The devpts, dev and fuse filesystems are mounted temporarily.
there is no need to export them to container if container shares
the root directory with host.
Signed-off-by: Gao feng <gaofeng@xxxxxxxxxxxxxx>
---
src/lxc/lxc_container.c | 22 ++++++++++++++++++++++
1 file changed, 22 insertions(+)
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index 9c04d06..0ab4ab7 100644
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -1486,6 +1486,7 @@ static int lxcContainerSetupPivotRoot(virDomainDefPtr vmDef,
int ret = -1;
char *sec_mount_options;
char *stateDir = NULL;
+ char *tmp = NULL;
VIR_DEBUG("Setup pivot root");
@@ -1522,6 +1523,26 @@ static int lxcContainerSetupPivotRoot(virDomainDefPtr vmDef,
goto cleanup;
#endif
+ /* These filesystems are created by libvirt temporarily, they
+ * shouldn't appear in container. */
+ if (STREQ(root->src, "/")) {
+ if (virAsprintf(&tmp, "%s/%s.dev", stateDir, vmDef->name) < 0 ||
+ lxcContainerUnmountSubtree(tmp, false) < 0)
+ goto cleanup;
+
+ VIR_FREE(tmp);
+ if (virAsprintf(&tmp, "%s/%s.devpts", stateDir, vmDef->name) < 0 ||
+ lxcContainerUnmountSubtree(tmp, false) < 0)
+ goto cleanup;
+
+#if WITH_FUSE
+ VIR_FREE(tmp);
+ if (virAsprintf(&tmp, "%s/%s.fuse", stateDir, vmDef->name) < 0 ||
+ lxcContainerUnmountSubtree(tmp, false) < 0)
+ goto cleanup;
+#endif
+ }
+
/* If we have the root source being '/', then we need to
* get rid of any existing stuff under /proc, /sys & /tmp.
* We need new namespace aware versions of those. We must
@@ -1571,6 +1592,7 @@ cleanup:
VIR_FREE(stateDir);
virCgroupFree(&cgroup);
VIR_FREE(sec_mount_options);
+ VIR_FREE(tmp);
return ret;
}
--
1.8.3.1
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list