[libvirt] [PATCH] LXC: create a bind mount for sysfs when enable userns but disable netns
Daniel P. Berrange
berrange at redhat.com
Thu Mar 19 16:58:10 UTC 2015
On Thu, Mar 19, 2015 at 05:54:32PM +0100, Richard Weinberger wrote:
> Am 11.03.2015 um 10:36 schrieb Richard Weinberger:
> > Am 11.03.2015 um 03:30 schrieb Chen, Hanxiao:
> >>>> @@ -826,8 +829,25 @@ static int lxcContainerMountBasicFS(bool userns_enabled)
> >>>> bool bindOverReadonly;
> >>>> virLXCBasicMountInfo const *mnt = &lxcBasicMounts[i];
> >>>>
> >>>> + /* When enable userns but disable netns, kernel will
> >>>> + * forbid us doing a new fresh mount for sysfs.
> >>>> + * So we had to do a bind mount for sysfs instead.
> >>>> + */
> >>>> + if (userns_enabled && netns_disabled &&
> >>>> + STREQ(mnt->src, "sysfs")) {
> >>>> + if (VIR_STRDUP(mnt_src, "/sys") < 0) {
> >>>> + goto cleanup;
> >>>> + }
> >>>
> >>> This is clearly broken and looks very untested to me.
> >>>
> >> It's broken now.
> >> But when I submitted this patch last year, it's not.
> >
> > Are you sure?
> > Just built libvirt v1.2.6-222-ga86b621, head is
> > commit a86b6215a74b1feb2667204e214fbfd2f7decc5c
> > Author: Chen Hanxiao <chenhanxiao at cn.fujitsu.com>
> > Date: Mon Jul 14 18:01:51 2014 +0800
> >
> > LXC: create a bind mount for sysfs when enable userns but disable netns
> >
> > /sys is still an empty directory but as at this time (most likely due to another bug)
> > libvirt was able to create /sys/fs/cgroup and mounted groups there.
> > But no sysfs at all is at /sys.
> >
> > I mean, how is this supposed to work? You bind mount /sys over /sys...
>
> Any further comments on that?
It just looks impossible for it to work in this way
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the libvir-list
mailing list