[lxc-devel] [lxd/master] zfs: Make sure to allow devices, setuid and exec

stgraber on Github lxc-bot at linuxcontainers.org
Wed Dec 6 22:32:16 UTC 2017


A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 370 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20171206/2be51c5f/attachment.bin>
-------------- next part --------------
From 03d1e5881c79ca7687a9e8cd7dcd84d4deb15fcc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber at ubuntu.com>
Date: Wed, 6 Dec 2017 17:31:46 -0500
Subject: [PATCH] zfs: Make sure to allow devices, setuid and exec
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Closes #4084

Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
 lxd/storage_zfs.go | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/lxd/storage_zfs.go b/lxd/storage_zfs.go
index aea3540e3..30a616b93 100644
--- a/lxd/storage_zfs.go
+++ b/lxd/storage_zfs.go
@@ -238,6 +238,18 @@ func (s *storageZfs) zfsPoolCreate() error {
 			if err := zfsPoolVolumeSet(vdev, "", "mountpoint", "none"); err != nil {
 				return err
 			}
+
+			if err := zfsPoolVolumeSet(vdev, "", "setuid", "on"); err != nil {
+				return err
+			}
+
+			if err := zfsPoolVolumeSet(vdev, "", "exec", "on"); err != nil {
+				return err
+			}
+
+			if err := zfsPoolVolumeSet(vdev, "", "devices", "on"); err != nil {
+				return err
+			}
 		}
 	}
 


More information about the lxc-devel mailing list