提交 d7d7581b 编写于 作者: D Daniel P. Berrange

Fix LXC startup when /var/run is an absolute symlink

During startup, the LXC driver uses paths such as

  /.oldroot/var/run/libvirt/lxc/...

to access directories from the previous root filesystem
after doing a pivot_root(). Unfortunately if /var/run
is an absolute symlink to /run, instead of a relative
symlink to ../run, these paths break.

At least one Linux distro is known to use an absolute
symlink for /var/run, so workaround this, by resolving
all symlinks before doing the pivot_root().
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
上级 e3b40bec
...@@ -749,14 +749,17 @@ cleanup: ...@@ -749,14 +749,17 @@ cleanup:
} }
#if WITH_FUSE #if WITH_FUSE
static int lxcContainerMountProcFuse(virDomainDefPtr def) static int lxcContainerMountProcFuse(virDomainDefPtr def,
const char *stateDir)
{ {
int ret; int ret;
char *meminfo_path = NULL; char *meminfo_path = NULL;
VIR_DEBUG("Mount /proc/meminfo stateDir=%s", stateDir);
if ((ret = virAsprintf(&meminfo_path, if ((ret = virAsprintf(&meminfo_path,
"/.oldroot/%s/%s.fuse/meminfo", "/.oldroot/%s/%s.fuse/meminfo",
LXC_STATE_DIR, stateDir,
def->name)) < 0) def->name)) < 0)
return ret; return ret;
...@@ -791,20 +794,24 @@ static int lxcContainerMountProcFuse(virDomainDefPtr def) ...@@ -791,20 +794,24 @@ static int lxcContainerMountProcFuse(virDomainDefPtr def)
return ret; return ret;
} }
#else #else
static int lxcContainerMountProcFuse(virDomainDefPtr def ATTRIBUTE_UNUSED) static int lxcContainerMountProcFuse(virDomainDefPtr def ATTRIBUTE_UNUSED,
const char *stateDir ATTRIBUTE_UNUSED)
{ {
return 0; return 0;
} }
#endif #endif
static int lxcContainerMountFSDevPTS(virDomainDefPtr def) static int lxcContainerMountFSDevPTS(virDomainDefPtr def,
const char *stateDir)
{ {
int ret; int ret;
char *path = NULL; char *path = NULL;
VIR_DEBUG("Mount /dev/pts stateDir=%s", stateDir);
if ((ret = virAsprintf(&path, if ((ret = virAsprintf(&path,
"/.oldroot/%s/%s.devpts", "/.oldroot/%s/%s.devpts",
LXC_STATE_DIR, stateDir,
def->name)) < 0) def->name)) < 0)
return ret; return ret;
...@@ -1747,6 +1754,7 @@ static int lxcContainerSetupPivotRoot(virDomainDefPtr vmDef, ...@@ -1747,6 +1754,7 @@ static int lxcContainerSetupPivotRoot(virDomainDefPtr vmDef,
int rc; int rc;
int ret = -1; int ret = -1;
char *sec_mount_options; char *sec_mount_options;
char *stateDir = NULL;
if (!(sec_mount_options = virSecurityManagerGetMountOptions(securityDriver, vmDef))) if (!(sec_mount_options = virSecurityManagerGetMountOptions(securityDriver, vmDef)))
return -1; return -1;
...@@ -1759,6 +1767,9 @@ static int lxcContainerSetupPivotRoot(virDomainDefPtr vmDef, ...@@ -1759,6 +1767,9 @@ static int lxcContainerSetupPivotRoot(virDomainDefPtr vmDef,
goto cleanup; goto cleanup;
} }
if (virFileResolveAllLinks(LXC_STATE_DIR, &stateDir) < 0)
goto cleanup;
/* Ensure the root filesystem is mounted */ /* Ensure the root filesystem is mounted */
if (lxcContainerPrepareRoot(vmDef, root) < 0) if (lxcContainerPrepareRoot(vmDef, root) < 0)
goto cleanup; goto cleanup;
...@@ -1796,7 +1807,7 @@ static int lxcContainerSetupPivotRoot(virDomainDefPtr vmDef, ...@@ -1796,7 +1807,7 @@ static int lxcContainerSetupPivotRoot(virDomainDefPtr vmDef,
goto cleanup; goto cleanup;
/* Mounts /proc/meminfo etc sysinfo */ /* Mounts /proc/meminfo etc sysinfo */
if (lxcContainerMountProcFuse(vmDef) < 0) if (lxcContainerMountProcFuse(vmDef, stateDir) < 0)
goto cleanup; goto cleanup;
/* Now we can re-mount the cgroups controllers in the /* Now we can re-mount the cgroups controllers in the
...@@ -1805,7 +1816,7 @@ static int lxcContainerSetupPivotRoot(virDomainDefPtr vmDef, ...@@ -1805,7 +1816,7 @@ static int lxcContainerSetupPivotRoot(virDomainDefPtr vmDef,
goto cleanup; goto cleanup;
/* Mounts /dev/pts */ /* Mounts /dev/pts */
if (lxcContainerMountFSDevPTS(vmDef) < 0) if (lxcContainerMountFSDevPTS(vmDef, stateDir) < 0)
goto cleanup; goto cleanup;
/* Populates device nodes in /dev/ */ /* Populates device nodes in /dev/ */
...@@ -1831,6 +1842,7 @@ static int lxcContainerSetupPivotRoot(virDomainDefPtr vmDef, ...@@ -1831,6 +1842,7 @@ static int lxcContainerSetupPivotRoot(virDomainDefPtr vmDef,
ret = 0; ret = 0;
cleanup: cleanup:
VIR_FREE(stateDir);
virCgroupFree(&cgroup); virCgroupFree(&cgroup);
VIR_FREE(sec_mount_options); VIR_FREE(sec_mount_options);
return ret; return ret;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册