[lxc-devel] [crio-lxc/master] Fixed bind mounts and absolute destination paths

CajuM on Github lxc-bot at linuxcontainers.org
Fri Jul 26 13:14:24 UTC 2019 

A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 495 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20190726/09ead266/attachment.bin>
-------------- next part --------------
From 83dc216723f10cdab6389e904d02170cefb79d5a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mihai-Drosi=20C=C3=A2ju?= <mcaju at cisco.com>
Date: Mon, 13 May 2019 12:50:10 +0300
Subject: [PATCH] Fixed bind mounts and absolute destination paths

---
 cmd/create.go | 20 ++++++++++++++++++--
 1 file changed, 18 insertions(+), 2 deletions(-)

diff --git a/cmd/create.go b/cmd/create.go
index 6e6ed4b..7c1a3d4 100644
--- a/cmd/create.go
+++ b/cmd/create.go
@@ -215,6 +215,7 @@ func configureContainer(ctx *cli.Context, c *lxc.Container, spec *specs.Spec) er
 	if err := c.SetConfigItem("lxc.rootfs.path", spec.Root.Path); err != nil {
 		return errors.Wrapf(err, "failed to set rootfs: '%s'", spec.Root.Path)
 	}
+
 	if err := c.SetConfigItem("lxc.rootfs.managed", "0"); err != nil {
 		return errors.Wrap(err, "failed to set rootfs.managed to 0")
 	}
@@ -226,8 +227,23 @@ func configureContainer(ctx *cli.Context, c *lxc.Container, spec *specs.Spec) er
 	}
 
 	for _, ms := range spec.Mounts {
+		if ms.Type != "bind" {
+			ms.Options = append(ms.Options, "create=dir")
+		}
+
 		opts := strings.Join(ms.Options, ",")
-		mnt := fmt.Sprintf("%s %s %s %s", ms.Source, ms.Destination, ms.Type, opts)
+
+		dest, err := filepath.Rel("/", ms.Destination)
+		if err != nil {
+			return errors.Wrapf(err, "bad destination path in mount entry: %s", ms.Destination)
+		}
+
+		// /dev is automatically mounted when lxc.autodev is set to 1
+		if dest == "/dev" {
+			continue
+		}
+
+		mnt := fmt.Sprintf("%s %s %s %s", ms.Source, dest, ms.Type, opts)
 		if err := c.SetConfigItem("lxc.mount.entry", mnt); err != nil {
 			return errors.Wrap(err, "failed to set mount config")
 		}
@@ -256,8 +272,8 @@ func configureContainer(ctx *cli.Context, c *lxc.Container, spec *specs.Spec) er
 	argsString := "/fifo-wait " + strings.Join(spec.Process.Args, " ")
 	if err := c.SetConfigItem("lxc.execute.cmd", argsString); err != nil {
 		return errors.Wrap(err, "failed to set lxc.execute.cmd")
-
 	}
+
 	if err := c.SetConfigItem("lxc.hook.version", "1"); err != nil {
 		return errors.Wrap(err, "failed to set hook version")
 	}

More information about the lxc-devel mailing list