diff --git a/src/lxc/bdev/lxcaufs.c b/src/lxc/bdev/lxcaufs.c index 4224ce802..01529669e 100644 --- a/src/lxc/bdev/lxcaufs.c +++ b/src/lxc/bdev/lxcaufs.c @@ -353,6 +353,7 @@ int aufs_mkdir(const struct mntent *mntent, const struct lxc_rootfs *rootfs, const char *lxc_name, const char *lxc_path) { char lxcpath[MAXPATHLEN]; + char *rootfs_path = NULL; char *rootfsdir = NULL; char *scratch = NULL; char *tmp = NULL; @@ -365,11 +366,9 @@ int aufs_mkdir(const struct mntent *mntent, const struct lxc_rootfs *rootfs, size_t len = 0; size_t rootfslen = 0; - /* Since we use all of these to check whether the user has given us a - * sane absolute path to create the directories needed for overlay - * lxc.mount.entry entries we consider any of these missing fatal. */ - if (!rootfs || !rootfs->path || !lxc_name || !lxc_path) - goto err; + /* When rootfs == NULL we have a container without a rootfs. */ + if (rootfs && rootfs->path) + rootfs_path = rootfs->path; opts = lxc_string_split(mntent->mnt_opts, ','); if (opts) @@ -388,20 +387,28 @@ int aufs_mkdir(const struct mntent *mntent, const struct lxc_rootfs *rootfs, if (!upperdir) goto err; - ret = snprintf(lxcpath, MAXPATHLEN, "%s/%s", lxc_path, lxc_name); - if (ret < 0 || ret >= MAXPATHLEN) - goto err; + if (rootfs_path) { + ret = snprintf(lxcpath, MAXPATHLEN, "%s/%s", lxc_path, lxc_name); + if (ret < 0 || ret >= MAXPATHLEN) + goto err; - rootfsdir = aufs_get_rootfs(rootfs->path, &rootfslen); - if (!rootfsdir) - goto err; + rootfsdir = aufs_get_rootfs(rootfs->path, &rootfslen); + if (!rootfsdir) + goto err; + } - /* We neither allow users to create upperdirs outside the containerdir - * nor inside the rootfs. The latter might be debatable. */ - if ((strncmp(upperdir, lxcpath, strlen(lxcpath)) == 0) && (strncmp(upperdir, rootfsdir, rootfslen) != 0)) - if (mkdir_p(upperdir, 0755) < 0) { - WARN("Failed to create upperdir"); - } + /* + * We neither allow users to create upperdirs and workdirs outside the + * containerdir nor inside the rootfs. The latter might be debatable. + * When we have a container without a rootfs we skip the checks. + */ + ret = 0; + if (!rootfs_path) + ret = mkdir_p(upperdir, 0755); + else if ((strncmp(upperdir, lxcpath, strlen(lxcpath)) == 0) && (strncmp(upperdir, rootfsdir, rootfslen) != 0)) + ret = mkdir_p(upperdir, 0755); + if (ret < 0) + WARN("Failed to create upperdir"); fret = 0; diff --git a/src/lxc/bdev/lxcaufs.h b/src/lxc/bdev/lxcaufs.h index 4746980db..fa623f712 100644 --- a/src/lxc/bdev/lxcaufs.h +++ b/src/lxc/bdev/lxcaufs.h @@ -42,6 +42,9 @@ struct bdev_specs; /* defined conf.h */ struct lxc_conf; +/* defined in conf.h */ +struct lxc_rootfs; + /* * Functions associated with an aufs bdev struct. */ diff --git a/src/lxc/bdev/lxcoverlay.c b/src/lxc/bdev/lxcoverlay.c index d18f062a0..86181d92f 100644 --- a/src/lxc/bdev/lxcoverlay.c +++ b/src/lxc/bdev/lxcoverlay.c @@ -477,6 +477,7 @@ int ovl_mkdir(const struct mntent *mntent, const struct lxc_rootfs *rootfs, const char *lxc_name, const char *lxc_path) { char lxcpath[MAXPATHLEN]; + char *rootfs_path = NULL; char *rootfsdir = NULL; char *upperdir = NULL; char *workdir = NULL; @@ -489,11 +490,9 @@ int ovl_mkdir(const struct mntent *mntent, const struct lxc_rootfs *rootfs, size_t len = 0; size_t rootfslen = 0; - /* Since we use all of these to check whether the user has given us a - * sane absolute path to create the directories needed for overlay - * lxc.mount.entry entries we consider any of these missing fatal. */ - if (!rootfs || !rootfs->path || !lxc_name || !lxc_path) - goto err; + /* When rootfs == NULL we have a container without a rootfs. */ + if (rootfs && rootfs->path) + rootfs_path = rootfs->path; opts = lxc_string_split(mntent->mnt_opts, ','); if (opts) @@ -508,31 +507,42 @@ int ovl_mkdir(const struct mntent *mntent, const struct lxc_rootfs *rootfs, workdir = opts[i] + len; } - ret = snprintf(lxcpath, MAXPATHLEN, "%s/%s", lxc_path, lxc_name); - if (ret < 0 || ret >= MAXPATHLEN) - goto err; + if (rootfs_path) { + ret = snprintf(lxcpath, MAXPATHLEN, "%s/%s", lxc_path, lxc_name); + if (ret < 0 || ret >= MAXPATHLEN) + goto err; - rootfsdir = ovl_get_rootfs(rootfs->path, &rootfslen); - if (!rootfsdir) - goto err; + rootfsdir = ovl_get_rootfs(rootfs_path, &rootfslen); + if (!rootfsdir) + goto err; - dirlen = strlen(lxcpath); + dirlen = strlen(lxcpath); + } /* * We neither allow users to create upperdirs and workdirs outside the * containerdir nor inside the rootfs. The latter might be debatable. + * When we have a container without a rootfs we skip the checks. */ - if (upperdir) - if ((strncmp(upperdir, lxcpath, dirlen) == 0) && (strncmp(upperdir, rootfsdir, rootfslen) != 0)) - if (mkdir_p(upperdir, 0755) < 0) { - WARN("Failed to create upperdir"); - } + ret = 0; + if (upperdir) { + if (!rootfs_path) + ret = mkdir_p(upperdir, 0755); + else if ((strncmp(upperdir, lxcpath, dirlen) == 0) && (strncmp(upperdir, rootfsdir, rootfslen) != 0)) + ret = mkdir_p(upperdir, 0755); + if (ret < 0) + WARN("Failed to create upperdir"); + } - if (workdir) - if ((strncmp(workdir, lxcpath, dirlen) == 0) && (strncmp(workdir, rootfsdir, rootfslen) != 0)) - if (mkdir_p(workdir, 0755) < 0) { - WARN("Failed to create workdir"); - } + ret = 0; + if (workdir) { + if (!rootfs_path) + ret = mkdir_p(workdir, 0755); + else if ((strncmp(workdir, lxcpath, dirlen) == 0) && (strncmp(workdir, rootfsdir, rootfslen) != 0)) + ret = mkdir_p(workdir, 0755); + if (ret < 0) + WARN("Failed to create workdir"); + } fret = 0; diff --git a/src/lxc/conf.c b/src/lxc/conf.c index aa18f8889..56dd467b7 100644 --- a/src/lxc/conf.c +++ b/src/lxc/conf.c @@ -1145,7 +1145,7 @@ static int fill_autodev(const struct lxc_rootfs *rootfs) return -1; } - if (!dir_exists(path)) // ignore, just don't try to fill in + if (!dir_exists(path)) // ignore, just don't try to fill in return 0; INFO("Populating container /dev");