proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-08-09 10:56:14 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

conf: support recursive propagation options properly

Browse Source 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
This commit is contained in:
Christian Brauner 2021-08-26 11:06:52 +02:00
parent 3eb2323041
commit 6b48a57529
No known key found for this signature in database
GPG Key ID: 8EB056D53EECB12D
1 changed files with 43 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
src/lxc/conf.c
View File

@ -2270,9 +2270,14 @@ static int parse_vfs_attr(struct lxc_mount_options *opts, char *opt, size_t size
if (!strnequal(opt, mo->name, strlen(mo->name))) if (!strnequal(opt, mo->name, strlen(mo->name)))
continue; continue;
/* TODO: Handle recursive propagation requests. */ if (strequal(mo->name, "rslave") ||
strequal(mo->name, "rshared") ||
strequal(mo->name, "runbindable") ||
strequal(mo->name, "rprivate"))
opts->propagate_recursively = 1;
opts->attr.propagation = mo->flag; opts->attr.propagation = mo->flag;
opts->mnt_flags |= mo->legacy_flag; opts->prop_flags |= mo->legacy_flag;
return 0; return 0;
} }
@ -2892,6 +2897,7 @@ static int __lxc_idmapped_mounts_child(struct lxc_handler *handler, FILE *f)
struct lxc_mount_options opts = {}; struct lxc_mount_options opts = {};
int dfd_from; int dfd_from;
const char *source_relative, *target_relative; const char *source_relative, *target_relative;
struct lxc_mount_attr attr = {};
ret = parse_lxc_mount_attrs(&opts, mntent.mnt_opts); ret = parse_lxc_mount_attrs(&opts, mntent.mnt_opts);
if (ret < 0) if (ret < 0)
@ -2989,21 +2995,51 @@ static int __lxc_idmapped_mounts_child(struct lxc_handler *handler, FILE *f)
mnt_seq, cur_mnt_seq); mnt_seq, cur_mnt_seq);
mnt_seq++; mnt_seq++;
/* Set remaining mount options. */ /* Set regular mount options. */
ret = mount_setattr(fd_from, "", AT_EMPTY_PATH | attr = opts.attr;
attr.propagation = 0;
ret = mount_setattr(fd_from,
"",
AT_EMPTY_PATH |
(opts.bind_recursively ? AT_RECURSIVE : 0), (opts.bind_recursively ? AT_RECURSIVE : 0),
&opts.attr, sizeof(opts.attr)); &attr,
sizeof(attr));
if (ret < 0) { if (ret < 0) {
if (opts.optional) { if (opts.optional) {
TRACE("Skipping optional idmapped mount"); TRACE("Skipping optional idmapped mount");
continue; continue;
} }
return syserror("Failed to receive notification that parent idmapped detached %smount %d/%s to user namespace %d", return syserror("Failed to set %smount options on detached %d/%s",
opts.bind_recursively ? "recursive " : "", opts.bind_recursively ? "recursive " : "",
dfd_from, source_relative, fd_userns); dfd_from, source_relative);
} }
/* Set propagation mount options. */
if (opts.attr.propagation) {
attr = (struct lxc_mount_attr) {
attr.propagation = opts.attr.propagation,
};
ret = mount_setattr(fd_from,
"",
AT_EMPTY_PATH |
(opts.propagate_recursively ? AT_RECURSIVE : 0),
&attr,
sizeof(attr));
if (ret < 0) {
if (opts.optional) {
TRACE("Skipping optional idmapped mount");
continue;
}
return syserror("Failed to set %spropagation mount options on detached %d/%s",
opts.bind_recursively ? "recursive " : "",
dfd_from, source_relative);
}
}
/* /*
* In contrast to the legacy mount codepath we will simplify * In contrast to the legacy mount codepath we will simplify
* our lifes and just always treat the target mountpoint to be * our lifes and just always treat the target mountpoint to be