diff options
| author | Liu Hua <sdu.liu@huawei.com> | 2019-03-28 11:41:37 -0700 |
|---|---|---|
| committer | Shentubot <shentubot@google.com> | 2019-03-28 11:42:41 -0700 |
| commit | 1d7e2bc3776f90e1b2b31346e1bec47da6e568ff (patch) | |
| tree | 8b80721464abc31f8112a57ff4fbfa95d877377b /runsc/cmd/gofer.go | |
| parent | f4105ac21a9f11f5231681239ca92ac814b5149d (diff) | |
gofer: some fixs in setupRootFS
1.use root instead of spec.Root.path as mountpoint
2.put remount readonly logic ahead to avoid device busy errors
Signed-off-by: Liu Hua <sdu.liu@huawei.com>
Change-Id: I9222b4695f917136a97b0898ac6f75fcff296e5d
PiperOrigin-RevId: 240818182
Diffstat (limited to 'runsc/cmd/gofer.go')
| -rw-r--r-- | runsc/cmd/gofer.go | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/runsc/cmd/gofer.go b/runsc/cmd/gofer.go index e712244ef..82487887c 100644 --- a/runsc/cmd/gofer.go +++ b/runsc/cmd/gofer.go @@ -285,14 +285,15 @@ func setupRootFS(spec *specs.Spec, conf *boot.Config) error { // Mount root path followed by submounts. if err := syscall.Mount(spec.Root.Path, root, "bind", syscall.MS_BIND|syscall.MS_REC, ""); err != nil { - return fmt.Errorf("mounting root on root (%q) err: %v", spec.Root.Path, err) + return fmt.Errorf("mounting root on root (%q) err: %v", root, err) } + flags := uint32(syscall.MS_SLAVE | syscall.MS_REC) if spec.Linux != nil && spec.Linux.RootfsPropagation != "" { flags = specutils.PropOptionsToFlags([]string{spec.Linux.RootfsPropagation}) } - if err := syscall.Mount("", spec.Root.Path, "", uintptr(flags), ""); err != nil { - return fmt.Errorf("mounting root (%q) with flags: %#x, err: %v", spec.Root.Path, flags, err) + if err := syscall.Mount("", root, "", uintptr(flags), ""); err != nil { + return fmt.Errorf("mounting root (%q) with flags: %#x, err: %v", root, flags, err) } // Replace the current spec, with the clean spec with symlinks resolved. @@ -315,10 +316,10 @@ func setupRootFS(spec *specs.Spec, conf *boot.Config) error { if spec.Root.Readonly { // If root is a mount point but not read-only, we can change mount options // to make it read-only for extra safety. - log.Infof("Remounting root as readonly: %q", spec.Root.Path) + log.Infof("Remounting root as readonly: %q", root) flags := uintptr(syscall.MS_BIND | syscall.MS_REMOUNT | syscall.MS_RDONLY | syscall.MS_REC) - if err := syscall.Mount(spec.Root.Path, spec.Root.Path, "bind", flags, ""); err != nil { - return fmt.Errorf("remounting root as read-only with source: %q, target: %q, flags: %#x, err: %v", spec.Root.Path, spec.Root.Path, flags, err) + if err := syscall.Mount(root, root, "bind", flags, ""); err != nil { + return fmt.Errorf("remounting root as read-only with source: %q, target: %q, flags: %#x, err: %v", root, root, flags, err) } } |