-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
We are mounting a tmpfs before mounting the cgroup file systems, we need to
make sure this tmpfs is labeled correctly.
This patch fixes the problem, Hopefully formatted correctly, it did pass the
syntax check.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAlAHERUACgkQrlYvE4MpobMkEwCfRjadP1RmB5YtvkQnwX11KTDN
d5kAnjdI6VHNh3v4TopAsEWe73gcT9Ii
=V8DO
-----END PGP SIGNATURE-----
>From 53052da4966b003f3f7e2f3a23097050bc6091d7 Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@xxxxxxxxxx>
Date: Wed, 18 Jul 2012 15:36:20 -0400
Subject: [PATCH 12/12] lxcContainerMountCGroups also mounts a tmpfs that
needs to be labeled. This patch passes down the
sec_mount_options to the lxcContainerMountCGroups
function and then mounts the tmpfs with the correct
label.
---
src/lxc/lxc_container.c | 18 ++++++++++++++----
1 file changed, 14 insertions(+), 4 deletions(-)
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index 92a3bf9..6fdf359 100644
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -1341,9 +1341,11 @@ cleanup:
static int lxcContainerMountCGroups(struct lxcContainerCGroup *mounts,
- size_t nmounts)
+ size_t nmounts,
+ char * sec_mount_options)
{
size_t i;
+ char *opts = NULL;
VIR_DEBUG("Mounting cgroups at '%s'", VIR_CGROUP_SYSFS_MOUNT);
@@ -1354,12 +1356,20 @@ static int lxcContainerMountCGroups(struct lxcContainerCGroup *mounts,
return -1;
}
- if (mount("tmpfs", VIR_CGROUP_SYSFS_MOUNT, "tmpfs", MS_NOSUID|MS_NODEV|MS_NOEXEC, "mode=755") < 0) {
+ if (virAsprintf(&opts,
+ "mode=755,size=65536%s",(sec_mount_options ? sec_mount_options : "")) < 0 ) {
+ virReportOOMError();
+ return -1;
+ }
+
+ if (mount("tmpfs", VIR_CGROUP_SYSFS_MOUNT, "tmpfs", MS_NOSUID|MS_NODEV|MS_NOEXEC, opts) < 0) {
+ VIR_FREE(opts);
virReportSystemError(errno,
_("Failed to mount %s on %s type %s"),
"tmpfs", VIR_CGROUP_SYSFS_MOUNT, "tmpfs");
return -1;
}
+ VIR_FREE(opts);
for (i = 0 ; i < nmounts ; i++) {
if (mounts[i].linkDest) {
@@ -1433,7 +1443,7 @@ static int lxcContainerSetupPivotRoot(virDomainDefPtr vmDef,
/* Now we can re-mount the cgroups controllers in the
* same configuration as before */
- if (lxcContainerMountCGroups(mounts, nmounts) < 0)
+ if (lxcContainerMountCGroups(mounts, nmounts, sec_mount_options) < 0)
goto cleanup;
/* Mounts /dev/pts */
@@ -1512,7 +1522,7 @@ static int lxcContainerSetupExtraMounts(virDomainDefPtr vmDef,
/* Now we can re-mount the cgroups controllers in the
* same configuration as before */
- if (lxcContainerMountCGroups(mounts, nmounts) < 0)
+ if (lxcContainerMountCGroups(mounts, nmounts, sec_mount_options) < 0)
goto cleanup;
VIR_DEBUG("Mounting completed");
--
1.7.10.4
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list