
-
+ bool dev, optional;
char *rootfs_path = NULL;
+
+ optional = hasmntopt(mntent, "optional") != NULL;
+ dev = hasmntopt(mntent, "dev") != NULL;
+
if (rootfs && rootfs->path)
rootfs_path = rootfs->mount;
- ret = mount_entry_create_dir_file(mntent, path, rootfs, lxc_name, lxc_path);
-
- if (ret < 0)
- return optional ? 0 : -1;
+ ret = mount_entry_create_dir_file(mntent, path, rootfs, lxc_name,
+ lxc_path);
+ if (ret < 0) {
+ if (optional)
+ return 0;
+ return -1;
+ }
cull_mntent_opt(mntent);
- if (parse_mntopts(mntent->mnt_opts, &mntflags, &mntdata) < 0) {
- free(mntdata);
+ ret = parse_mntopts(mntent->mnt_opts, &mntflags, &mntdata);
+ if (ret < 0)
return -1;
- }
ret = mount_entry(mntent->mnt_fsname, path, mntent->mnt_type, mntflags,
mntdata, optional, dev, rootfs_path);
From 2c4edd7d755e0bbe9660f074a6b62eda82dd76fe Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 1 Aug 2017 22:35:29 +0200
Subject: [PATCH 08/18] conf: mount_entry_create_dir_file()
bugfixes
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/conf.c | 64 +++++++++++++++++++++++++++++++++-------------------------
1 file changed, 36 insertions(+), 28 deletions(-)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index c5c056cb7..aaf43ec56 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1827,44 +1827,52 @@ static void cull_mntent_opt(struct mntent *mntent)
}
static int mount_entry_create_dir_file(const struct mntent *mntent,
- const char* path, const struct lxc_rootfs *rootfs,
- const char *lxc_name, const char *lxc_path)
+ const char *path,
+ const struct lxc_rootfs *rootfs,
+ const char *lxc_name,
+ const char *lxc_path)
{
- char *pathdirname = NULL;
- int ret = 0;
- FILE *pathfile = NULL;
+ int ret;
- if (strncmp(mntent->mnt_type, "overlay", 7) == 0) {
- if (ovl_mkdir(mntent, rootfs, lxc_name, lxc_path) < 0)
- return -1;
- } else if (strncmp(mntent->mnt_type, "aufs", 4) == 0) {
- if (aufs_mkdir(mntent, rootfs, lxc_name, lxc_path) < 0)
- return -1;
- }
+ if (!strncmp(mntent->mnt_type, "overlay", 7))
+ ret = ovl_mkdir(mntent, rootfs, lxc_name, lxc_path);
+ else if (!strncmp(mntent->mnt_type, "aufs", 4))
+ ret = aufs_mkdir(mntent, rootfs, lxc_name, lxc_path);
+ if (ret < 0)
+ return -1;
if (hasmntopt(mntent, "create=dir")) {
- if (mkdir_p(path, 0755) < 0) {
- WARN("Failed to create mount target '%s'", path);
- ret = -1;
+ ret = mkdir_p(path, 0755);
+ if (ret < 0 && errno != EEXIST) {
+ SYSERROR("Failed to create directory \"%s\"", path);
+ return -1;
}
}
if (hasmntopt(mntent, "create=file") && access(path, F_OK)) {
- pathdirname = strdup(path);
- pathdirname = dirname(pathdirname);
- if (mkdir_p(pathdirname, 0755) < 0) {
- WARN("Failed to create target directory");
- }
- pathfile = fopen(path, "wb");
- if (!pathfile) {
- WARN("Failed to create mount target '%s'", path);
- ret = -1;
- } else {
- fclose(pathfile);
+ int fd;
+ char *p1, *p2;
+
+ p1 = strdup(path);
+ if (!p1)
+ return -1;
+
+ p2 = dirname(p1);
+
+ ret = mkdir_p(p2, 0755);
+ free(p1);
+ if (ret < 0 && errno != EEXIST) {
+ SYSERROR("Failed to create directory \"%s\"", path);
+ return -1;
}
+
+ fd = open(path, O_CREAT, 0644);
+ if (fd < 0)
+ return -1;
+ close(fd);
}
- free(pathdirname);
- return ret;
+
+ return 0;
}
/* rootfs, lxc_name, and lxc_path can be NULL when the container is created
From 6b9293de1089d45de0bb53cc30209956faff1238 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 1 Aug 2017 22:38:44 +0200
Subject: [PATCH 09/18] conf: cull_mntent_opt()
non-functional changes
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/conf.c | 23 +++++++++++------------
1 file changed, 11 insertions(+), 12 deletions(-)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index aaf43ec56..f31ab7fd8 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1801,28 +1801,27 @@ static int mount_entry(const char *fsname, const char *target,
return 0;
}
-/*
- * Remove 'optional', 'create=dir', and 'create=file' from mntopt
- */
+/* Remove "optional", "create=dir", and "create=file" from mntopt */
static void cull_mntent_opt(struct mntent *mntent)
{
int i;
- char *p, *p2;
- char *list[] = {"create=dir",
- "create=file",
- "optional",
- NULL };
-
- for (i=0; list[i]; i++) {
- if (!(p = strstr(mntent->mnt_opts, list[i])))
+ char *list[] = {"create=dir", "create=file", "optional", NULL};
+
+ for (i = 0; list[i]; i++) {
+ char *p, *p2;
+
+ p = strstr(mntent->mnt_opts, list[i]);
+ if (!p)
continue;
+
p2 = strchr(p, ',');
if (!p2) {
/* no more mntopts, so just chop it here */
*p = '\0';
continue;
}
- memmove(p, p2+1, strlen(p2+1)+1);
+
+ memmove(p, p2 + 1, strlen(p2 + 1) + 1);
}
}
From 012149866b392fa9b4057a113d9ada14e59a1a5d Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 1 Aug 2017 22:46:14 +0200
Subject: [PATCH 10/18] conf: mount_entry()
non-functional changes
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/conf.c | 68 +++++++++++++++++++++++++++++++++++-----------------------
1 file changed, 41 insertions(+), 27 deletions(-)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index f31ab7fd8..69626fbd4 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1726,77 +1726,91 @@ static char *get_field(char *src, int nfields)
static int mount_entry(const char *fsname, const char *target,
const char *fstype, unsigned long mountflags,
- const char *data, int optional, int dev, const char *rootfs)
+ const char *data, int optional, int dev,
+ const char *rootfs)
{
+ int ret;
#ifdef HAVE_STATVFS
struct statvfs sb;
#endif
- if (safe_mount(fsname, target, fstype, mountflags & ~MS_REMOUNT, data, rootfs)) {
+ ret = safe_mount(fsname, target, fstype, mountflags & ~MS_REMOUNT, data,
+ rootfs);
+ if (ret < 0) {
if (optional) {
- INFO("failed to mount '%s' on '%s' (optional): %s", fsname,
- target, strerror(errno));
+ INFO("Failed to mount \"%s\" on \"%s\" (optional): %s",
+ fsname, target, strerror(errno));
return 0;
}
- else {
- SYSERROR("failed to mount '%s' on '%s'", fsname, target);
- return -1;
- }
+
+ SYSERROR("Failed to mount \"%s\" on \"%s\"", fsname, target);
+ return -1;
}
if ((mountflags & MS_REMOUNT) || (mountflags & MS_BIND)) {
- DEBUG("remounting %s on %s to respect bind or remount options",
- fsname ? fsname : "(none)", target ? target : "(none)");
unsigned long rqd_flags = 0;
+
+ DEBUG("Remounting \"%s\" on \"%s\" to respect bind or remount "
+ "options",
+ fsname ? fsname : "(none)", target ? target : "(none)");
+
if (mountflags & MS_RDONLY)
rqd_flags |= MS_RDONLY;
#ifdef HAVE_STATVFS
if (statvfs(fsname, &sb) == 0) {
unsigned long required_flags = rqd_flags;
+
if (sb.f_flag & MS_NOSUID)
required_flags |= MS_NOSUID;
+
if (sb.f_flag & MS_NODEV && !dev)
required_flags |= MS_NODEV;
+
if (sb.f_flag & MS_RDONLY)
required_flags |= MS_RDONLY;
+
if (sb.f_flag & MS_NOEXEC)
required_flags |= MS_NOEXEC;
- DEBUG("(at remount) flags for %s was %lu, required extra flags are %lu", fsname, sb.f_flag, required_flags);
- /*
- * If this was a bind mount request, and required_flags
+
+ DEBUG("Flags for \"%s\" were %lu, required extra flags "
+ "are %lu", fsname, sb.f_flag, required_flags);
+
+ /* If this was a bind mount request, and required_flags
* does not have any flags which are not already in
- * mountflags, then skip the remount
+ * mountflags, then skip the remount.
*/
if (!(mountflags & MS_REMOUNT)) {
- if (!(required_flags & ~mountflags) && rqd_flags == 0) {
- DEBUG("mountflags already was %lu, skipping remount",
- mountflags);
+ if (!(required_flags & ~mountflags) &&
+ rqd_flags == 0) {
+ DEBUG("Mountflags already were %lu, "
+ "skipping remount", mountflags);
goto skipremount;
}
}
+
mountflags |= required_flags;
}
#endif
- if (mount(fsname, target, fstype,
- mountflags | MS_REMOUNT, data) < 0) {
+ ret = mount(fsname, target, fstype, mountflags | MS_REMOUNT, data);
+ if (ret < 0) {
if (optional) {
- INFO("failed to mount '%s' on '%s' (optional): %s",
- fsname, target, strerror(errno));
+ INFO("Failed to mount \"%s\" on \"%s\" "
+ "(optional): %s", fsname, target,
+ strerror(errno));
return 0;
}
- else {
- SYSERROR("failed to mount '%s' on '%s'",
- fsname, target);
- return -1;
- }
+
+ SYSERROR("Failed to mount \"%s\" on \"%s\"", fsname, target);
+ return -1;
}
}
#ifdef HAVE_STATVFS
skipremount:
#endif
- DEBUG("mounted '%s' on '%s', type '%s'", fsname, target, fstype);
+ DEBUG("Mounted \"%s\" on \"%s\" with filesystem type \"%s\"", fsname,
+ target, fstype);
return 0;
}
From e63d43ec9228ac2922d85754383c663be4c35728 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 1 Aug 2017 22:48:06 +0200
Subject: [PATCH 11/18] conf: lxchook_names
non-functional changes
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/conf.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 69626fbd4..d62fbb1d7 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -234,8 +234,9 @@ static int memfd_create(const char *name, unsigned int flags) {
extern int memfd_create(const char *name, unsigned int flags);
#endif
-char *lxchook_names[NUM_LXC_HOOKS] = {
- "pre-start", "pre-mount", "mount", "autodev", "start", "stop", "post-stop", "clone", "destroy" };
+char *lxchook_names[NUM_LXC_HOOKS] = {"pre-start", "pre-mount", "mount",
+ "autodev", "start", "stop",
+ "post-stop", "clone", "destroy"};
typedef int (*instantiate_cb)(struct lxc_handler *, struct lxc_netdev *);
From 7e2f935053916be31486b95e55814775e847bbb5 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 1 Aug 2017 22:54:09 +0200
Subject: [PATCH 12/18] conf: mount_autodev()
non-functional changes
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/conf.c | 36 +++++++++++++++++-------------------
1 file changed, 17 insertions(+), 19 deletions(-)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index d62fbb1d7..91fcfc192 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1035,58 +1035,56 @@ static int setup_rootfs_pivot_root(const char *rootfs)
return -1;
}
-/*
- * Just create a path for /dev under $lxcpath/$name and in rootfs
- * If we hit an error, log it but don't fail yet.
+/* Just create a path for /dev under $lxcpath/$name and in rootfs If we hit an
+ * error, log it but don't fail yet.
*/
-static int mount_autodev(const char *name, const struct lxc_rootfs *rootfs, const char *lxcpath)
+static int mount_autodev(const char *name, const struct lxc_rootfs *rootfs,
+ const char *lxcpath)
{
int ret;
size_t clen;
char *path;
- INFO("Mounting container /dev");
+ INFO("Preparing \"/dev\"");
/* $(rootfs->mount) + "/dev/pts" + '\0' */
clen = (rootfs->path ? strlen(rootfs->mount) : 0) + 9;
path = alloca(clen);
ret = snprintf(path, clen, "%s/dev", rootfs->path ? rootfs->mount : "");
- if (ret < 0 || ret >= clen)
+ if (ret < 0 || (size_t)ret >= clen)
return -1;
if (!dir_exists(path)) {
- WARN("No /dev in container.");
- WARN("Proceeding without autodev setup");
+ WARN("\"/dev\" directory does not exist. Proceeding without "
+ "autodev being set up");
return 0;
}
ret = safe_mount("none", path, "tmpfs", 0, "size=500000,mode=755",
- rootfs->path ? rootfs->mount : NULL);
- if (ret != 0) {
- SYSERROR("Failed mounting tmpfs onto %s\n", path);
+ rootfs->path ? rootfs->mount : NULL);
+ if (ret < 0) {
+ SYSERROR("Failed to mount tmpfs on \"%s\"", path);
return -1;
}
-
- INFO("Mounted tmpfs onto %s", path);
+ INFO("Mounted tmpfs on \"%s\"", path);
ret = snprintf(path, clen, "%s/dev/pts", rootfs->path ? rootfs->mount : "");
- if (ret < 0 || ret >= clen)
+ if (ret < 0 || (size_t)ret >= clen)
return -1;
- /*
- * If we are running on a devtmpfs mapping, dev/pts may already exist.
+ /* If we are running on a devtmpfs mapping, dev/pts may already exist.
* If not, then create it and exit if that fails...
*/
if (!dir_exists(path)) {
ret = mkdir(path, S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH);
- if (ret) {
- SYSERROR("Failed to create /dev/pts in container");
+ if (ret < 0) {
+ SYSERROR("Failed to create directory \"%s\"", path);
return -1;
}
}
- INFO("Mounted container /dev");
+ INFO("Prepared \"/dev\"");
return 0;
}
From b23c8311984403dd6704bb5fccdb6c1bc95f8903 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 1 Aug 2017 23:23:24 +0200
Subject: [PATCH 13/18] utils: add has_fs_type() + is_fs_type()
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/utils.c | 22 ++++++++++++++++++++++
src/lxc/utils.h | 6 ++++++
2 files changed, 28 insertions(+)
diff --git a/src/lxc/utils.c b/src/lxc/utils.c
index f89c837d5..88692035f 100644
--- a/src/lxc/utils.c
+++ b/src/lxc/utils.c
@@ -2384,3 +2384,25 @@ void *must_realloc(void *orig, size_t sz)
return ret;
}
+
+bool is_fs_type(const struct statfs *fs, fs_type_magic magic_val)
+{
+ return (fs->f_type == (fs_type_magic)magic_val);
+}
+
+bool has_fs_type(const char *path, fs_type_magic magic_val)
+{
+ bool has_type;
+ int ret;
+ struct statfs sb;
+
+ ret = statfs(path, &sb);
+ if (ret < 0)
+ return false;
+
+ has_type = is_fs_type(&sb, magic_val);
+ if (!has_type && magic_val == RAMFS_MAGIC)
+ WARN("When the ramfs it a tmpfs statfs() might report tmpfs");
+
+ return has_type;
+}
diff --git a/src/lxc/utils.h b/src/lxc/utils.h
index 3465e6a6f..addfb7a05 100644
--- a/src/lxc/utils.h
+++ b/src/lxc/utils.h
@@ -36,6 +36,7 @@
#include <linux/loop.h>
#include <sys/syscall.h>
#include <sys/types.h>
+#include <sys/vfs.h>
#include "initutils.h"
@@ -386,4 +387,9 @@ char *must_copy_string(const char *entry);
/* Re-alllocate a pointer, do not fail */
void *must_realloc(void *orig, size_t sz);
+/* __typeof__ should be safe to use with all compilers. */
+typedef __typeof__(((struct statfs *)NULL)->f_type) fs_type_magic;
+bool has_fs_type(const char *path, fs_type_magic magic_val);
+bool is_fs_type(const struct statfs *fs, fs_type_magic magic_val);
+
#endif /* __LXC_UTILS_H */
From 33f0def278fc16de304b86b58fd9508eaeccd11f Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 1 Aug 2017 23:33:43 +0200
Subject: [PATCH 14/18] utils: switch to has_fs_type()
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/utils.c | 23 ++++++++++++-----------
src/lxc/utils.h | 1 +
2 files changed, 13 insertions(+), 11 deletions(-)
diff --git a/src/lxc/utils.c b/src/lxc/utils.c
index 88692035f..d3b0fdc5d 100644
--- a/src/lxc/utils.c
+++ b/src/lxc/utils.c
@@ -42,7 +42,6 @@
#include <sys/prctl.h>
#include <sys/stat.h>
#include <sys/types.h>
-#include <sys/vfs.h>
#include <sys/wait.h>
#include "log.h"
@@ -183,22 +182,24 @@ static int _recursive_rmdir(char *dirname, dev_t pdev,
return failed ? -1 : 0;
}
-/* we have two different magic values for overlayfs, yay */
+/* We have two different magic values for overlayfs, yay. */
+#ifndef OVERLAYFS_SUPER_MAGIC
#define OVERLAYFS_SUPER_MAGIC 0x794c764f
+#endif
+
+#ifndef OVERLAY_SUPER_MAGIC
#define OVERLAY_SUPER_MAGIC 0x794c7630
-/*
- * In overlayfs, st_dev is unreliable. so on overlayfs we don't do
- * the lxc_rmdir_onedev()
+#endif
+
+/* In overlayfs, st_dev is unreliable. So on overlayfs we don't do the
+ * lxc_rmdir_onedev()
*/
static bool is_native_overlayfs(const char *path)
{
- struct statfs sb;
-
- if (statfs(path, &sb) < 0)
- return false;
- if (sb.f_type == OVERLAYFS_SUPER_MAGIC ||
- sb.f_type == OVERLAY_SUPER_MAGIC)
+ if (has_fs_type(path, OVERLAY_SUPER_MAGIC) ||
+ has_fs_type(path, OVERLAYFS_SUPER_MAGIC))
return true;
+
return false;
}
diff --git a/src/lxc/utils.h b/src/lxc/utils.h
index addfb7a05..fc0e5c01c 100644
--- a/src/lxc/utils.h
+++ b/src/lxc/utils.h
@@ -34,6 +34,7 @@
#include <stdbool.h>
#include <unistd.h>
#include <linux/loop.h>
+#include <linux/magic.h>
#include <sys/syscall.h>
#include <sys/types.h>
#include <sys/vfs.h>
From 8e6edb8ba5c8812a04e6cb1d0c6eeda04bacd8d4 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Tue, 1 Aug 2017 23:34:50 +0200
Subject: [PATCH 15/18] conf: lxc_fill_autodev()
non-functional changes
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/conf.c | 34 +++++++++++++++++++++-------------
1 file changed, 21 insertions(+), 13 deletions(-)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 91fcfc192..9e6671575 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1111,29 +1111,30 @@ static int lxc_fill_autodev(const struct lxc_rootfs *rootfs)
int i;
mode_t cmask;
- ret = snprintf(path, MAXPATHLEN, "%s/dev", rootfs->path ? rootfs->mount : "");
- if (ret < 0 || ret >= MAXPATHLEN) {
- ERROR("Error calculating container /dev location");
+ ret = snprintf(path, MAXPATHLEN, "%s/dev",
+ rootfs->path ? rootfs->mount : "");
+ if (ret < 0 || ret >= MAXPATHLEN)
return -1;
- }
/* ignore, just don't try to fill in */
if (!dir_exists(path))
return 0;
- INFO("populating container /dev");
+ INFO("Populating \"/dev\"");
+
cmask = umask(S_IXUSR | S_IXGRP | S_IXOTH);
for (i = 0; i < sizeof(lxc_devs) / sizeof(lxc_devs[0]); i++) {
const struct lxc_devs *d = &lxc_devs[i];
- ret = snprintf(path, MAXPATHLEN, "%s/dev/%s", rootfs->path ? rootfs->mount : "", d->name);
+ ret = snprintf(path, MAXPATHLEN, "%s/dev/%s",
+ rootfs->path ? rootfs->mount : "", d->name);
if (ret < 0 || ret >= MAXPATHLEN)
return -1;
ret = mknod(path, d->mode, makedev(d->maj, d->min));
if (ret < 0) {
- char hostpath[MAXPATHLEN];
FILE *pathfile;
+ char hostpath[MAXPATHLEN];
if (errno == EEXIST) {
DEBUG("\"%s\" device already existed", path);
@@ -1146,24 +1147,31 @@ static int lxc_fill_autodev(const struct lxc_rootfs *rootfs)
ret = snprintf(hostpath, MAXPATHLEN, "/dev/%s", d->name);
if (ret < 0 || ret >= MAXPATHLEN)
return -1;
+
pathfile = fopen(path, "wb");
if (!pathfile) {
- SYSERROR("Failed to create device mount target '%s'", path);
+ SYSERROR("Failed to create file \"%s\"", path);
return -1;
}
fclose(pathfile);
- if (safe_mount(hostpath, path, 0, MS_BIND, NULL, rootfs->path ? rootfs->mount : NULL) != 0) {
- SYSERROR("Failed bind mounting device %s from host into container", d->name);
+
+ ret = safe_mount(hostpath, path, 0, MS_BIND, NULL,
+ rootfs->path ? rootfs->mount : NULL);
+ if (ret < 0) {
+ SYSERROR("Failed to bind mount \"%s\" from "
+ "host into container",
+ d->name);
return -1;
}
- DEBUG("bind mounted \"%s\" onto \"%s\"", hostpath, path);
+ DEBUG("Bind mounted \"%s\" onto \"%s\"", hostpath,
+ path);
} else {
- DEBUG("created device node \"%s\"", path);
+ DEBUG("Created device node \"%s\"", path);
}
}
umask(cmask);
- INFO("populated container /dev");
+ INFO("Populated \"/dev\"");
return 0;
}
From 935267ec2d26fdf62216a92d2a72dc4c7b9cbfdd Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Sat, 29 Jul 2017 23:10:17 +0200
Subject: [PATCH 16/18] utils: rework lxc_deslashify()
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/criu.c | 10 +++++++---
src/lxc/utils.c | 49 +++++++++++++++++++++++-----------------------
src/lxc/utils.h | 2 +-
src/tests/lxc-test-utils.c | 44 ++++++++++++++++++++++-------------------
4 files changed, 56 insertions(+), 49 deletions(-)
diff --git a/src/lxc/criu.c b/src/lxc/criu.c
index b1ab5d46e..245b06984 100644
--- a/src/lxc/criu.c
+++ b/src/lxc/criu.c
@@ -263,7 +263,7 @@ static void exec_criu(struct criu_opts *opts)
for (i = 0; i < cgroup_num_hierarchies(); i++) {
char **controllers = NULL, *fullname;
- char *path;
+ char *path, *tmp;
if (!cgroup_get_hierarchies(i, &controllers)) {
ERROR("failed to get hierarchy %d", i);
@@ -296,11 +296,15 @@ static void exec_criu(struct criu_opts *opts)
}
}
- if (!lxc_deslashify(&path)) {
- ERROR("failed to deslashify %s", path);
+ tmp = lxc_deslashify(path);
+ if (!tmp) {
+ ERROR("Failed to remove extraneous slashes from \"%s\"",
+ path);
free(path);
goto err;
}
+ free(path);
+ path = tmp;
fullname = lxc_string_join(",", (const char **) controllers, false);
if (!fullname) {
diff --git a/src/lxc/utils.c b/src/lxc/utils.c
index d3b0fdc5d..d36107020 100644
--- a/src/lxc/utils.c
+++ b/src/lxc/utils.c
@@ -729,47 +729,46 @@ char **lxc_normalize_path(const char *path)
return components;
}
-bool lxc_deslashify(char **path)
+char *lxc_deslashify(const char *path)
{
- bool ret = false;
- char *p;
+ char *dup, *p;
char **parts = NULL;
size_t n, len;
- parts = lxc_normalize_path(*path);
- if (!parts)
- return false;
+ dup = strdup(path);
+ if (!dup)
+ return NULL;
+
+ parts = lxc_normalize_path(dup);
+ if (!parts) {
+ free(dup);
+ return NULL;
+ }
/* We'll end up here if path == "///" or path == "". */
if (!*parts) {
- len = strlen(*path);
+ len = strlen(dup);
if (!len) {
- ret = true;
- goto out;
+ lxc_free_array((void **)parts, free);
+ return dup;
}
- n = strcspn(*path, "/");
+ n = strcspn(dup, "/");
if (n == len) {
+ free(dup);
+ lxc_free_array((void **)parts, free);
+
p = strdup("/");
if (!p)
- goto out;
- free(*path);
- *path = p;
- ret = true;
- goto out;
+ return NULL;
+
+ return p;
}
}
- p = lxc_string_join("/", (const char **)parts, **path == '/');
- if (!p)
- goto out;
-
- free(*path);
- *path = p;
- ret = true;
-
-out:
+ p = lxc_string_join("/", (const char **)parts, *dup == '/');
+ free(dup);
lxc_free_array((void **)parts, free);
- return ret;
+ return p;
}
char *lxc_append_paths(const char *first, const char *second)
diff --git a/src/lxc/utils.h b/src/lxc/utils.h
index fc0e5c01c..4408c6d69 100644
--- a/src/lxc/utils.h
+++ b/src/lxc/utils.h
@@ -275,7 +275,7 @@ extern char *lxc_string_join(const char *sep, const char **parts, bool use_as_pr
*/
extern char **lxc_normalize_path(const char *path);
/* remove multiple slashes from the path, e.g. ///foo//bar -> /foo/bar */
-extern bool lxc_deslashify(char **path);
+extern char *lxc_deslashify(const char *path);
extern char *lxc_append_paths(const char *first, const char *second);
/* Note: the following two functions use strtok(), so they will never
* consider an empty element, even if two delimiters are next to
diff --git a/src/tests/lxc-test-utils.c b/src/tests/lxc-test-utils.c
index 01d8cd6eb..aba7706ab 100644
--- a/src/tests/lxc-test-utils.c
+++ b/src/tests/lxc-test-utils.c
@@ -41,33 +41,37 @@
void test_lxc_deslashify(void)
{
- char *s = strdup("/A///B//C/D/E/");
- if (!s)
+ char *s = "/A///B//C/D/E/";
+ char *t;
+
+ t = lxc_deslashify(s);
+ if (!t)
exit(EXIT_FAILURE);
- lxc_test_assert_abort(lxc_deslashify(&s));
- lxc_test_assert_abort(strcmp(s, "/A/B/C/D/E") == 0);
- free(s);
+ lxc_test_assert_abort(strcmp(t, "/A/B/C/D/E") == 0);
+ free(t);
- s = strdup("/A");
- if (!s)
+ s = "/A";
+
+ t = lxc_deslashify(s);
+ if (!t)
exit(EXIT_FAILURE);
- lxc_test_assert_abort(lxc_deslashify(&s));
- lxc_test_assert_abort(strcmp(s, "/A") == 0);
- free(s);
+ lxc_test_assert_abort(strcmp(t, "/A") == 0);
+ free(t);
- s = strdup("");
- if (!s)
+ s = "";
+ t = lxc_deslashify(s);
+ if (!t)
exit(EXIT_FAILURE);
- lxc_test_assert_abort(lxc_deslashify(&s));
- lxc_test_assert_abort(strcmp(s, "") == 0);
- free(s);
+ lxc_test_assert_abort(strcmp(t, "") == 0);
+ free(t);
+
+ s = "//";
- s = strdup("//");
- if (!s)
+ t = lxc_deslashify(s);
+ if (!t)
exit(EXIT_FAILURE);
- lxc_test_assert_abort(lxc_deslashify(&s));
- lxc_test_assert_abort(strcmp(s, "/") == 0);
- free(s);
+ lxc_test_assert_abort(strcmp(t, "/") == 0);
+ free(t);
}
/* /proc/int_as_str/ns/mnt\0 = (5 + 21 + 7 + 1) */
From 8321bfb6932d6a0c0e3d27763f1edb14f65dd354 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 2 Aug 2017 01:28:35 +0200
Subject: [PATCH 17/18] conf: NOTICE() on mounts on container's /dev
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/conf.c | 58 +++++++++++++++++++++++++++++++++++++++++++++++++++-------
1 file changed, 51 insertions(+), 7 deletions(-)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 9e6671575..350669a68 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -2016,7 +2016,47 @@ static int mount_entry_on_relative_rootfs(struct mntent *mntent,
return mount_entry_on_generic(mntent, path, rootfs, lxc_name, lxc_path);
}
-static int mount_file_entries(const struct lxc_rootfs *rootfs, FILE *file,
+static void notice_on_conflict(const struct lxc_conf *conf, const char *src,
+ const char *dest)
+{
+ char *clean_mnt_fsname, *clean_mnt_dir, *tmp;
+
+ clean_mnt_fsname = lxc_deslashify(src);
+ if (!clean_mnt_fsname)
+ return;
+
+ clean_mnt_dir = lxc_deslashify(dest);
+ if (!clean_mnt_dir) {
+ free(clean_mnt_fsname);
+ return;
+ }
+
+ tmp = clean_mnt_dir;
+ if (*tmp == '/')
+ tmp++;
+
+ if (strncmp(src, "/dev", 4) || strncmp(tmp, "dev", 3)) {
+ free(clean_mnt_dir);
+ free(clean_mnt_fsname);
+ return;
+ }
+
+ if (!conf->autodev && !conf->pts && !conf->tty &&
+ (!conf->console.path || !strcmp(conf->console.path, "none"))) {
+ free(clean_mnt_dir);
+ free(clean_mnt_fsname);
+ return;
+ }
+
+ NOTICE("Requesting to mount \"%s\" on \"%s\" while requesting "
+ "automatic device setup under \"/dev\"", clean_mnt_fsname,
+ clean_mnt_dir);
+ free(clean_mnt_dir);
+ free(clean_mnt_fsname);
+}
+
+static int mount_file_entries(const struct lxc_conf *conf,
+ const struct lxc_rootfs *rootfs, FILE *file,
const char *lxc_name, const char *lxc_path)
{
struct mntent mntent;
@@ -2024,6 +2064,8 @@ static int mount_file_entries(const struct lxc_rootfs *rootfs, FILE *file,
int ret = -1;
while (getmntent_r(file, &mntent, buf, sizeof(buf))) {
+ warn_on_conflict(conf, mntent.mnt_fsname, mntent.mnt_dir);
+
if (!rootfs->path)
ret = mount_entry_on_systemfs(&mntent);
else if (mntent.mnt_dir[0] != '/')
@@ -2041,7 +2083,8 @@ static int mount_file_entries(const struct lxc_rootfs *rootfs, FILE *file,
return ret;
}
-static int setup_mount(const struct lxc_rootfs *rootfs, const char *fstab,
+static int setup_mount(const struct lxc_conf *conf,
+ const struct lxc_rootfs *rootfs, const char *fstab,
const char *lxc_name, const char *lxc_path)
{
FILE *f;
@@ -2056,7 +2099,7 @@ static int setup_mount(const struct lxc_rootfs *rootfs, const char *fstab,
return -1;
}
- ret = mount_file_entries(rootfs, f, lxc_name, lxc_path);
+ ret = mount_file_entries(conf, rootfs, f, lxc_name, lxc_path);
if (ret < 0)
ERROR("Failed to set up mount entries");
@@ -2107,7 +2150,8 @@ FILE *make_anonymous_mount_file(struct lxc_list *mount)
return f;
}
-static int setup_mount_entries(const struct lxc_rootfs *rootfs,
+static int setup_mount_entries(const struct lxc_conf *conf,
+ const struct lxc_rootfs *rootfs,
struct lxc_list *mount, const char *lxc_name,
const char *lxc_path)
{
@@ -2118,7 +2162,7 @@ static int setup_mount_entries(const struct lxc_rootfs *rootfs,
if (!f)
return -1;
- ret = mount_file_entries(rootfs, f, lxc_name, lxc_path);
+ ret = mount_file_entries(conf, rootfs, f, lxc_name, lxc_path);
fclose(f);
return ret;
@@ -4162,12 +4206,12 @@ int lxc_setup(struct lxc_handler *handler)
return -1;
}
- if (setup_mount(&lxc_conf->rootfs, lxc_conf->fstab, name, lxcpath)) {
+ if (setup_mount(lxc_conf, &lxc_conf->rootfs, lxc_conf->fstab, name, lxcpath)) {
ERROR("failed to setup the mounts for '%s'", name);
return -1;
}
- if (!lxc_list_empty(&lxc_conf->mount_list) && setup_mount_entries(&lxc_conf->rootfs, &lxc_conf->mount_list, name, lxcpath)) {
+ if (!lxc_list_empty(&lxc_conf->mount_list) && setup_mount_entries(lxc_conf, &lxc_conf->rootfs, &lxc_conf->mount_list, name, lxcpath)) {
ERROR("failed to setup the mount entries for '%s'", name);
return -1;
}
From 63b6cb712df3ac7cf8ce308f4a3f50bc05eefbab Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 2 Aug 2017 01:31:16 +0200
Subject: [PATCH 18/18] userns.conf: remove obsolete bind-mounts
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
config/templates/userns.conf.in | 8 --------
1 file changed, 8 deletions(-)
diff --git a/config/templates/userns.conf.in b/config/templates/userns.conf.in
index b43d4f3db..be4fbbc6b 100644
--- a/config/templates/userns.conf.in
+++ b/config/templates/userns.conf.in
@@ -4,11 +4,3 @@ lxc.cgroup.devices.allow =
# We can't move bind-mounts, so don't use /dev/lxc/
lxc.tty.dir =
-
-# Extra bind-mounts for userns
-lxc.mount.entry = /dev/full dev/full none bind,create=file 0 0
-lxc.mount.entry = /dev/null dev/null none bind,create=file 0 0
-lxc.mount.entry = /dev/random dev/random none bind,create=file 0 0
-lxc.mount.entry = /dev/tty dev/tty none bind,create=file 0 0
-lxc.mount.entry = /dev/urandom dev/urandom none bind,create=file 0 0
-lxc.mount.entry = /dev/zero dev/zero none bind,create=file 0 0
More information about the lxc-devel
mailing list