Re: [libvirt] [PATCH] Add --disable-securityfs configure option
On Tue, Sep 24, 2013 at 10:28:23AM +0000, Purcareata Bogdan-B43198 wrote:
> -----Original Message-----
> From: Daniel P. Berrange [mailto:berrange@redhat.com]
> Sent: Tuesday, September 24, 2013 1:15 PM
> To: Purcareata Bogdan-B43198
> Cc: libvir-list(a)redhat.com
> Subject: Re: [libvirt] [PATCH] Add --disable-securityfs configure option
>
> On Tue, Sep 24, 2013 at 12:53:12PM +0300, Bogdan Purcareata wrote:
> > Securityfs is not enabled on all kernels running libvirt containers.
> > This patch introduces a configure option that can specify whether
> > containers should mount securityfs in their rootfs.
>
> It would be nicer to detect this at runtime, rather than fixing it
> at build time. eg check whether the filesystem is mounted on the
> host, and if not, then don't mount it in the container.
Isn't it better to detect it based on kernel filesystem support?
I mean, instead of checking whether securityfs is mounted, check
whether it's present in /proc/filesystems.
Yep, that would work too.
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|