[libvirt] [PATCH] Ensure we always setup a private mount namespace for LXC controller
From: "Daniel P. Berrange" <berrange(a)redhat.com>
The code for setting up a private /dev/pts for the containers
is also responsible for making the LXC controller have a
private mount namespace. Unfortunately the /dev/pts code is
not run if launching a container without a custom root. This
causes the LXC FUSE mount to leak into the host FS.
---
src/lxc/lxc_controller.c | 38 ++++++++++++++++++++++++++------------
1 file changed, 26 insertions(+), 12 deletions(-)
diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
index c9d96b3..a1c264c 100644
--- a/src/lxc/lxc_controller.c
+++ b/src/lxc/lxc_controller.c
@@ -1143,6 +1143,29 @@ cleanup:
static int
+virLXCControllerSetupPrivateNS(void)
+{
+ int ret = -1;
+
+ if (unshare(CLONE_NEWNS) < 0) {
+ virReportSystemError(errno, "%s",
+ _("Cannot unshare mount namespace"));
+ goto cleanup;
+ }
+
+ if (mount("", "/", NULL, MS_SLAVE|MS_REC, NULL) < 0) {
+ virReportSystemError(errno, "%s",
+ _("Failed to switch root mount into slave
mode"));
+ goto cleanup;
+ }
+
+ ret = 0;
+cleanup:
+ return ret;
+}
+
+
+static int
virLXCControllerSetupDevPTS(virLXCControllerPtr ctrl)
{
virDomainFSDefPtr root = virDomainGetRootFilesystem(ctrl->def);
@@ -1193,18 +1216,6 @@ virLXCControllerSetupDevPTS(virLXCControllerPtr ctrl)
goto cleanup;
}
- if (unshare(CLONE_NEWNS) < 0) {
- virReportSystemError(errno, "%s",
- _("Cannot unshare mount namespace"));
- goto cleanup;
- }
-
- if (mount("", "/", NULL, MS_SLAVE|MS_REC, NULL) < 0) {
- virReportSystemError(errno, "%s",
- _("Failed to switch root mount into slave
mode"));
- goto cleanup;
- }
-
if (virAsprintf(&devpts, "%s/dev/pts", root->src) < 0 ||
virAsprintf(&ctrl->devptmx, "%s/dev/pts/ptmx", root->src)
< 0) {
virReportOOMError();
@@ -1408,6 +1419,9 @@ virLXCControllerRun(virLXCControllerPtr ctrl)
goto cleanup;
}
+ if (virLXCControllerSetupPrivateNS() < 0)
+ goto cleanup;
+
if (virLXCControllerSetupLoopDevices(ctrl) < 0)
goto cleanup;
--
1.8.0.1