conf: fix setups where /dev is outside of LXC's control

Fixes: #3770 Suggested-by: Ruben Jenster <r.jenster@drachenfels.de> Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: fix setups where /dev is outside of LXC's control
cfc0a48e · Christian Brauner · 448462dd · cfc0a48e
Unverified Commit cfc0a48e authored Apr 06, 2021 by Christian Brauner
Show whitespace changes
Inline Side-by-side

Showing with 5 additions and 6 deletions

conf.c src/lxc/conf.c +5 -6

No files found.
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -3457,12 +3457,6 @@ int lxc_setup(struct lxc_handler *handler)
 			return log_error(-1, "Failed to mount \"/dev\"");
 	}
-	lxc_conf->rootfs.dfd_dev = open_at(lxc_conf->rootfs.dfd_mnt, "dev",
-					        PROTECT_OPATH_DIRECTORY,
-						PROTECT_LOOKUP_BENEATH_XDEV, 0);
-	if (lxc_conf->rootfs.dfd_dev < 0 && errno != ENOENT)
-		return log_error_errno(-errno, errno, "Failed to open \"/dev\"");
 	/* Do automatic mounts (mainly /proc and /sys), but exclude those that
 	 * need to wait until other stuff has finished.
 	 */
@@ -3481,6 +3475,11 @@ int lxc_setup(struct lxc_handler *handler)
 			return log_error(-1, "Failed to setup mount entries");
 	}
+	lxc_conf->rootfs.dfd_dev = open_at(lxc_conf->rootfs.dfd_mnt, "dev",
+					   PROTECT_OPATH_DIRECTORY, PROTECT_LOOKUP_BENEATH_XDEV, 0);
+	if (lxc_conf->rootfs.dfd_dev < 0 && errno != ENOENT)
+		return log_error_errno(-errno, errno, "Failed to open \"/dev\"");
 	if (lxc_conf->is_execute) {
 		if (execveat_supported()) {
 			int fd;