The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3476
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
Added remount of binded mounts with readonly mode if flag "readonly" is "true".
Signed-off-by: Denis Pynkin <denis.pyn...@collabora.com>
From f8f723da1e616d4884452f58a964935218486e27 Mon Sep 17 00:00:00 2001
From: Denis Pynkin <denis.pyn...@collabora.com>
Date: Sat, 1 Jul 2017 20:32:06 +0300
Subject: [PATCH] Fix readonly mode for directory mount
Added remount of binded mounts with readonly mode if flag "readonly" is "true".
Signed-off-by: Denis Pynkin <denis.pyn...@collabora.com>
---
lxd/devices.go | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/lxd/devices.go b/lxd/devices.go
index b15eedef3..7d65bfa1b 100644
--- a/lxd/devices.go
+++ b/lxd/devices.go
@@ -909,6 +909,14 @@ func deviceMountDisk(srcPath string, dstPath string,
readonly bool, recursive bo
return fmt.Errorf("Unable to mount %s at %s: %s", srcPath,
dstPath, err)
}
+ // Remount bind mounts in readonly mode if requested
+ if readonly == true && flags&syscall.MS_BIND == syscall.MS_BIND {
+ flags = syscall.MS_RDONLY | syscall.MS_BIND | syscall.MS_REMOUNT
+ if err = syscall.Mount("", dstPath, fstype, uintptr(flags),
""); err != nil {
+ return fmt.Errorf("Unable to mount %s in readonly mode:
%s", dstPath, err)
+ }
+ }
+
flags = syscall.MS_REC | syscall.MS_SLAVE
if err = syscall.Mount("", dstPath, "", uintptr(flags), ""); err != nil
{
return fmt.Errorf("unable to make mount %s private: %s",
dstPath, err)
_______________________________________________
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
