Skip to content

L
lxc
Unverified Commit 643b9674 by Christian Brauner
Options

cgfsng: mount_cgroup_full()

Signed-off-by: 's avatarChristian Brauner <christian.brauner@ubuntu.com>
parent f73fcbf9
Showing with 26 additions and 17 deletions
src/lxc/cgroups/cgfsng.c
...@@ -1971,42 +1971,51 @@ static bool cgfsng_chown(void *hdata, struct lxc_conf *conf) ...@@ -1971,42 +1971,51 @@ static bool cgfsng_chown(void *hdata, struct lxc_conf *conf)
return true; return true;
} }
/* /* We've safe-mounted a tmpfs as parent, so we don't need to protect against
* We've safe-mounted a tmpfs as parent, so we don't need to protect against * symlinks any more - just use mount.
* symlinks any more - just use mount *
* mount cgroup-full if requested
*/ */
/* mount cgroup-full if requested */
static int mount_cgroup_full(int type, struct hierarchy *h, char *dest, static int mount_cgroup_full(int type, struct hierarchy *h, char *dest,
char *container_cgroup) char *container_cgroup)
{ {
int ret;
char *rwpath, *source;
if (type < LXC_AUTO_CGROUP_FULL_RO || type > LXC_AUTO_CGROUP_FULL_MIXED) if (type < LXC_AUTO_CGROUP_FULL_RO || type > LXC_AUTO_CGROUP_FULL_MIXED)
return 0; return 0;
if (mount(h->mountpoint, dest, "cgroup", MS_BIND, NULL) < 0) {
SYSERROR("Error bind-mounting %s cgroup onto %s", h->mountpoint, ret = mount(h->mountpoint, dest, "cgroup", MS_BIND, NULL);
dest); if (ret < 0) {
SYSERROR("Failed to bind mount cgroup \"%s\" onto \"%s\"",
h->mountpoint, dest);
return -1; return -1;
} }
if (type != LXC_AUTO_CGROUP_FULL_RW) { if (type != LXC_AUTO_CGROUP_FULL_RW) {
unsigned long flags = MS_BIND | MS_NOSUID | MS_NOEXEC | MS_NODEV | unsigned long flags = MS_BIND | MS_NOSUID | MS_NOEXEC | MS_NODEV |
MS_REMOUNT | MS_RDONLY; MS_REMOUNT | MS_RDONLY;
if (mount(NULL, dest, "cgroup", flags, NULL) < 0) {
SYSERROR("Error remounting %s readonly", dest); ret = mount(NULL, dest, "cgroup", flags, NULL);
if (ret < 0) {
SYSERROR("Failed to remount cgroup \"%s\" read-only", dest);
return -1; return -1;
} }
} }
INFO("Bind mounted %s onto %s", h->mountpoint, dest); INFO("Bind mounted \"%s\" onto \"%s\"", h->mountpoint, dest);
if (type != LXC_AUTO_CGROUP_FULL_MIXED) if (type != LXC_AUTO_CGROUP_FULL_MIXED)
return 0; return 0;
/* mount just the container path rw */ /* mount just the container path rw */
char *source = must_make_path(h->mountpoint, h->base_cgroup, container_cgroup, NULL); source = must_make_path(h->mountpoint, h->base_cgroup, container_cgroup, NULL);
char *rwpath = must_make_path(dest, h->base_cgroup, container_cgroup, NULL); rwpath = must_make_path(dest, h->base_cgroup, container_cgroup, NULL);
if (mount(source, rwpath, "cgroup", MS_BIND, NULL) < 0) ret = mount(source, rwpath, "cgroup", MS_BIND, NULL);
WARN("Failed to mount %s read-write: %s", rwpath, if (ret < 0)
strerror(errno)); WARN("%s - Failed to mount cgroup \"%s\" read-write",
INFO("Made %s read-write", rwpath); strerror(errno), rwpath);
TRACE("Mounted cgroup \"%s\" read-write", rwpath);
free(rwpath); free(rwpath);
free(source); free(source);
return 0; return 0;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment