[libvirt] [PATCH 2/2] LXC: don't unmount mounts for shared root
Gao feng
gaofeng at cn.fujitsu.com
Wed Nov 20 01:56:41 UTC 2013
On 11/20/2013 09:50 AM, Gao feng wrote:
> On 11/19/2013 11:00 PM, Daniel P. Berrange wrote:
>> On Tue, Nov 19, 2013 at 05:53:21PM +0800, Gao feng wrote:
>>> Also after commit 5ff9d8a65ce80efb509ce4e8051394e9ed2cd942
>>> vfs: Lock in place mounts from more privileged users,
>>>
>>> unprivileged user has no rights to umount the mounts that
>>> inherited from parent mountns.
>>>
>>> right now, I have no good idea to fix this problem, we need
>>> to do more research. this patch just skip unmounting these
>>> mounts for shared root.
>>>
>>> BTW, I think when libvirt lxc enables user namespace, the
>>> configuation that shares root with host is very rara.
>>>
>>> Signed-off-by: Gao feng <gaofeng at cn.fujitsu.com>
>>> ---
>>> src/lxc/lxc_container.c | 4 +++-
>>> 1 file changed, 3 insertions(+), 1 deletion(-)
>>>
>>> diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
>>> index 61283e4..8003594 100644
>>> --- a/src/lxc/lxc_container.c
>>> +++ b/src/lxc/lxc_container.c
>>> @@ -1591,7 +1591,9 @@ static int lxcContainerSetupPivotRoot(virDomainDefPtr vmDef,
>>> if (lxcContainerPivotRoot(root) < 0)
>>> goto cleanup;
>>>
>>> - if (STREQ(root->src, "/") &&
>>> + /* FIXME: we should find a way to unmount these mounts for container
>>> + * even user namespace is enabled. */
>>> + if (STREQ(root->src, "/") && (!vmDef->idmap.nuidmap) &&
>>> lxcContainerUnmountForSharedRoot(stateDir, vmDef->name) < 0)
>>> goto cleanup;
>>
>> If unmounting fails for these few temporary filesystems, then how is
>> unmount succeeding for everything under /.oldroot after we do the
>> pivot root ? Does the pivot_root() confuse the kernel into thinking
>> stuff under /.oldroot was owned by this process & thus allowed to be
>> unmounted ? Or is it falling back to the MNT_DETACH scenario instead ?
>>
>>
> ./oldroot is mounted in container, so container has rights to umount it,
> but for sub mounts under ./oldroot, container has no rights to umount them,
> so it falls back to MNT_DETACH scenario.
>
> hmm, So I think for the [PATCH 1/2], use MS_BIND instead of MS_MOVE may be
> a simple way, since even we move the /dev /dev/pts on host side, the unmount
> ./oldroot will fall back to MNT_DETACH scenario too.
>
Maybe in furture we can find a way to unmount all sub mounts under ./oldroot and
unmount the temporary mounts, but now, I have no idea how to implement this.
I will repost this patchset.
Thanks!
More information about the libvir-list
mailing list