conf: don't unmount procfs and sysfs

Fixes: #3838 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: don't unmount procfs and sysfs
f6c5aab0 · Christian Brauner · 89606dfb · f6c5aab0
Unverified Commit f6c5aab0 authored May 12, 2021 by Christian Brauner
Show whitespace changes
Inline Side-by-side

Showing with 12 additions and 0 deletions

conf.c src/lxc/conf.c +12 -0

No files found.
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -717,6 +717,11 @@ static int lxc_mount_auto_mounts(struct lxc_handler *handler, int flags)
        bool has_cap_net_admin;
        if (flags & LXC_AUTO_PROC_MASK) {
+		if (rootfs->path) {
+			/*
+			 * Only unmount procfs if we have a separate rootfs so
+			 * we can still access it in safe_mount() below.
+			 */
 			ret = strnprintf(rootfs->buf, sizeof(rootfs->buf), "%s/proc",
 					rootfs->path ? rootfs->mount : "");
 			if (ret < 0)
@@ -725,6 +730,7 @@ static int lxc_mount_auto_mounts(struct lxc_handler *handler, int flags)
 			ret = umount2(rootfs->buf, MNT_DETACH);
 			if (ret)
 				SYSDEBUG("Tried to ensure procfs is unmounted");
+		}
 		ret = mkdirat(rootfs->dfd_mnt, "proc" , S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH);
 		if (ret < 0 && errno != EEXIST)
@@ -732,6 +738,11 @@ static int lxc_mount_auto_mounts(struct lxc_handler *handler, int flags)
 	}
 	if (flags & LXC_AUTO_SYS_MASK) {
+		if (rootfs->path) {
+			/*
+			 * Only unmount sysfs if we have a separate rootfs so
+			 * we can still access it in safe_mount() below.
+			 */
 			ret = strnprintf(rootfs->buf, sizeof(rootfs->buf), "%s/sys",
 					rootfs->path ? rootfs->mount : "");
 			if (ret < 0)
@@ -740,6 +751,7 @@ static int lxc_mount_auto_mounts(struct lxc_handler *handler, int flags)
 			ret = umount2(rootfs->buf, MNT_DETACH);
 			if (ret)
 				SYSDEBUG("Tried to ensure sysfs is unmounted");
+		}
 		ret = mkdirat(rootfs->dfd_mnt, "sys" , S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH);
 		if (ret < 0 && errno != EEXIST)