1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00

Merge pull request #21714 from hallyn/2016-03-31/aufs.2

don't try to use aufs in a user namespace
This commit is contained in:
David Calavera 2016-04-12 14:07:51 -07:00
commit 7c16063afa

View file

@ -46,11 +46,14 @@ import (
"github.com/docker/docker/pkg/stringid" "github.com/docker/docker/pkg/stringid"
"github.com/opencontainers/runc/libcontainer/label" "github.com/opencontainers/runc/libcontainer/label"
rsystem "github.com/opencontainers/runc/libcontainer/system"
) )
var ( var (
// ErrAufsNotSupported is returned if aufs is not supported by the host. // ErrAufsNotSupported is returned if aufs is not supported by the host.
ErrAufsNotSupported = fmt.Errorf("AUFS was not found in /proc/filesystems") ErrAufsNotSupported = fmt.Errorf("AUFS was not found in /proc/filesystems")
// ErrAufsNested means aufs cannot be used bc we are in a user namespace
ErrAufsNested = fmt.Errorf("AUFS cannot be used in non-init user namespace")
incompatibleFsMagic = []graphdriver.FsMagic{ incompatibleFsMagic = []graphdriver.FsMagic{
graphdriver.FsMagicBtrfs, graphdriver.FsMagicBtrfs,
graphdriver.FsMagicAufs, graphdriver.FsMagicAufs,
@ -146,6 +149,10 @@ func supportsAufs() error {
// proc/filesystems for when aufs is supported // proc/filesystems for when aufs is supported
exec.Command("modprobe", "aufs").Run() exec.Command("modprobe", "aufs").Run()
if rsystem.RunningInUserNS() {
return ErrAufsNested
}
f, err := os.Open("/proc/filesystems") f, err := os.Open("/proc/filesystems")
if err != nil { if err != nil {
return err return err