[lxc-devel] [lxd/master] lxd/storage/btrfs: Don't make ro snapshots when unpriv

stgraber on Github lxc-bot at linuxcontainers.org
Sun May 5 04:17:02 UTC 2019 

A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 514 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20190504/6cd3a648/attachment.bin>
-------------- next part --------------
From 0e246fc917100a0b71bf4fe0f82928a168f9c2b5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber at ubuntu.com>
Date: Sun, 5 May 2019 00:16:18 -0400
Subject: [PATCH] lxd/storage/btrfs: Don't make ro snapshots when unpriv
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
 lxd/patches.go       | 2 +-
 lxd/storage_btrfs.go | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/lxd/patches.go b/lxd/patches.go
index d6cf113466..084bd11133 100644
--- a/lxd/patches.go
+++ b/lxd/patches.go
@@ -684,7 +684,7 @@ func upgradeFromStorageTypeBtrfs(name string, d *Daemon, defaultPoolName string,
 			oldSnapshotMntPoint := shared.VarPath("snapshots", cs)
 			newSnapshotMntPoint := getSnapshotMountPoint("default", defaultPoolName, cs)
 			if shared.PathExists(oldSnapshotMntPoint) && !shared.PathExists(newSnapshotMntPoint) {
-				err = btrfsSnapshot(oldSnapshotMntPoint, newSnapshotMntPoint, true)
+				err = btrfsSnapshot(d.State(), oldSnapshotMntPoint, newSnapshotMntPoint, true)
 				if err != nil {
 					err := btrfsSubVolumeCreate(newSnapshotMntPoint)
 					if err != nil {
diff --git a/lxd/storage_btrfs.go b/lxd/storage_btrfs.go
index 3d44e04fff..fc1bc2347f 100644
--- a/lxd/storage_btrfs.go
+++ b/lxd/storage_btrfs.go
@@ -2267,10 +2267,10 @@ func btrfsSubVolumesDelete(subvol string) error {
  * btrfsSnapshot creates a snapshot of "source" to "dest"
  * the result will be readonly if "readonly" is True.
  */
-func btrfsSnapshot(source string, dest string, readonly bool) error {
+func btrfsSnapshot(s *state.State, source string, dest string, readonly bool) error {
 	var output string
 	var err error
-	if readonly {
+	if readonly && !s.OS.RunningInUserNS {
 		output, err = shared.RunCommand(
 			"btrfs",
 			"subvolume",
@@ -2299,7 +2299,7 @@ func btrfsSnapshot(source string, dest string, readonly bool) error {
 }
 
 func (s *storageBtrfs) btrfsPoolVolumeSnapshot(source string, dest string, readonly bool) error {
-	return btrfsSnapshot(source, dest, readonly)
+	return btrfsSnapshot(s.s, source, dest, readonly)
 }
 
 func (s *storageBtrfs) btrfsPoolVolumesSnapshot(source string, dest string, readonly bool, recursive bool) error {

More information about the lxc-devel mailing list