Skip to content

L
lxc
Commit bc6928ff by Michael H. Warfield Committed by Serge Hallyn
Options

Setup devtmpfs and /dev for autodev bind mounts.

If autodev is not specifically set to 0 or 1, attempts to determine if systemd is being utilized and forces autodev=1 to prevent host system conflicts and collisions. If autodev is enabled and the host /dev is mounted with devtmpfs or /dev/.lxc is mounted with another file system... Each container created by a privileged user gets a /dev directory mapped off the host /dev here: /dev/.lxc/${name}.$( hash $lxcpath/$name ) Each container created by a non-privileged user gets a /dev/directory mapped off the host /dev here: /dev/.lxc/user/${name}.$( hash $lxcpath/$name ) The /dev/.lxc/user is mode 1777 to allow unpriv access. The /dev/.lxc/{containerdev} is bind mounted into the container /dev. Fallback on failure is to mount tmpfs into the container /dev. A symlink is created from $lxcpath/$name/rootfs.dev back to the /dev relative directory to provid a code consistent reference for updating container devs. Signed-off-by: 's avatarMichael H. Warfield <mhw@WittsEnd.com> Signed-off-by: 's avatarSerge Hallyn <serge.hallyn@ubuntu.com>
parent 4d69b293
Showing with 4 additions and 2 deletions
src/lxc/conf.h
...@@ -356,7 +356,9 @@ extern int lxc_clear_hooks(struct lxc_conf *c, const char *key); ...@@ -356,7 +356,9 @@ extern int lxc_clear_hooks(struct lxc_conf *c, const char *key);
struct cgroup_process_info; struct cgroup_process_info;
extern int lxc_setup(const char *name, struct lxc_conf *lxc_conf, extern int lxc_setup(const char *name, struct lxc_conf *lxc_conf,
const char *lxcpath, struct cgroup_process_info *cgroup_info); const char *lxcpath,
struct cgroup_process_info *cgroup_info,
void *data);
extern void lxc_rename_phys_nics_on_shutdown(struct lxc_conf *conf); extern void lxc_rename_phys_nics_on_shutdown(struct lxc_conf *conf);
......
src/lxc/start.c
...@@ -553,7 +553,7 @@ static int do_start(void *data) ...@@ -553,7 +553,7 @@ static int do_start(void *data)
#endif #endif
/* Setup the container, ip, names, utsname, ... */ /* Setup the container, ip, names, utsname, ... */
if (lxc_setup(handler->name, handler->conf, handler->lxcpath, handler->cgroup)) { if (lxc_setup(handler->name, handler->conf, handler->lxcpath, handler->cgroup, handler->data) ){
ERROR("failed to setup the container"); ERROR("failed to setup the container");
goto out_warn_father; goto out_warn_father;
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment