On 22 January 2015 at 13:51, Lennart Poettering <lenn...@poettering.net> wrote: > On Thu, 22.01.15 13:25, Alban Crequy (mua...@gmail.com) wrote: > >> From: Alban Crequy <al...@endocode.com> > > Hmm, I wonder if we can actually simplify this. IIRC the rules for > over-mounting are simpler than I thought initially: > > a) dirs can only over-mount dirs > > b) everything else can over-mount everything else > > With that in mind I think we can collapse this code to only have two > branches: one branch for the S_ISDIR() case, and another one that uses > touch() for everything else. > > Anychance you can simplify the patch like this? The benefit would be > that we can do without CAP_SYS_MKNOD for all of this. Also, your patch > woud then shorten the code, while adding a feature, not make it > longer!
The patch will be a bit longer because the file type checks in mount_binds() need to be updated. Otherwise, the second attempt of running nspawn would fail. I will send the patch v2 shortly. >> --- >> src/nspawn/nspawn.c | 7 +++++-- >> 1 file changed, 5 insertions(+), 2 deletions(-) >> >> diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c >> index 3fce3ad..db57b24 100644 >> --- a/src/nspawn/nspawn.c >> +++ b/src/nspawn/nspawn.c >> @@ -911,8 +911,7 @@ static int mount_binds(const char *dest, char **l, bool >> ro) { >> return -errno; >> } >> >> - /* Create the mount point, but be conservative -- refuse to >> create block >> - * and char devices. */ >> + /* Create the mount point */ >> if (S_ISDIR(source_st.st_mode)) { >> r = mkdir_label(where, 0755); >> if (r < 0 && errno != EEXIST) >> @@ -929,6 +928,10 @@ static int mount_binds(const char *dest, char **l, bool >> ro) { >> r = touch(where); >> if (r < 0) >> return log_error_errno(r, "Failed to create >> mount point %s: %m", where); >> + } else if (S_ISCHR(source_st.st_mode) || >> !S_ISBLK(source_st.st_mode)) { >> + r = mknod(where, source_st.st_mode, >> source_st.st_rdev) < 0; >> + if (r < 0 && errno != EEXIST) >> + return log_error_errno(errno, "Failed to >> create mount point %s: %m", where); >> } else { >> log_error("Refusing to create mountpoint for file: >> %s", *x); >> return -ENOTSUP; >> -- >> 2.1.4 >> >> _______________________________________________ >> systemd-devel mailing list >> systemd-devel@lists.freedesktop.org >> http://lists.freedesktop.org/mailman/listinfo/systemd-devel > > > Lennart > > -- > Lennart Poettering, Red Hat _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel