External/libvirt
1
0
Fork 0
Code

Always pivot_root event if the new root source is '/'

Browse Source 
This reverts

  commit c16b4c43fcdd8ec02581f38377983b2e0925bfcd
  Author: Daniel P. Berrange <berrange@redhat.com>
  Date:   Fri May 11 15:09:27 2012 +0100

    Avoid LXC pivot root in the root source is still /

This commit broke setup of /dev, because the code which
deals with setting up a private /dev and /dev/pts only
works if you do a pivotroot.

The original intent of avoiding the pivot root was to
try and ensure the new root has a minimumal mount
tree. The better way todo this is to just unmount the
bits we don't want (ie old /proc & /sys subtrees.
So apply the logic from

  commit c529b47a756960d332fbe9903943dae855e7b949
  Author: Daniel P. Berrange <berrange@redhat.com>
  Date:   Fri May 11 11:35:28 2012 +0100

    Trim /proc & /sys subtrees before mounting new instances

to the pivot_root codepath as well
This commit is contained in:
Daniel P. Berrange 2012-06-12 16:26:37 -04:00
parent 92cbe7ae39
commit e9d8861e58
1 changed files with 8 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/lxc/lxc_container.c
View File

@ -1328,6 +1328,13 @@ static int lxcContainerSetupPivotRoot(virDomainDefPtr vmDef,
if (lxcContainerPivotRoot(root) < 0) if (lxcContainerPivotRoot(root) < 0)
goto cleanup; goto cleanup;
/* Gets rid of any existing stuff under /proc, since we need new
* namespace aware versions of those. We must do /proc second
* otherwise we won't find /proc/mounts :-) */
if (lxcContainerUnmountSubtree("/sys", false) < 0 ||
lxcContainerUnmountSubtree("/proc", false) < 0)
goto cleanup;
/* Mounts the core /proc, /sys, etc filesystems */ /* Mounts the core /proc, /sys, etc filesystems */
if (lxcContainerMountBasicFS(vmDef, true, securityDriver) < 0) if (lxcContainerMountBasicFS(vmDef, true, securityDriver) < 0)
goto cleanup; goto cleanup;
@ -1455,11 +1462,7 @@ static int lxcContainerSetupMounts(virDomainDefPtr vmDef,
if (lxcContainerResolveSymlinks(vmDef) < 0) if (lxcContainerResolveSymlinks(vmDef) < 0)
return -1; return -1;
/* If the user has specified a dst '/' with a source of '/' if (root && root->src)
* then we don't really want to go down the pivot root
* path, as we're just tuning the existing root
*/
if (root && root->src && STRNEQ(root->src, "/"))
return lxcContainerSetupPivotRoot(vmDef, root, ttyPaths, nttyPaths, securityDriver); return lxcContainerSetupPivotRoot(vmDef, root, ttyPaths, nttyPaths, securityDriver);
else else
return lxcContainerSetupExtraMounts(vmDef, root, securityDriver); return lxcContainerSetupExtraMounts(vmDef, root, securityDriver);