looks like all the issues we talked about are fixed now :) nice work
Tested-by: Oguz Bektas <o.bek...@proxmox.com> On Wed, Nov 20, 2019 at 08:30:55AM +0100, Wolfgang Bumiller wrote: > Changes to v3: > * Change mount point staging directory from /run/pve/mountpoints to > /var/lib/lxc/.pve-staged-mounts due to allowed mount paths being > restricted by the lxc-start apparmor profile. > (Only affects path 8, the remaining patches are unchanged) > > Changes to v2: > * Factor `walk_tree_nofollow` to be usable with fds as starting point. > * Create destination directory entries (this was completely missing in > the staged code path api). > * Test for new kernel api with `move_mount` instead of `fsopen` since > we don't actually use `fsopen` currently. > * Factor out `mountpoint_insert_staged()` to be used from the pre-start > hook & hotplug code (this is where the directory tree creation was > added) > * Rename vmconfig_apply_pending_mountpoint to just apply_pending_mountpoint. > * Switch into the `/usr/bin/lxc-start` apparmor profile for mount point > hotplugging. (Otherwise hotplugging can potentially allow more options > than we can use later at a normal container startup.) > > Previous changes from v1 to v2: > * Add a helper to LXC::PVE::Tools to check for availability of the new > mount api (new patch 1), and use that in the prestart hook and mount > functions. > * Add a check to the mount hotplug code to not attempt to perform > hotplugging on older kernels. > > Wolfgang Bumiller (12): > tools: add can_use_new_mount_api helper > split walk_tree_nofollow to allow a start fd > implement "staged mountpoints" > add mountpoint_insert_staged helper > add open_pid_fd, open_lxc_pid, open_ppid helpers > split open_namespace out of enter_namespace > add get_container_namespace helper > add mount stage directory helpers > prestart-hook: use staged mountpoints on newer kernels > config: apply_pending_mountpoint helper > implement mountpoint hotplugging > use lxc-start apparmor profile for mount hotplugging > > src/PVE/LXC.pm | 233 +++++++++++++++++++++++++++++++++++--- > src/PVE/LXC/Config.pm | 94 ++++++++++----- > src/PVE/LXC/Tools.pm | 18 +++ > src/lxc-pve-prestart-hook | 78 +++++++++++-- > 4 files changed, 372 insertions(+), 51 deletions(-) > > -- > 2.20.1 > > > _______________________________________________ > pve-devel mailing list > pve-devel@pve.proxmox.com > https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel > _______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
