Re: [lxc-devel] [PATCH] lxc-busybox: check when bind-mounting host libdirs

Tue, 14 May 2013 08:32:17 -0700 

Quoting Bogdan Purcareata (bogdan.purcare...@freescale.com):
> The patch changes the busybox template behavior to automatically
> mount /lib and /usr/lib. In case one of these folders does not exist,
> starting the container will fail. Also, if there are other lib entries
> on the host - e.g. /usr/lib64 -  mount them as well.
> 
> Signed-off-by: Bogdan Purcareata <bogdan.purcare...@freescale.com>

Thanks.  You're right the first part should be dropped.  However
there's no need that I can see for the line you add.  The two

        lxc.mount.entry = /$dir $dir none ro,bind 0 0
and
        lxc.mount.entry = /$dir $rootfs/$dir none ro,bind 0 0

mean the same thing, with the first being preferred as it will work
if you (while high on $drug) decide to back it with a block device :)

Do you mind resending without that line (assuming you agree)?  I'll
then ack and push.

> ---
>  templates/lxc-busybox.in | 8 +-------
>  1 file changed, 1 insertion(+), 7 deletions(-)
> 
> diff --git a/templates/lxc-busybox.in b/templates/lxc-busybox.in
> index cb425ec..49effae 100644
> --- a/templates/lxc-busybox.in
> +++ b/templates/lxc-busybox.in
> @@ -240,13 +240,6 @@ lxc.pts = 1
>  #lxc.aa_profile = unconfined
>  EOF
>  
> -if [ -d "$rootfs/lib" ]; then
> -cat <<EOF >> $path/config
> -lxc.mount.entry = /lib $rootfs/lib none ro,bind 0 0
> -lxc.mount.entry = /usr/lib $rootfs/usr/lib none ro,bind 0 0
> -EOF
> -fi
> -
>      libdirs="\
>          lib \
>          usr/lib \
> @@ -255,6 +248,7 @@ fi
>  
>      for dir in $libdirs; do
>          if [ -d "/$dir" ] && [ -d "$rootfs/$dir" ]; then
> +            echo "lxc.mount.entry = /$dir $rootfs/$dir none ro,bind 0 0" >> 
> $path/config
>              echo "lxc.mount.entry = /$dir $dir none ro,bind 0 0" >> 
> $path/config
>          fi
>      done
> -- 
> 1.7.11.7
> 
> 
> 
> ------------------------------------------------------------------------------
> AlienVault Unified Security Management (USM) platform delivers complete
> security visibility with the essential security capabilities. Easily and
> efficiently configure, manage, and operate all of your security controls
> from a single console and one unified framework. Download a free trial.
> http://p.sf.net/sfu/alienvault_d2d
> _______________________________________________
> Lxc-devel mailing list
> Lxc-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/lxc-devel

------------------------------------------------------------------------------
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial.
http://p.sf.net/sfu/alienvault_d2d
_______________________________________________
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel

Reply via email to