From 12aef686af3f37029e619602286f00a40144c52d Mon Sep 17 00:00:00 2001 From: Fabricio Voznika Date: Wed, 5 Sep 2018 14:28:52 -0700 Subject: Enabled bind mounts in sub-containers With multi-gofers, bind mounts in sub-containers should just work. Removed restrictions and added test. There are also a few cleanups along the way, e.g. retry unmounting in case cleanup races with gofer teardown. PiperOrigin-RevId: 211699569 Change-Id: Ic0a69c29d7c31cd7e038909cc686c6ac98703374 --- runsc/boot/fds.go | 5 ----- runsc/boot/fs.go | 5 ----- 2 files changed, 10 deletions(-) (limited to 'runsc/boot') diff --git a/runsc/boot/fds.go b/runsc/boot/fds.go index 0449e243d..9de5a78b1 100644 --- a/runsc/boot/fds.go +++ b/runsc/boot/fds.go @@ -28,11 +28,6 @@ import ( // createFDMap creates an fd map that contains stdin, stdout, and stderr. If // console is true, then ioctl calls will be passed through to the host fd. -// -// TODO: We currently arn't passing any FDs in to the sandbox, so -// there's not much else for this function to do. It will get more complicated -// when gofers enter the picture. Also the LISTEN_FDS environment variable -// allows passing arbitrary FDs to the sandbox, which we do not yet support. func createFDMap(ctx context.Context, k *kernel.Kernel, l *limits.LimitSet, console bool) (*kernel.FDMap, error) { fdm := k.NewFDMap() defer fdm.DecRef() diff --git a/runsc/boot/fs.go b/runsc/boot/fs.go index 4a11b30f1..772df40fe 100644 --- a/runsc/boot/fs.go +++ b/runsc/boot/fs.go @@ -685,11 +685,6 @@ func setFileSystemForProcess(procArgs *kernel.CreateProcessArgs, spec *specs.Spe // Mount all submounts. mounts := compileMounts(spec) for _, m := range mounts { - // TODO: Enable bind mounts in child containers. - if m.Type == bind { - log.Infof("Bind mounts in child containers are not yet supported: %+v", m) - continue - } dest := filepath.Join(containerRoot, m.Destination) if err := mountSubmount(rootCtx, conf, k.RootMountNamespace(), fds, m, mounts, dest); err != nil { return fmt.Errorf("error mounting filesystem for container: %v", err) -- cgit v1.2.3