[lxc-devel] [lxd/master] lxd/daemon: Detect nodev and improve errors

Mon, 04 May 2020 20:48:19 -0700 

The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/7300

This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.

=== Description (from pull-request) ===
Closes #7291

Signed-off-by: Stéphane Graber <stgra...@ubuntu.com>

From 815e23b4fb13cdaa1b6b6026911aee54cb849bab Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgra...@ubuntu.com>
Date: Mon, 4 May 2020 23:46:54 -0400
Subject: [PATCH] lxd/daemon: Detect nodev and improve errors
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Closes #7291

Signed-off-by: Stéphane Graber <stgra...@ubuntu.com>
---
 lxd/daemon.go                   | 13 +++++++++++++
 lxd/device/device_utils_unix.go |  4 ++++
 lxd/sys/os.go                   |  1 +
 3 files changed, 18 insertions(+)

diff --git a/lxd/daemon.go b/lxd/daemon.go
index 4f26b29d93..9ea3732bfa 100644
--- a/lxd/daemon.go
+++ b/lxd/daemon.go
@@ -670,6 +670,19 @@ func (d *Daemon) init() error {
                d.os.LXCFeatures[extension] = liblxc.HasApiExtension(extension)
        }
 
+       // Validate the devices storage.
+       os.Remove(shared.VarPath("devices", ".test"))
+       devNum := int(unix.Mkdev(0, 0))
+       err = unix.Mknod(shared.VarPath("devices", ".test"), 0600|unix.S_IFCHR, 
devNum)
+       if err == nil {
+               fd, err := os.Open(shared.VarPath("devices", ".test"))
+               if err != nil && os.IsPermission(err) {
+                       logger.Warnf("Unable to access device nodes, LXD likely 
running on a nodev mount")
+                       d.os.Nodev = true
+               }
+               fd.Close()
+       }
+
        /* Initialize the database */
        dump, err := initializeDbObject(d)
        if err != nil {
diff --git a/lxd/device/device_utils_unix.go b/lxd/device/device_utils_unix.go
index 74302669e3..da711e6f01 100644
--- a/lxd/device/device_utils_unix.go
+++ b/lxd/device/device_utils_unix.go
@@ -195,6 +195,10 @@ func UnixDeviceCreate(s *state.State, idmapSet 
*idmap.IdmapSet, devicesPath stri
 
        // Create the new entry.
        if !s.OS.RunningInUserNS {
+               if s.OS.Nodev {
+                       return nil, fmt.Errorf("Can't create device as devices 
path is mounted nodev")
+               }
+
                devNum := int(unix.Mkdev(d.Major, d.Minor))
                err := unix.Mknod(devPath, uint32(d.Mode), devNum)
                if err != nil {
diff --git a/lxd/sys/os.go b/lxd/sys/os.go
index 4c7af7b6c8..8214a3b9ca 100644
--- a/lxd/sys/os.go
+++ b/lxd/sys/os.go
@@ -47,6 +47,7 @@ type OS struct {
        InotifyWatch    InotifyInfo
        LxcPath         string // Path to the $LXD_DIR/containers directory
        MockMode        bool   // If true some APIs will be mocked (for testing)
+       Nodev           bool
        RunningInUserNS bool
        UnprivUser      string
        UnprivUID       int

_______________________________________________
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel

Reply via email to