[CFT][PATCH] mnt: Implicitly add MNT_NODEV on remount when it was implicitly added by mount

Andy Lutomirski luto at amacapital.net
Sun Nov 30 15:37:43 UTC 2014


On Sun, Nov 30, 2014 at 7:16 AM, Richard Weinberger <richard at nod.at> wrote:
> Am 30.11.2014 um 16:00 schrieb Andy Lutomirski:
>> On Sun, Nov 30, 2014 at 6:58 AM, Richard Weinberger <richard at nod.at> wrote:
>>> Eric,
>>>
>>> Am 30.11.2014 um 00:05 schrieb Eric W. Biederman:
>>>>
>>>> Now that remount is properly enforcing the rule that you can't remove
>>>> nodev at least sandstorm.io is breaking when performing a remount.
>>>>
>>>> It turns out that there is an easy intuitive solution implicitly
>>>> add nodev on remount when nodev was implicitly added on mount.
>>>
>>> Is this patch supposed to unbreak libvirt-lxc?
>>> At least 1.2.9 is still broken.
>>>
>>
>> Either this patch or my variant of it fixes the libvirt-lxc breakage
>> that I understand, but IIRC there was some other issue that none of us
>> figured out at K-S.
>
> Currently it fails here:
> 2014-11-25 22:36:45.295+0000: 1: debug : virFileMakePathHelper:2436 : path=/proc mode=0777
> 2014-11-25 22:36:45.295+0000: 1: debug : lxcContainerMountBasicFS:918 : Mount proc on /proc type=proc flags=e
> 2014-11-25 22:36:45.296+0000: 1: debug : lxcContainerMountBasicFS:873 : Processing /proc/sys -> /proc/sys
> 2014-11-25 22:36:45.296+0000: 1: debug : virFileMakePathHelper:2436 : path=/proc/sys mode=0777
> 2014-11-25 22:36:45.296+0000: 1: debug : lxcContainerMountBasicFS:918 : Mount /proc/sys on /proc/sys type=(null) flags=1000
> 2014-11-25 22:36:45.296+0000: 1: error : lxcContainerMountBasicFS:933 : Failed to re-mount /proc/sys on /proc/sys flags=1021: Operation not permitted

Any chance you can test that with Eric's patch or mine [1] applied?
If that doesn't work, can you try to catch the failure with strace?

--Andy

[1] https://git.kernel.org/cgit/linux/kernel/git/luto/linux.git/commit/?h=userns/fix_magic_nodev&id=bf8b198add82a249d6da4ecf280c30a0865637f6

>
> Thanks,
> //richard



-- 
Andy Lutomirski
AMA Capital Management, LLC


More information about the Containers mailing list