Turn autodev on by default

Now that autodev works fine with unprivileged containers and shouldn't come with any side effect, lets turn it on by default. Signed-off-by: Stéphane Graber <stgraber@ubuntu.com> Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
2025-07-16 22:32:40 +00:00 · 2015-01-20 18:40:16 -05:00 · 2015-01-20 18:40:16 -05:00 · 124fa0a869
commit 124fa0a869
parent dd2271e6bb
9 changed files with 3 additions and 120 deletions
--- a/config/templates/archlinux.common.conf.in
+++ b/config/templates/archlinux.common.conf.in
@ -4,9 +4,6 @@ lxc.include = @LXCTEMPLATECONFIG@/common.conf
 # Allow for 6 tty devices by default
 lxc.tty = 6
 # Turn on autodev for systemd
 lxc.autodev = 1
 # Disable kmsg
 lxc.kmsg = 0
--- a/config/templates/opensuse.common.conf.in
+++ b/config/templates/opensuse.common.conf.in
@ -1,9 +1,6 @@
 # This derives from the global common config
 lxc.include = @LXCTEMPLATECONFIG@/common.conf
 # Enable autodev
 lxc.autodev = 1
 # Capabilities
 # Uncomment these if you don't run anything that needs the capability, and
 # would like the container to run with less privilege.
--- a/doc/lxc.container.conf.sgml.in
+++ b/doc/lxc.container.conf.sgml.in
@ -663,7 +663,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
          </term>
          <listitem>
            <para>
-              Set this to 1 to have LXC mount and populate a minimal
+              Set this to 0 to stop LXC from mounting and populating a minimal
              <filename>/dev</filename> when starting the container.
            </para>
          </listitem>
@ -674,7 +674,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
    <refsect2>
      <title>Enable kmsg symlink</title>
      <para>
-      Enable creating /dev/kmsg as symlink to /dev/console.  This defaults to 1.
+        Enable creating /dev/kmsg as symlink to /dev/console.  This defaults to 1.
      </para>
      <variablelist>
    <varlistentry>
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@ -2504,7 +2504,7 @@ struct lxc_conf *lxc_conf_init(void)
 	new->loglevel = LXC_LOG_PRIORITY_NOTSET;
 	new->personality = -1;
-	new->autodev = -1;
+	new->autodev = 1;
 	new->console.log_path = NULL;
 	new->console.log_fd = -1;
 	new->console.path = NULL;
@ -3496,88 +3496,6 @@ int ttys_shift_ids(struct lxc_conf *c)
 	return 0;
 }
 /*
 * This routine is called when the configuration does not already specify a value
 * for autodev (mounting a file system on /dev and populating it in a container).
 * If a hard override value has not be specified, then we try to apply some
 * heuristics to determine if we should switch to autodev mode.
 *
 * For instance, if the container has an /etc/systemd/system directory then it
 * is probably running systemd as the init process and it needs the autodev
 * mount to prevent it from mounting devtmpfs on /dev on it's own causing conflicts
 * in the host.
 *
 * We may also want to enable autodev if the host has devtmpfs mounted on its
 * /dev as this then enable us to use subdirectories under /dev for the container
 * /dev directories and we can fake udev devices.
 */
 struct start_args {
 	char *const *argv;
 };
 #define MAX_SYMLINK_DEPTH 32
 static int check_autodev( const char *rootfs, void *data )
 {
 	struct start_args *arg = data;
 	int ret;
 	int loop_count = 0;
 	struct stat s;
 	char absrootfs[MAXPATHLEN];
 	char path[MAXPATHLEN];
 	char abs_path[MAXPATHLEN];
 	char *command = "/sbin/init";
 	if (rootfs == NULL || strlen(rootfs) == 0)
 		return -2;
 	if (!realpath(rootfs, absrootfs))
 		return -2;
 	if( arg && arg->argv[0] ) {
 		command = arg->argv[0];
 		DEBUG("Set exec command to %s", command );
 	}
 	strncpy( path, command, MAXPATHLEN-1 );
 	if ( 0 != access(path, F_OK) || 0 != stat(path, &s) )
 		return -2;
 	/* Dereference down the symlink merry path testing as we go. */
 	/* If anything references systemd in the path - set autodev! */
 	/* Renormalize to the rootfs before each dereference */
 	/* Relative symlinks should fall out in the wash even with .. */
 	while( 1 ) {
 		if ( strstr( path, "systemd" ) ) {
 			INFO("Container with systemd init detected - enabling autodev!");
 			return 1;
 		}
 		ret = snprintf(abs_path, MAXPATHLEN-1, "%s/%s", absrootfs, path);
 		if (ret < 0 || ret > MAXPATHLEN)
 			return -2;
 		ret = readlink( abs_path, path, MAXPATHLEN-1 );
 		if ( ( ret <= 0 ) || ( ++loop_count > MAX_SYMLINK_DEPTH ) ) {
 			break; /* Break out for other tests */
 		}
 		path[ret] = '\0';
 	}
 	/*
 	 * Add future checks here.
 	 *	Return positive if we should go autodev
 	 *	Return 0 if we should NOT go autodev
 	 *	Return negative if we encounter an error or can not determine...
 	 */
 	/* All else fails, we don't need autodev */
 	INFO("Autodev not required.");
 	return 0;
 }
 /*
 * _do_tmp_proc_mount: Mount /proc inside container if not already
 * mounted
@ -3793,7 +3711,6 @@ int lxc_setup(struct lxc_handler *handler)
 	const char *name = handler->name;
 	struct lxc_conf *lxc_conf = handler->conf;
 	const char *lxcpath = handler->lxcpath;
 	void *data = handler->data;
 	if (do_rootfs_setup(lxc_conf, name, lxcpath) < 0) {
 		ERROR("Error setting up rootfs mount after spawn");
@ -3812,10 +3729,6 @@ int lxc_setup(struct lxc_handler *handler)
 		return -1;
 	}
 	if (lxc_conf->autodev < 0) {
 		lxc_conf->autodev = check_autodev(lxc_conf->rootfs.mount, data);
 	}
 	if (lxc_conf->autodev > 0) {
 		if (mount_autodev(name, lxc_conf->rootfs.mount, lxcpath)) {
 			ERROR("failed to mount /dev in the container");
--- a/templates/lxc-centos.in
+++ b/templates/lxc-centos.in
@ -612,8 +612,6 @@ lxc.include = @LXCTEMPLATECONFIG@/centos.common.conf
 lxc.arch = $arch
 lxc.utsname = $utsname
 lxc.autodev = $auto_dev
 # When using LXC with apparmor, uncomment the next line to run unconfined:
 #lxc.aa_profile = unconfined
@ -824,20 +822,6 @@ if [ -z "$release" ]; then
    fi
 fi
 # CentOS 7 and above should run systemd.  We need autodev enabled to keep
 # systemd from causing problems.
 #
 # There is some ambiguity here due to the differnce between versioning
 # of point specific releases such as 6.5 and the rolling release 6.  We
 # only want the major number here if it's a point release...
 mrelease=$(expr $release : '\([0-9]*\)')
 if [ $mrelease -gt 6 ]; then
    auto_dev="1"
 else
    auto_dev="0"
 fi
 if [ "$(id -u)" != "0" ]; then
    echo "This script should be run as 'root'"
    exit 1
--- a/templates/lxc-debian.in
+++ b/templates/lxc-debian.in
@ -191,7 +191,6 @@ configure_debian_systemd()
    init="$(chroot ${rootfs} dpkg-query --search /sbin/init | cut -d : -f 1)"
    if [ "$init" = "systemd-sysv" ]; then
       # only appropriate when systemd is PID 1
       echo 'lxc.autodev = 1' >> "$path/config"
       echo 'lxc.kmsg = 0' >> "$path/config"
    fi
--- a/templates/lxc-fedora.in
+++ b/templates/lxc-fedora.in
@ -1119,12 +1119,7 @@ lxc.include = @LXCTEMPLATECONFIG@/fedora.common.conf
    if [ "x$have_systemd" = "x1" ]; then
        cat <<EOF >> $config_path/config
 lxc.autodev = 1
 lxc.kmsg = 0
 EOF
    else
        cat <<EOF >> $config_path/config
 lxc.autodev = 0
 EOF
    fi
--- a/templates/lxc-openmandriva.in
+++ b/templates/lxc-openmandriva.in
@ -229,7 +229,6 @@ copy_configuration()
    grep -q "^lxc.rootfs" $config_path/config 2>/dev/null || echo "lxc.rootfs = $rootfs_path" >> $config_path/config
    cat <<EOF >> $config_path/config
 lxc.utsname = $name
 lxc.autodev = 1
 lxc.tty = 4
 lxc.pts = 1024
 lxc.mount = $config_path/fstab
--- a/templates/lxc-oracle.in
+++ b/templates/lxc-oracle.in
@ -482,7 +482,6 @@ EOF
    # don't create kmsg symlink as it causes journald to use 100% cpu
    if [ $container_release_major = "7" ]; then
        echo "lxc.autodev = 1" >>$cfg_dir/config
        echo "lxc.kmsg = 0" >>$cfg_dir/config
    fi