We actually need to update both lxc_conf->mount_list and lxc_conf->unexpanded_config to ensure that both are synchronized when we clone a container... Expanded patch will follow tonight or tomorrow...
On Oct 9, 2015 14:50, "Christian Brauner" <[email protected]> wrote: > > When using overlay and aufs mounts with lxc.mount.entry users have to specify > absolute paths for upperdir and workdir which will then get created > automatically by mount_entry_create_overlay_dirs() and > mount_entry_create_aufs_dirs() in conf.c. When we clone a container with > overlay or aufs lxc.mount.entry entries we need to update these absolute paths. > In order to do this we add the function update_union_mount_entry_paths() in > lxccontainer.c. The function operates on c->lxc_conf->unexpanded_config instead > of the intuitively plausible c->lxc_conf->mount_list because the latter also > contains mounts from other files as well as generic mounts. > > NOTE: This function does not sanitize paths apart from removing trailing > slashes. (So when a user specifies //home//someone/// it will be cleaned to > //home//someone. This is the minimal path cleansing which is also done by > lxc_container_new().) But the mount_entry_create_overlay_dirs() and > mount_entry_create_aufs_dirs() functions both try to be extremely strict about > when to create upperdirs and workdirs. They will only accept sanitized paths, > i.e. they require /home/someone. I think this is a (safety) virtue and we > should consider sanitizing paths in general. In short: > update_union_mount_entry_paths() does update all absolute paths to the new > container but mount_entry_create_overlay_dirs() and > mount_entry_create_aufs_dirs() will still refuse to create upperdir and workdir > when the updated path is unclean. This happens easily when e.g. a user calls > lxc-clone -o OLD -n NEW -P //home//chb///. > <snip>
_______________________________________________ lxc-devel mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-devel
