From: "Daniel P. Berrange" <berrange@xxxxxxxxxx>
A prefix change to unmount the SELinux filesystem broke starting
of LXC containers with a custom root filesystem
Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx>
---
src/lxc/lxc_container.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index a749d24..4bb2aff 100644
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -1191,6 +1191,8 @@ static int lxcContainerGetSubtree(const char *prefix,
char **mounts = NULL;
size_t nmounts = 0;
+ VIR_DEBUG("prefix=%s", prefix);
+
*mountsret = NULL;
*nmountsret = 0;
@@ -1528,7 +1530,8 @@ static int lxcContainerSetupPivotRoot(virDomainDefPtr vmDef,
/* Some versions of Linux kernel don't let you overmount
* the selinux filesystem, so make sure we kill it first
*/
- if (lxcContainerUnmountSubtree(SELINUX_MOUNT, false) < 0)
+ if (STREQ(root->src, "/") &&
+ lxcContainerUnmountSubtree(SELINUX_MOUNT, false) < 0)
goto cleanup;
#endif
--
1.7.11.2
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list