The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/6558
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
Adds `LXD_SHIFTFS_DISABLE` env var to allow shiftfs to be disabled at runtime to allow testing of traditional UID shifting on kernels with shiftfs support.
From cf4a59f1097729524c200732bd066e211b0885b6 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parr...@canonical.com>
Date: Thu, 5 Dec 2019 11:35:52 +0000
Subject: [PATCH 1/3] lxd/backup: Comment consistency
Signed-off-by: Thomas Parrott <thomas.parr...@canonical.com>
---
lxd/backup.go | 1 +
1 file changed, 1 insertion(+)
diff --git a/lxd/backup.go b/lxd/backup.go
index 15189bffd7..a01a9eb23f 100644
--- a/lxd/backup.go
+++ b/lxd/backup.go
@@ -63,6 +63,7 @@ func backupCreate(s *state.State, args db.InstanceBackupArgs,
sourceInst instanc
}
defer os.RemoveAll(tmpPath)
+ // Check if we can load new storage layer for pool driver type.
pool, err := storagePools.GetPoolByInstance(s, sourceInst)
if err != storageDrivers.ErrUnknownDriver && err !=
storageDrivers.ErrNotImplemented {
if err != nil {
From 3e7ea65dbd92539bc05cf95fed3dab330d18131e Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parr...@canonical.com>
Date: Thu, 5 Dec 2019 11:36:49 +0000
Subject: [PATCH 2/3] lxd/daemon: Adds LXD_SHIFTFS_DISABLE env var to disable
shiftfs
Useful when testing traditional UID shifting.
Signed-off-by: Thomas Parrott <thomas.parr...@canonical.com>
---
lxd/daemon.go | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/lxd/daemon.go b/lxd/daemon.go
index c5416d7dfc..5c1b92cf61 100644
--- a/lxd/daemon.go
+++ b/lxd/daemon.go
@@ -620,11 +620,16 @@ func (d *Daemon) init() error {
logger.Infof(" - unprivileged file capabilities: no")
}
- if util.HasFilesystem("shiftfs") || util.LoadModule("shiftfs") == nil {
- d.os.Shiftfs = true
- logger.Infof(" - shiftfs support: yes")
+ // Detect shiftfs support.
+ if shared.IsTrue(os.Getenv("LXD_SHIFTFS_DISABLE")) {
+ logger.Infof(" - shiftfs support: disabled")
} else {
- logger.Infof(" - shiftfs support: no")
+ if util.HasFilesystem("shiftfs") || util.LoadModule("shiftfs")
== nil {
+ d.os.Shiftfs = true
+ logger.Infof(" - shiftfs support: yes")
+ } else {
+ logger.Infof(" - shiftfs support: no")
+ }
}
// Detect LXC features
From 735e1bf4f5df8cd75557c7afdf365fc4500385bb Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parr...@canonical.com>
Date: Thu, 5 Dec 2019 11:38:48 +0000
Subject: [PATCH 3/3] doc/environment: Documents LXD_SHIFTFS_DISABLE env var
Signed-off-by: Thomas Parrott <thomas.parr...@canonical.com>
---
doc/environment.md | 1 +
1 file changed, 1 insertion(+)
diff --git a/doc/environment.md b/doc/environment.md
index 2925711467..88246c1890 100644
--- a/doc/environment.md
+++ b/doc/environment.md
@@ -28,3 +28,4 @@ Name | Description
`LXD_SECURITY_APPARMOR` | If set to `false`, forces AppArmor off
`LXD_UNPRIVILEGED_ONLY` | If set to `true`, enforces that only
unprivileged containers can be created. Note that any privileged containers
that have been created before setting LXD_UNPRIVILEGED_ONLY will continue to be
privileged. To use this option effectively it should be set when the LXD daemon
is first setup.
`LXD_OVMF_PATH` | Path to an OVMF build including
`OVMF_CODE.fd` and `OVMF_VARS.ms.fd`
+`LXD_SHIFTFS_DISABLE` | Disable shiftfs support (useful when testing
traditional UID shifting)
_______________________________________________
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
