Re: [libvirt] [PATCH 1/2] LXC: fix the problem that libvirt lxc fail to start on latest kernel
On Tue, Nov 19, 2013 at 05:53:20PM +0800, Gao feng wrote:
After kernel commit 5ff9d8a65ce80efb509ce4e8051394e9ed2cd942
vfs: Lock in place mounts from more privileged users,
unprivileged user has no rights to move the mounts that
inherited from parent mountns. we use this feature to move
the /stateDir/domain-name.{dev, devpts} to the /dev/ and
/dev/pts directroy of container. this commit breaks libvirt lxc.
this patch do the moving on host side, we are privileged user
at this moment.
Signed-off-by: Gao feng <gaofeng(a)cn.fujitsu.com>
---
src/lxc/lxc_container.c | 81 +-----------------------------------------------
src/lxc/lxc_controller.c | 53 +++++++++++++++++++++++++++++++
2 files changed, 54 insertions(+), 80 deletions(-)
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index 2bdf957..61283e4 100644
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -953,76 +953,6 @@ static int lxcContainerMountProcFuse(virDomainDefPtr def
ATTRIBUTE_UNUSED,
}
#endif
-static int lxcContainerMountFSDev(virDomainDefPtr def,
- const char *stateDir)
-{
- int ret = -1;
- char *path = NULL;
-
- VIR_DEBUG("Mount /dev/ stateDir=%s", stateDir);
-
- if ((ret = virAsprintf(&path, "/.oldroot/%s/%s.dev",
- stateDir, def->name)) < 0)
- return ret;
-
- if (virFileMakePath("/dev") < 0) {
- virReportSystemError(errno, "%s",
- _("Cannot create /dev"));
- goto cleanup;
- }
-
- VIR_DEBUG("Trying to move %s to /dev", path);
-
- if (mount(path, "/dev", NULL, MS_MOVE, NULL) < 0) {
I wonder if we used MS_BIND instead of MS_MOVE would we avoid the
problem completely, and thus not need to move this code around ?
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|