From: "Daniel P. Berrange" <berrange@xxxxxxxxxx>
Currently you can configure LXC to bind a host directory to
a guest directory, but not to bind a guest directory to a
guest directory. While the guest container init could do
this itself, allowing it in the libvirt XML means a stricter
SELinux policy can be written
---
src/conf/domain_conf.c | 7 +++++--
src/conf/domain_conf.h | 11 ++++++-----
src/lxc/lxc_container.c | 7 +++++++
3 files changed, 18 insertions(+), 7 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index a653fe6..8ce122e 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -263,7 +263,8 @@ VIR_ENUM_IMPL(virDomainFS, VIR_DOMAIN_FS_TYPE_LAST,
"block",
"file",
"template",
- "ram")
+ "ram",
+ "bind")
VIR_ENUM_IMPL(virDomainFSDriverType, VIR_DOMAIN_FS_DRIVER_TYPE_LAST,
"default",
@@ -4260,7 +4261,8 @@ virDomainFSDefParseXML(xmlNodePtr node,
if (!source &&
xmlStrEqual(cur->name, BAD_CAST "source")) {
- if (def->type == VIR_DOMAIN_FS_TYPE_MOUNT)
+ if (def->type == VIR_DOMAIN_FS_TYPE_MOUNT ||
+ def->type == VIR_DOMAIN_FS_TYPE_BIND)
source = virXMLPropString(cur, "dir");
else if (def->type == VIR_DOMAIN_FS_TYPE_FILE)
source = virXMLPropString(cur, "file");
@@ -11335,6 +11337,7 @@ virDomainFSDefFormat(virBufferPtr buf,
switch (def->type) {
case VIR_DOMAIN_FS_TYPE_MOUNT:
+ case VIR_DOMAIN_FS_TYPE_BIND:
virBufferEscapeString(buf, " <source dir='%s'/>\n",
def->src);
break;
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index b8d9c87..bdb1f75 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -656,11 +656,12 @@ struct _virDomainControllerDef {
/* Two types of disk backends */
enum virDomainFSType {
- VIR_DOMAIN_FS_TYPE_MOUNT, /* Better named 'bind' */
- VIR_DOMAIN_FS_TYPE_BLOCK,
- VIR_DOMAIN_FS_TYPE_FILE,
- VIR_DOMAIN_FS_TYPE_TEMPLATE,
- VIR_DOMAIN_FS_TYPE_RAM,
+ VIR_DOMAIN_FS_TYPE_MOUNT, /* Mounts (binds) a host dir on a guest dir */
+ VIR_DOMAIN_FS_TYPE_BLOCK, /* Mounts a host block dev on a guest dir */
+ VIR_DOMAIN_FS_TYPE_FILE, /* Loopback mounts a host file on a guest dir */
+ VIR_DOMAIN_FS_TYPE_TEMPLATE, /* Expands a OS template to a guest dir */
+ VIR_DOMAIN_FS_TYPE_RAM, /* Mount a RAM filesystem on a guest dir */
+ VIR_DOMAIN_FS_TYPE_BIND, /* Binds a guest dir to another guest dir */
VIR_DOMAIN_FS_TYPE_LAST
};
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index b69255e..bf67ba1 100644
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -1025,7 +1025,14 @@ static int lxcContainerMountFS(virDomainFSDefPtr fs,
if (lxcContainerMountFSTmpfs(fs) < 0)
return -1;
break;
+ case VIR_DOMAIN_FS_TYPE_BIND:
+ if (lxcContainerMountFSBind(fs, "") < 0)
+ return -1;
+ break;
case VIR_DOMAIN_FS_TYPE_FILE:
+ /* We do actually support this, but the lxc controller
+ * should have associated the file with a loopback
+ * device and changed this to TYPE_BLOCK for us */
lxcError(VIR_ERR_INTERNAL_ERROR,
_("Unexpected filesystem type %s"),
virDomainFSTypeToString(fs->type));
--
1.7.10.2
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list