Re: [PATCH] LXC: Improved check before mounting securityfs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 10/07/2013 05:52 PM, Bogdan Purcareata wrote:
> Securityfs kernel support may not be available on all platforms
> running libvirt containers. Since securityfs receives special
> handling in the context of user namespaces, make an additional
> check to see if it is supported, by inspecting /proc/filesystems.
> 
> Making this check for all lxcBasicMounts is a bit tedious, since
> the /proc filesystem is first unmounted from host, so the
> /proc/filesystems list should be saved before unmounting, to be
> available at all times. However, checks for the support for /proc
> or /sys are superfluous.
> 
> In the long run, to support the addition of new filesystems in
> lxcBasicMounts, an additional "optional" flag should be introduced,
> to mark that for a specific filesystem, the code should first check
> for support in the kernel, before mounting it. For mandatory
> filesystems, if mounting them fails, creating the container fails.
> 
> Right now, check for support only for securityfs, since right now
> it is the only special case.
> 
> Signed-off-by: Bogdan Purcareata <bogdan.purcareata@xxxxxxxxxxxxx>
> ---
>  src/lxc/lxc_container.c | 69 ++++++++++++++++++++++++++++++++++++++++++++++++-
>  1 file changed, 68 insertions(+), 1 deletion(-)
> 

Ok, I know what's wrong, please check my patch.
If you think it's good, please add your Acked-by or Reviewed-by

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]