From 1d7e2bc3776f90e1b2b31346e1bec47da6e568ff Mon Sep 17 00:00:00 2001 From: Liu Hua Date: Thu, 28 Mar 2019 11:41:37 -0700 Subject: gofer: some fixs in setupRootFS 1.use root instead of spec.Root.path as mountpoint 2.put remount readonly logic ahead to avoid device busy errors Signed-off-by: Liu Hua Change-Id: I9222b4695f917136a97b0898ac6f75fcff296e5d PiperOrigin-RevId: 240818182 --- runsc/cmd/gofer.go | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) (limited to 'runsc/cmd') diff --git a/runsc/cmd/gofer.go b/runsc/cmd/gofer.go index e712244ef..82487887c 100644 --- a/runsc/cmd/gofer.go +++ b/runsc/cmd/gofer.go @@ -285,14 +285,15 @@ func setupRootFS(spec *specs.Spec, conf *boot.Config) error { // Mount root path followed by submounts. if err := syscall.Mount(spec.Root.Path, root, "bind", syscall.MS_BIND|syscall.MS_REC, ""); err != nil { - return fmt.Errorf("mounting root on root (%q) err: %v", spec.Root.Path, err) + return fmt.Errorf("mounting root on root (%q) err: %v", root, err) } + flags := uint32(syscall.MS_SLAVE | syscall.MS_REC) if spec.Linux != nil && spec.Linux.RootfsPropagation != "" { flags = specutils.PropOptionsToFlags([]string{spec.Linux.RootfsPropagation}) } - if err := syscall.Mount("", spec.Root.Path, "", uintptr(flags), ""); err != nil { - return fmt.Errorf("mounting root (%q) with flags: %#x, err: %v", spec.Root.Path, flags, err) + if err := syscall.Mount("", root, "", uintptr(flags), ""); err != nil { + return fmt.Errorf("mounting root (%q) with flags: %#x, err: %v", root, flags, err) } // Replace the current spec, with the clean spec with symlinks resolved. @@ -315,10 +316,10 @@ func setupRootFS(spec *specs.Spec, conf *boot.Config) error { if spec.Root.Readonly { // If root is a mount point but not read-only, we can change mount options // to make it read-only for extra safety. - log.Infof("Remounting root as readonly: %q", spec.Root.Path) + log.Infof("Remounting root as readonly: %q", root) flags := uintptr(syscall.MS_BIND | syscall.MS_REMOUNT | syscall.MS_RDONLY | syscall.MS_REC) - if err := syscall.Mount(spec.Root.Path, spec.Root.Path, "bind", flags, ""); err != nil { - return fmt.Errorf("remounting root as read-only with source: %q, target: %q, flags: %#x, err: %v", spec.Root.Path, spec.Root.Path, flags, err) + if err := syscall.Mount(root, root, "bind", flags, ""); err != nil { + return fmt.Errorf("remounting root as read-only with source: %q, target: %q, flags: %#x, err: %v", root, root, flags, err) } } -- cgit v1.2.3