25.11.2010 15:53, Daniel Lezcano wrote:
> On 11/23/2010 07:50 PM, Michael Tokarev wrote:
>> 23.11.2010 13:25, Michael Tokarev wrote:
>>
>>> Hello again.
>>>
>>> I asked this question before, but got no (satisfactory)
>>> answer. So here it goes again.
>>>
>>> Why not chdir into the root of container right when
>>> the root filesystem is (bind-)mounted, and let all
>>> mount entries to be relative to the container root?
>>>
>>> Even more, to warn if lxc.mount[.entry] contains
>>> absolute path for the destination directory (or a
>>> variation of this, absolute and does not start with
>>> container root mount point)?
>>>
>>> This way, all mounts will look much more sane, and
>>> it will be much easier to move/clone containers -
>>> by changing only lxc.rootfs.
>>>
>>> I can easily cook a patch for that (it's trivial),
>>> but I want to hear any disagreements before ;)
>>>
>>> I do it this way locally since the beginning, by
>>> chdir'ing to the proper directory (rootfs) before
>>> running lxc-start (in a startup script), but this
>>> is now broken in 0.7.3 which bind-mounts rootfs
>>> somewhere in /usr/lib/lxc.
>>>
>> I looked into the code and it turned out to be easier
>> than I thought. Something like the attached. It
>> just qualifies the relative paths found in mount
>> entries with rootfs->mount, as all other places
>> (/dev processing etc) does.
>>
>> Just in case,
>>
>> Signed-Off-By: Michael Tokarev<m...@tls.msk.ru>
>
> What happens if there is no rootfs specified in the configuration file ?
Yes good question. Attached is the updated patch that
has 2 codepaths - when root is separate or system.
Compile-tested only for now, I'll do some testing tomorrow.
Signed-Off-By: Michael Tokarev<m...@tls.msk.ru>
/mjt
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index ee5acd0..a21891a 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -915,12 +915,14 @@ static int parse_mntopts(struct mntent *mntent, unsigned long *mntflags,
return 0;
}
-static int mount_file_entries(FILE *file)
+static int mount_file_entries(const struct lxc_rootfs *rootfs, FILE *file)
{
struct mntent *mntent;
int ret = -1;
unsigned long mntflags;
char *mntdata;
+ char path[MAXPATHLEN];
+ const char *mntdir, *mntroot;
while ((mntent = getmntent(file))) {
@@ -932,7 +934,34 @@ static int mount_file_entries(FILE *file)
goto out;
}
- if (mount(mntent->mnt_fsname, mntent->mnt_dir,
+ /* now figure out where to mount it to. */
+ mntdir = mntent->mnt_dir;
+ mntroot = NULL;
+ if (!rootfs->path) {
+ /* if we use system root fs,
+ * the mount is relative to / and can be absolute */
+ if (mntdir[0] != '/')
+ mntroot = ""; /* this is "/" */
+ }
+ else {
+ /* else we have a separate root, mounts are
+ * relative to it, and absolute paths are risky */
+ if (mntdir[0] != '/')
+ /* relative too root mount point */
+ mntroot = rootfs->mount;
+ else if (strncmp(mntdir, rootfs->mount, strlen(rootfs->mount)))
+ WARN("mount target directory '%s' is outside container root",
+ mntdir);
+ else
+ WARN("mount target directory '%s' is not relative to container root",
+ mntdir);
+ }
+ if (mntroot) {
+ /* make it relative to mntroot */
+ snprintf(path, sizeof(path), "%s/%s", mntroot, mntdir);
+ mntdir = path;
+ }
+ if (mount(mntent->mnt_fsname, mntdir,
mntent->mnt_type, mntflags & ~MS_REMOUNT, mntdata)) {
SYSERROR("failed to mount '%s' on '%s'",
mntent->mnt_fsname, mntent->mnt_dir);
@@ -968,7 +997,7 @@ out:
return ret;
}
-static int setup_mount(const char *fstab)
+static int setup_mount(const struct lxc_rootfs *rootfs, const char *fstab)
{
FILE *file;
int ret;
@@ -982,13 +1011,13 @@ static int setup_mount(const char *fstab)
return -1;
}
- ret = mount_file_entries(file);
+ ret = mount_file_entries(rootfs, file);
endmntent(file);
return ret;
}
-static int setup_mount_entries(struct lxc_list *mount)
+static int setup_mount_entries(const struct lxc_rootfs *rootfs, struct lxc_list *mount)
{
FILE *file;
struct lxc_list *iterator;
@@ -1008,7 +1037,7 @@ static int setup_mount_entries(struct lxc_list *mount)
rewind(file);
- ret = mount_file_entries(file);
+ ret = mount_file_entries(rootfs, file);
fclose(file);
return ret;
@@ -1612,12 +1641,12 @@ int lxc_setup(const char *name, struct lxc_conf *lxc_conf)
return -1;
}
- if (setup_mount(lxc_conf->fstab)) {
+ if (setup_mount(&lxc_conf->rootfs, lxc_conf->fstab)) {
ERROR("failed to setup the mounts for '%s'", name);
return -1;
}
- if (setup_mount_entries(&lxc_conf->mount_list)) {
+ if (setup_mount_entries(&lxc_conf->rootfs, &lxc_conf->mount_list)) {
ERROR("failed to setup the mount entries for '%s'", name);
return -1;
}
------------------------------------------------------------------------------
Increase Visibility of Your 3D Game App & Earn a Chance To Win $500!
Tap into the largest installed PC base & get more eyes on your game by
optimizing for Intel(R) Graphics Technology. Get started today with the
Intel(R) Software Partner Program. Five $500 cash prizes are up for grabs.
http://p.sf.net/sfu/intelisp-dev2dev
_______________________________________________
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
