runc/configs/mount.go

package configs

import (
	"fmt"
	"os"
	"path/filepath"
	"syscall"

	"github.com/docker/docker/pkg/symlink"
	"github.com/docker/libcontainer/label"
)

const DefaultMountFlags = syscall.MS_NOEXEC | syscall.MS_NOSUID | syscall.MS_NODEV

type Mount struct {
	Type        string `json:"type,omitempty"`
	Source      string `json:"source,omitempty"`      // Source path, in the host namespace
	Destination string `json:"destination,omitempty"` // Destination path, in the container
	Writable    bool   `json:"writable,omitempty"`
	Relabel     string `json:"relabel,omitempty"` // Relabel source if set, "z" indicates shared, "Z" indicates unshared
	Private     bool   `json:"private,omitempty"`
	Slave       bool   `json:"slave,omitempty"`
}

func (m *Mount) Mount(rootfs, mountLabel string) error {
	switch m.Type {
	case "bind":
		return m.bindMount(rootfs, mountLabel)
	case "tmpfs":
		return m.tmpfsMount(rootfs, mountLabel)
	default:
		return fmt.Errorf("unsupported mount type %s for %s", m.Type, m.Destination)
	}
}

func (m *Mount) bindMount(rootfs, mountLabel string) error {
	var (
		flags = syscall.MS_BIND | syscall.MS_REC
		dest  = filepath.Join(rootfs, m.Destination)
	)

	if !m.Writable {
		flags = flags | syscall.MS_RDONLY
	}

	if m.Slave {
		flags = flags | syscall.MS_SLAVE
	}

	stat, err := os.Stat(m.Source)
	if err != nil {
		return err
	}

	// FIXME: (crosbymichael) This does not belong here and should be done a layer above
	dest, err = symlink.FollowSymlinkInScope(dest, rootfs)
	if err != nil {
		return err
	}

	if err := createIfNotExists(dest, stat.IsDir()); err != nil {
		return fmt.Errorf("creating new bind mount target %s", err)
	}

	if err := syscall.Mount(m.Source, dest, "bind", uintptr(flags), ""); err != nil {
		return fmt.Errorf("mounting %s into %s %s", m.Source, dest, err)
	}

	if !m.Writable {
		if err := syscall.Mount(m.Source, dest, "bind", uintptr(flags|syscall.MS_REMOUNT), ""); err != nil {
			return fmt.Errorf("remounting %s into %s %s", m.Source, dest, err)
		}
	}

	if m.Relabel != "" {
		if err := label.Relabel(m.Source, mountLabel, m.Relabel); err != nil {
			return fmt.Errorf("relabeling %s to %s %s", m.Source, mountLabel, err)
		}
	}

	if m.Private {
		if err := syscall.Mount("", dest, "none", uintptr(syscall.MS_PRIVATE), ""); err != nil {
			return fmt.Errorf("mounting %s private %s", dest, err)
		}
	}

	return nil
}

func (m *Mount) tmpfsMount(rootfs, mountLabel string) error {
	var (
		err  error
		l    = label.FormatMountLabel("", mountLabel)
		dest = filepath.Join(rootfs, m.Destination)
	)

	// FIXME: (crosbymichael) This does not belong here and should be done a layer above
	if dest, err = symlink.FollowSymlinkInScope(dest, rootfs); err != nil {
		return err
	}

	if err := createIfNotExists(dest, true); err != nil {
		return fmt.Errorf("creating new tmpfs mount target %s", err)
	}

	if err := syscall.Mount("tmpfs", dest, "tmpfs", uintptr(DefaultMountFlags), l); err != nil {
		return fmt.Errorf("%s mounting %s in tmpfs", err, dest)
	}

	return nil
}

func createIfNotExists(path string, isDir bool) error {
	if _, err := os.Stat(path); err != nil {
		if os.IsNotExist(err) {
			if isDir {
				if err := os.MkdirAll(path, 0755); err != nil {
					return err
				}
			} else {
				if err := os.MkdirAll(filepath.Dir(path), 0755); err != nil {
					return err
				}
				f, err := os.OpenFile(path, os.O_CREATE, 0755)
				if err != nil {
					return err
				}
				f.Close()
			}
		}
	}
	return nil
}
Flatten configuration structs Change the various config structs into one package and have a flatter structure for easier use. Signed-off-by: Michael Crosby <crosbymichael@gmail.com> 2015-02-01 11:56:27 +08:00			`package configs`
Move mount logic into Mount type Signed-off-by: Michael Crosby <michael@docker.com> 2014-08-27 16:51:52 +08:00
			`import (`
			`"fmt"`
			`"os"`
			`"path/filepath"`
			`"syscall"`

			`"github.com/docker/docker/pkg/symlink"`
			`"github.com/docker/libcontainer/label"`
			`)`

Flatten configuration structs Change the various config structs into one package and have a flatter structure for easier use. Signed-off-by: Michael Crosby <crosbymichael@gmail.com> 2015-02-01 11:56:27 +08:00			`const DefaultMountFlags = syscall.MS_NOEXEC \| syscall.MS_NOSUID \| syscall.MS_NODEV`

Move mount logic into Mount type Signed-off-by: Michael Crosby <michael@docker.com> 2014-08-27 16:51:52 +08:00			`type Mount struct {`
			Type string `json:"type,omitempty"`
			Source string `json:"source,omitempty"` // Source path, in the host namespace
			Destination string `json:"destination,omitempty"` // Destination path, in the container
			Writable bool `json:"writable,omitempty"`
			Relabel string `json:"relabel,omitempty"` // Relabel source if set, "z" indicates shared, "Z" indicates unshared
			Private bool `json:"private,omitempty"`
Allow mounts to be supplied with the MS_SLAVE option. Docker-DCO-1.1-Signed-off-by: Erik Hollensbe <github@hollensbe.org> (github: erikh) 2014-09-04 10:37:48 +08:00			Slave bool `json:"slave,omitempty"`
Move mount logic into Mount type Signed-off-by: Michael Crosby <michael@docker.com> 2014-08-27 16:51:52 +08:00			`}`

			`func (m *Mount) Mount(rootfs, mountLabel string) error {`
			`switch m.Type {`
			`case "bind":`
			`return m.bindMount(rootfs, mountLabel)`
Add tmpfs support to Mount Signed-off-by: Michael Crosby <michael@docker.com> 2014-08-27 16:55:57 +08:00			`case "tmpfs":`
			`return m.tmpfsMount(rootfs, mountLabel)`
Move mount logic into Mount type Signed-off-by: Michael Crosby <michael@docker.com> 2014-08-27 16:51:52 +08:00			`default:`
			`return fmt.Errorf("unsupported mount type %s for %s", m.Type, m.Destination)`
			`}`
			`}`

			`func (m *Mount) bindMount(rootfs, mountLabel string) error {`
			`var (`
			`flags = syscall.MS_BIND \| syscall.MS_REC`
			`dest = filepath.Join(rootfs, m.Destination)`
			`)`

			`if !m.Writable {`
			`flags = flags \| syscall.MS_RDONLY`
			`}`

Allow mounts to be supplied with the MS_SLAVE option. Docker-DCO-1.1-Signed-off-by: Erik Hollensbe <github@hollensbe.org> (github: erikh) 2014-09-04 10:37:48 +08:00			`if m.Slave {`
			`flags = flags \| syscall.MS_SLAVE`
			`}`

Move mount logic into Mount type Signed-off-by: Michael Crosby <michael@docker.com> 2014-08-27 16:51:52 +08:00			`stat, err := os.Stat(m.Source)`
			`if err != nil {`
			`return err`
			`}`

Add tmpfs support to Mount Signed-off-by: Michael Crosby <michael@docker.com> 2014-08-27 16:55:57 +08:00			`// FIXME: (crosbymichael) This does not belong here and should be done a layer above`
Move mount logic into Mount type Signed-off-by: Michael Crosby <michael@docker.com> 2014-08-27 16:51:52 +08:00			`dest, err = symlink.FollowSymlinkInScope(dest, rootfs)`
			`if err != nil {`
			`return err`
			`}`

			`if err := createIfNotExists(dest, stat.IsDir()); err != nil {`
Add tmpfs support to Mount Signed-off-by: Michael Crosby <michael@docker.com> 2014-08-27 16:55:57 +08:00			`return fmt.Errorf("creating new bind mount target %s", err)`
Move mount logic into Mount type Signed-off-by: Michael Crosby <michael@docker.com> 2014-08-27 16:51:52 +08:00			`}`

			`if err := syscall.Mount(m.Source, dest, "bind", uintptr(flags), ""); err != nil {`
			`return fmt.Errorf("mounting %s into %s %s", m.Source, dest, err)`
			`}`

			`if !m.Writable {`
			`if err := syscall.Mount(m.Source, dest, "bind", uintptr(flags\|syscall.MS_REMOUNT), ""); err != nil {`
			`return fmt.Errorf("remounting %s into %s %s", m.Source, dest, err)`
			`}`
			`}`

			`if m.Relabel != "" {`
			`if err := label.Relabel(m.Source, mountLabel, m.Relabel); err != nil {`
			`return fmt.Errorf("relabeling %s to %s %s", m.Source, mountLabel, err)`
			`}`
			`}`

			`if m.Private {`
			`if err := syscall.Mount("", dest, "none", uintptr(syscall.MS_PRIVATE), ""); err != nil {`
			`return fmt.Errorf("mounting %s private %s", dest, err)`
			`}`
			`}`

			`return nil`
			`}`
Add tmpfs support to Mount Signed-off-by: Michael Crosby <michael@docker.com> 2014-08-27 16:55:57 +08:00
			`func (m *Mount) tmpfsMount(rootfs, mountLabel string) error {`
			`var (`
			`err error`
			`l = label.FormatMountLabel("", mountLabel)`
			`dest = filepath.Join(rootfs, m.Destination)`
			`)`

			`// FIXME: (crosbymichael) This does not belong here and should be done a layer above`
			`if dest, err = symlink.FollowSymlinkInScope(dest, rootfs); err != nil {`
			`return err`
			`}`

			`if err := createIfNotExists(dest, true); err != nil {`
			`return fmt.Errorf("creating new tmpfs mount target %s", err)`
			`}`

Flatten configuration structs Change the various config structs into one package and have a flatter structure for easier use. Signed-off-by: Michael Crosby <crosbymichael@gmail.com> 2015-02-01 11:56:27 +08:00			`if err := syscall.Mount("tmpfs", dest, "tmpfs", uintptr(DefaultMountFlags), l); err != nil {`
Add tmpfs support to Mount Signed-off-by: Michael Crosby <michael@docker.com> 2014-08-27 16:55:57 +08:00			`return fmt.Errorf("%s mounting %s in tmpfs", err, dest)`
			`}`

			`return nil`
			`}`
Flatten configuration structs Change the various config structs into one package and have a flatter structure for easier use. Signed-off-by: Michael Crosby <crosbymichael@gmail.com> 2015-02-01 11:56:27 +08:00
			`func createIfNotExists(path string, isDir bool) error {`
			`if _, err := os.Stat(path); err != nil {`
			`if os.IsNotExist(err) {`
			`if isDir {`
			`if err := os.MkdirAll(path, 0755); err != nil {`
			`return err`
			`}`
			`} else {`
			`if err := os.MkdirAll(filepath.Dir(path), 0755); err != nil {`
			`return err`
			`}`
			`f, err := os.OpenFile(path, os.O_CREATE, 0755)`
			`if err != nil {`
			`return err`
			`}`
			`f.Close()`
			`}`
			`}`
			`}`
			`return nil`
			`}`