[libvirt] [PATCH] Workaround for broken kernel autofs mounts

Eric Blake eblake at redhat.com
Tue Nov 1 15:09:48 UTC 2011


On 11/01/2011 07:00 AM, Daniel P. Berrange wrote:
> From: "Daniel P. Berrange"<berrange at redhat.com>
>
> The kernel automounter is mostly broken wrt to containers. Most
> notably if you start a new filesystem namespace and then attempt
> to unmount any autofs filesystem, it will typically fail with a
> wierd error message like

s/wierd/weird/

>
>    Failed to unmount '/.oldroot/sys/kernel/security':Too many levels of symbolic links
>
> Atttempting to detach the autofs mount mount using umount2(MNT_DETACH)

s/Atttempting/Attempting/
s/mount mount/mount/

> will also fail with the same error. Therefore if we get any error on
> unmount()ing a filesystem from the old root FS when starting a
> container, we must immediately break out and detach the entire
> old root filesystem (ignoring any mounts below it).
>
> This has the effect of making the old root filesystem inaccessible
> to anything inside the container, but at the cost that the mounts
> live on in the kernel until the container exits. Given that SystemD
> uses autofs by default, we need LXC to be robust this scenario and
> thus this tradeoff is worthwhile.

Agree to that analysis.

ACK.

-- 
Eric Blake   eblake at redhat.com    +1-801-349-2682
Libvirt virtualization library http://libvirt.org




More information about the libvir-list mailing list