kotovalexarian-likes-github
/
moby--moby
mirror of https://github.com/moby/moby.git
1
0
Fork 0
Code Releases Activity

Move RootIsShared to lxc driver 

Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
This commit is contained in:
Michael Crosby 2014-01-10 18:21:41 -08:00
parent 93ead2fe78
commit 1d8455e683
4 changed files with 41 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
container.go
View File

@ -623,31 +623,11 @@ func (container *Container) Start() (err error) {
var workingDir string var workingDir string
if container.Config.WorkingDir != "" { if container.Config.WorkingDir != "" {
workingDir = path.Clean(container.Config.WorkingDir) workingDir = path.Clean(container.Config.WorkingDir)
utils.Debugf("[working dir] working dir is %s", workingDir)
if err := os.MkdirAll(path.Join(container.RootfsPath(), workingDir), 0755); err != nil { if err := os.MkdirAll(path.Join(container.RootfsPath(), workingDir), 0755); err != nil {
return nil return nil
} }
} }
/*
if RootIsShared() {
// lxc-start really needs / to be non-shared, or all kinds of stuff break
// when lxc-start unmount things and those unmounts propagate to the main
// mount namespace.
// What we really want is to clone into a new namespace and then
// mount / MS_REC|MS_SLAVE, but since we can't really clone or fork
// without exec in go we have to do this horrible shell hack...
shellString :=
"mount --make-rslave /; exec " +
utils.ShellQuoteArguments(params)
params = []string{
"unshare", "-m", "--", "/bin/sh", "-c", shellString,
}
}
*/
root := container.RootfsPath() root := container.RootfsPath()
envPath, err := container.EnvConfigPath() envPath, err := container.EnvConfigPath()
if err != nil { if err != nil {

2
execdriver/MAINTAINERS Normal file
View File

@ -0,0 +1,2 @@
Michael Crosby <michael@crosbymichael.com> (@crosbymichael)
Guillaume Charmes <guillaume@dotcloud.com> (@creack)

43
execdriver/lxc/driver.go
View File

@ -4,6 +4,8 @@ import (
"errors" "errors"
"fmt" "fmt"
"github.com/dotcloud/docker/execdriver" "github.com/dotcloud/docker/execdriver"
"github.com/dotcloud/docker/utils"
"io/ioutil"
"os" "os"
"os/exec" "os/exec"
"path" "path"
@ -22,8 +24,9 @@ var (
) )
type driver struct { type driver struct {
root string // root path for the driver to use root string // root path for the driver to use
apparmor bool apparmor bool
sharedRoot bool
} }
func NewDriver(root string, apparmor bool) (execdriver.Driver, error) { func NewDriver(root string, apparmor bool) (execdriver.Driver, error) {
@ -32,8 +35,9 @@ func NewDriver(root string, apparmor bool) (execdriver.Driver, error) {
return nil, err return nil, err
} }
return &driver{ return &driver{
apparmor: apparmor, apparmor: apparmor,
root: root, root: root,
sharedRoot: rootIsShared(),
}, nil }, nil
} }
@ -70,6 +74,23 @@ func (d *driver) Start(c *execdriver.Process) error {
params = append(params, "-w", c.WorkingDir) params = append(params, "-w", c.WorkingDir)
} }
if d.sharedRoot {
// lxc-start really needs / to be non-shared, or all kinds of stuff break
// when lxc-start unmount things and those unmounts propagate to the main
// mount namespace.
// What we really want is to clone into a new namespace and then
// mount / MS_REC|MS_SLAVE, but since we can't really clone or fork
// without exec in go we have to do this horrible shell hack...
shellString :=
"mount --make-rslave /; exec " +
utils.ShellQuoteArguments(params)
params = []string{
"unshare", "-m", "--", "/bin/sh", "-c", shellString,
}
}
params = append(params, "--", c.Entrypoint) params = append(params, "--", c.Entrypoint)
params = append(params, c.Arguments...) params = append(params, c.Arguments...)
@ -218,3 +239,17 @@ func linkLxcStart(root string) error {
} }
return os.Symlink(sourcePath, targetPath) return os.Symlink(sourcePath, targetPath)
} }
func rootIsShared() bool {
if data, err := ioutil.ReadFile("/proc/self/mountinfo"); err == nil {
for _, line := range strings.Split(string(data), "\n") {
cols := strings.Split(line, " ")
if len(cols) >= 6 && cols[4] == "/" {
return strings.HasPrefix(cols[6], "shared")
}
}
}
// No idea, probably safe to assume so
return true
}

15
utils.go
View File

@ -5,7 +5,6 @@ import (
"github.com/dotcloud/docker/archive" "github.com/dotcloud/docker/archive"
"github.com/dotcloud/docker/pkg/namesgenerator" "github.com/dotcloud/docker/pkg/namesgenerator"
"github.com/dotcloud/docker/utils" "github.com/dotcloud/docker/utils"
"io/ioutil"
"strconv" "strconv"
"strings" "strings"
) )
@ -328,20 +327,6 @@ func parseLink(rawLink string) (map[string]string, error) {
return utils.PartParser("name:alias", rawLink) return utils.PartParser("name:alias", rawLink)
} }
func RootIsShared() bool {
if data, err := ioutil.ReadFile("/proc/self/mountinfo"); err == nil {
for _, line := range strings.Split(string(data), "\n") {
cols := strings.Split(line, " ")
if len(cols) >= 6 && cols[4] == "/" {
return strings.HasPrefix(cols[6], "shared")
}
}
}
// No idea, probably safe to assume so
return true
}
type checker struct { type checker struct {
runtime *Runtime runtime *Runtime
} }