1. Update templates to use relative paths when creating containers. 2. Allow lxc.mount.entry to specify an absolute target path relative to /var/lib/lxc/CN/rootfs, even if rootfs is a blockdev. Otherwise all such entries are ignored for blockdev-backed containers.
Arguably (1) isn't needed given (2), but it does make for more readable and easier to copy configs. Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/960860 Signed-off-by: Serge Hallyn <serge.hal...@canonical.com> -- src/lxc/conf.c | 48 ++++++++++++++++++++++++++++++++---------- templates/lxc-debian.in | 6 ++--- templates/lxc-fedora.in | 4 +-- templates/lxc-lenny.in | 4 +-- templates/lxc-opensuse.in | 4 +-- templates/lxc-sshd.in | 18 +++++++-------- templates/lxc-ubuntu-cloud.in | 4 +-- templates/lxc-ubuntu.in | 6 ++--- 8 files changed, 60 insertions(+), 34 deletions(-) Index: lxc-shutdownv2/templates/lxc-debian.in =================================================================== --- lxc-shutdownv2.orig/templates/lxc-debian.in 2012-03-21 08:19:26.959577521 -0500 +++ lxc-shutdownv2/templates/lxc-debian.in 2012-03-21 08:20:00.827745468 -0500 @@ -258,9 +258,9 @@ #lxc.cgroup.memory.memsw.limit_in_bytes = 1G ## Filesystem -lxc.mount.entry = proc $rootfs/proc proc nodev,noexec,nosuid 0 0 -lxc.mount.entry = sysfs $rootfs/sys sysfs defaults,ro 0 0 -#lxc.mount.entry = /srv/$name $rootfs/srv/$name none defaults,bind 0 0 +lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0 +lxc.mount.entry = sysfs sys sysfs defaults,ro 0 0 +#lxc.mount.entry = /srv/$name srv/$name none defaults,bind 0 0 EOF if [ $? -ne 0 ]; then Index: lxc-shutdownv2/templates/lxc-fedora.in =================================================================== --- lxc-shutdownv2.orig/templates/lxc-fedora.in 2012-03-21 08:19:26.895577207 -0500 +++ lxc-shutdownv2/templates/lxc-fedora.in 2012-03-21 08:20:00.827745468 -0500 @@ -257,8 +257,8 @@ EOF cat <<EOF > $config_path/fstab -proc $rootfs_path/proc proc nodev,noexec,nosuid 0 0 -sysfs $rootfs_path/sys sysfs defaults 0 0 +proc proc proc nodev,noexec,nosuid 0 0 +sysfs sys sysfs defaults 0 0 EOF if [ $? -ne 0 ]; then echo "Failed to add configuration" Index: lxc-shutdownv2/templates/lxc-lenny.in =================================================================== --- lxc-shutdownv2.orig/templates/lxc-lenny.in 2012-03-21 08:19:26.987577660 -0500 +++ lxc-shutdownv2/templates/lxc-lenny.in 2012-03-21 08:20:00.831745492 -0500 @@ -200,8 +200,8 @@ lxc.cgroup.devices.allow = c 254:0 rwm # mounts point -lxc.mount.entry=proc $rootfs/proc proc nodev,noexec,nosuid 0 0 -lxc.mount.entry=sysfs $rootfs/sys sysfs defaults 0 0 +lxc.mount.entry=proc proc proc nodev,noexec,nosuid 0 0 +lxc.mount.entry=sysfs sys sysfs defaults 0 0 EOF if [ $? -ne 0 ]; then Index: lxc-shutdownv2/templates/lxc-opensuse.in =================================================================== --- lxc-shutdownv2.orig/templates/lxc-opensuse.in 2012-03-21 08:19:26.867577067 -0500 +++ lxc-shutdownv2/templates/lxc-opensuse.in 2012-03-21 08:20:00.831745492 -0500 @@ -260,8 +260,8 @@ EOF cat <<EOF > $path/fstab -proc $rootfs/proc proc nodev,noexec,nosuid 0 0 -sysfs $rootfs/sys sysfs defaults 0 0 +proc proc proc nodev,noexec,nosuid 0 0 +sysfs sys sysfs defaults 0 0 EOF if [ $? -ne 0 ]; then Index: lxc-shutdownv2/templates/lxc-sshd.in =================================================================== --- lxc-shutdownv2.orig/templates/lxc-sshd.in 2012-03-21 08:19:27.055578004 -0500 +++ lxc-shutdownv2/templates/lxc-sshd.in 2012-03-21 08:20:00.851745584 -0500 @@ -113,14 +113,14 @@ lxc.utsname = $name lxc.pts = 1024 lxc.rootfs = $rootfs -lxc.mount.entry=/dev $rootfs/dev none ro,bind 0 0 -lxc.mount.entry=/lib $rootfs/lib none ro,bind 0 0 -lxc.mount.entry=/bin $rootfs/bin none ro,bind 0 0 -lxc.mount.entry=/usr /$rootfs/usr none ro,bind 0 0 -lxc.mount.entry=/sbin $rootfs/sbin none ro,bind 0 0 -lxc.mount.entry=tmpfs $rootfs/var/run/sshd tmpfs mode=0644 0 0 -lxc.mount.entry=@LXCTEMPLATEDIR@/lxc-sshd $rootfs/sbin/init none bind 0 0 -lxc.mount.entry=proc $rootfs/proc proc nodev,noexec,nosuid 0 0 +lxc.mount.entry=/dev dev none ro,bind 0 0 +lxc.mount.entry=/lib lib none ro,bind 0 0 +lxc.mount.entry=/bin bin none ro,bind 0 0 +lxc.mount.entry=/usr usr none ro,bind 0 0 +lxc.mount.entry=/sbin sbin none ro,bind 0 0 +lxc.mount.entry=tmpfs var/run/sshd tmpfs mode=0644 0 0 +lxc.mount.entry=@LXCTEMPLATEDIR@/lxc-sshd sbin/init none bind 0 0 +lxc.mount.entry=proc proc proc nodev,noexec,nosuid 0 0 EOF # if no .ipv4 section in config, then have the container run dhcp @@ -128,7 +128,7 @@ if [ "$(uname -m)" = "x86_64" ]; then cat <<EOF >> $path/config -lxc.mount.entry=/lib64 $rootfs/lib64 none ro,bind 0 0 +lxc.mount.entry=/lib64 lib64 none ro,bind 0 0 EOF fi } Index: lxc-shutdownv2/templates/lxc-ubuntu-cloud.in =================================================================== --- lxc-shutdownv2.orig/templates/lxc-ubuntu-cloud.in 2012-03-21 08:19:26.835576913 -0500 +++ lxc-shutdownv2/templates/lxc-ubuntu-cloud.in 2012-03-21 08:20:00.851745584 -0500 @@ -87,8 +87,8 @@ EOF cat <<EOF > $path/fstab -proc $rootfs/proc proc nodev,noexec,nosuid 0 0 -sysfs $rootfs/sys sysfs defaults 0 0 +proc proc proc nodev,noexec,nosuid 0 0 +sysfs sys sysfs defaults 0 0 EOF return 0 Index: lxc-shutdownv2/templates/lxc-ubuntu.in =================================================================== --- lxc-shutdownv2.orig/templates/lxc-ubuntu.in 2012-03-21 08:19:27.015577799 -0500 +++ lxc-shutdownv2/templates/lxc-ubuntu.in 2012-03-21 08:20:00.851745584 -0500 @@ -338,8 +338,8 @@ EOF cat <<EOF > $path/fstab -proc $rootfs/proc proc nodev,noexec,nosuid 0 0 -sysfs $rootfs/sys sysfs defaults 0 0 +proc proc proc nodev,noexec,nosuid 0 0 +sysfs sys sysfs defaults 0 0 EOF if [ $? -ne 0 ]; then @@ -515,7 +515,7 @@ # bind-mount the user's path into the container's /home h=`getent passwd $user | cut -d: -f 6` mkdir -p $rootfs/$h - echo "$h $rootfs/$h none bind 0 0" >> $path/fstab + echo "$h $h none bind 0 0" >> $path/fstab # Make sure the group exists in container grp=`echo $pwd | cut -d: -f 4` # group number for $user Index: lxc-shutdownv2/src/lxc/conf.c =================================================================== --- lxc-shutdownv2.orig/src/lxc/conf.c 2012-03-19 16:04:26.457848571 -0500 +++ lxc-shutdownv2/src/lxc/conf.c 2012-03-21 09:17:52.988962983 -0500 @@ -1135,27 +1135,50 @@ } static int mount_entry_on_absolute_rootfs(struct mntent *mntent, - const struct lxc_rootfs *rootfs) + const struct lxc_rootfs *rootfs, + const char *lxc_name) { char *aux; char path[MAXPATHLEN]; unsigned long mntflags; char *mntdata; - int ret = 0; + int r, ret = 0, offset; if (parse_mntopts(mntent->mnt_opts, &mntflags, &mntdata) < 0) { ERROR("failed to parse mount option '%s'", mntent->mnt_opts); return -1; } + /* if rootfs->path is a blockdev path, allow container fstab to + * use /var/lib/lxc/CN/rootfs as the target prefix */ + r = snprintf(path, MAXPATHLEN, "/var/lib/lxc/%s/rootfs", lxc_name); + if (r < 0 || r >= MAXPATHLEN) + goto skipvarlib; + + aux = strstr(mntent->mnt_dir, path); + if (aux) { + offset = strlen(path); + goto skipabs; + } + +skipvarlib: aux = strstr(mntent->mnt_dir, rootfs->path); if (!aux) { WARN("ignoring mount point '%s'", mntent->mnt_dir); goto out; } + offset = strlen(rootfs->path); + +skipabs: snprintf(path, MAXPATHLEN, "%s/%s", rootfs->mount, - aux + strlen(rootfs->path)); + aux + offset); + if (r < 0 || r >= MAXPATHLEN) { + WARN("pathnme too long for '%s'", mntent->mnt_dir); + ret = -1; + goto out; + } + ret = mount_entry(mntent->mnt_fsname, path, mntent->mnt_type, mntflags, mntdata); @@ -1189,7 +1212,8 @@ return ret; } -static int mount_file_entries(const struct lxc_rootfs *rootfs, FILE *file) +static int mount_file_entries(const struct lxc_rootfs *rootfs, FILE *file, + const char *lxc_name) { struct mntent *mntent; int ret = -1; @@ -1210,7 +1234,7 @@ continue; } - if (mount_entry_on_absolute_rootfs(mntent, rootfs)) + if (mount_entry_on_absolute_rootfs(mntent, rootfs, lxc_name)) goto out; } @@ -1221,7 +1245,8 @@ return ret; } -static int setup_mount(const struct lxc_rootfs *rootfs, const char *fstab) +static int setup_mount(const struct lxc_rootfs *rootfs, const char *fstab, + const char *lxc_name) { FILE *file; int ret; @@ -1235,13 +1260,14 @@ return -1; } - ret = mount_file_entries(rootfs, file); + ret = mount_file_entries(rootfs, file, lxc_name); endmntent(file); return ret; } -static int setup_mount_entries(const struct lxc_rootfs *rootfs, struct lxc_list *mount) +static int setup_mount_entries(const struct lxc_rootfs *rootfs, struct lxc_list *mount, + const char *lxc_name) { FILE *file; struct lxc_list *iterator; @@ -1261,7 +1287,7 @@ rewind(file); - ret = mount_file_entries(rootfs, file); + ret = mount_file_entries(rootfs, file, lxc_name); fclose(file); return ret; @@ -1871,12 +1897,12 @@ return -1; } - if (setup_mount(&lxc_conf->rootfs, lxc_conf->fstab)) { + if (setup_mount(&lxc_conf->rootfs, lxc_conf->fstab, name)) { ERROR("failed to setup the mounts for '%s'", name); return -1; } - if (setup_mount_entries(&lxc_conf->rootfs, &lxc_conf->mount_list)) { + if (setup_mount_entries(&lxc_conf->rootfs, &lxc_conf->mount_list, name)) { ERROR("failed to setup the mount entries for '%s'", name); return -1; } ------------------------------------------------------------------------------ This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure _______________________________________________ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
