In the netns_switch() function, the original code attempts to unmount
the /sys filesystem and mount it again when switching network
namespaces. This has been causing issues with the filesystems mounted
beneath /sys, particularly /sys/fs/cgroup, which are not being mounted
within network namespaces created by ip-netns(8).
To resolve this issue, I have removed the calls to umount2() and mount()
related to the /sys filesystem in the function. This change ensures that
the /sys hierarchy remains intact within network namespaces, and the
reported bug should be resolved. Here is the updated function, which no
longer unmounts and mounts /sys:
int netns_switch(char *name)
{
char net_path[PATH_MAX];
int netns;
snprintf(net_path, sizeof(net_path), "%s/%s", NETNS_RUN_DIR, name);
netns = open(net_path, O_RDONLY | O_CLOEXEC);
if (netns < 0) {
fprintf(stderr, "Cannot open network namespace \"%s\": %s\n",
name, strerror(errno));
return -1;
}
if (setns(netns, CLONE_NEWNET) < 0) {
fprintf(stderr, "setting the network namespace \"%s\" failed:
%s\n",
name, strerror(errno));
close(netns);
return -1;
}
close(netns);
if (unshare(CLONE_NEWNS) < 0) {
fprintf(stderr, "unshare failed: %s\n", strerror(errno));
return -1;
}
/* Don't let any mounts propagate back to the parent */
if (mount("", "/", "none", MS_SLAVE | MS_REC, NULL)) {
fprintf(stderr, "\"mount --make-rslave /\" failed: %s\n",
strerror(errno));
return -1;
}
/* Setup bind mounts for config files in /etc */
bind_etc(name);
return 0;
}
This modification should address the bug and maintain the proper mounting of
filesystems under /sys within network namespaces.
** Changed in: iproute2 (Ubuntu)
Assignee: (unassigned) => Bilal Khan (ibilalkayy)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to iproute2 in Ubuntu.
Matching subscriptions: iproute2
https://bugs.launchpad.net/bugs/1870554
Title:
ip-netns(8) unmounts /sys filesystem hierarchy within namespace
Status in iproute2 package in Ubuntu:
New
Bug description:
Filesystems ordinarily mounted beneath /sys, particularly /sys/fs/cgroup, are
not mounted within network namespaces created by ip-netns(8), as
lib/namespace.c:netns_switch() explicitly remounts /sys.
The patch enclosed removes the offending calls to umount2(2) and mount(2),
leaving the /sys hierarchy intact within network namespaces.
$ lsb_release -rd
Description: Ubuntu 18.04.4 LTS
Release: 18.04
$ apt-cache policy iproute2
iproute2:
Installed: 4.15.0-2ubuntu1
Candidate: 4.15.0-2ubuntu1
Version table:
*** 4.15.0-2ubuntu1 500
500 http://fr2.archive.ubuntu.com/ubuntu bionic/main amd64 Packages
100 /var/lib/dpkg/status
Nota bene: this bug was reported in [1] (unresolved) and, on Arch
Linux, [2].
References:
[1] https://answers.launchpad.net/ubuntu/+source/iproute2/+question/659146
[2] https://bugs.archlinux.org/task/33328
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/iproute2/+bug/1870554/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
