From 02e6427ecfafb3be6e9df7379cc64afdf906b030 Mon Sep 17 00:00:00 2001 From: Michael Crosby Date: Fri, 8 May 2015 10:47:51 -0700 Subject: [PATCH] Do not prevent mounts in /sys Mounts in /sys like /sys/fs/cgroup are valid and should be allowed at the libcontainer level. Signed-off-by: Michael Crosby --- rootfs_linux.go | 1 - rootfs_linux_test.go | 4 ++-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/rootfs_linux.go b/rootfs_linux.go index 0cd60373..4ddfff1f 100644 --- a/rootfs_linux.go +++ b/rootfs_linux.go @@ -215,7 +215,6 @@ func checkMountDestination(rootfs, dest string) error { } invalidDestinations := []string{ "/proc", - "/sys", } for _, invalid := range invalidDestinations { path, err := filepath.Rel(filepath.Join(rootfs, invalid), dest) diff --git a/rootfs_linux_test.go b/rootfs_linux_test.go index 54df065c..a3bb0770 100644 --- a/rootfs_linux_test.go +++ b/rootfs_linux_test.go @@ -15,8 +15,8 @@ func TestCheckMountDestOnProc(t *testing.T) { func TestCheckMountDestInSys(t *testing.T) { dest := "/rootfs//sys/fs/cgroup" err := checkMountDestination("/rootfs", dest) - if err == nil { - t.Fatal("destination inside proc should return an error") + if err != nil { + t.Fatal("destination inside /sys should not return an error") } }