Replace config.Privatefs with config.RootPropagation

Right now config.Privatefs is a boolean which determines if / is applied with propagation flag syscall.MS_PRIVATE | syscall.MS_REC or not. Soon we want to represent other propagation states like private, [r]slave, and [r]shared. So either we can introduce more boolean variable or keep track of propagation flags in an integer variable. Keeping an integer variable is more versatile and can allow various kind of propagation flags to be specified. So replace Privatefs with RootPropagation which is an integer. Note, this will require changes in docker. Instead of setting Privatefs to true, they will need to set. config.RootPropagation = syscall.MS_PRIVATE | syscall.MS_REC Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
2015-10-01 17:03:02 -04:00 · 2015-10-01 17:03:02 -04:00 · 5dd6caf6cf
parent 4d5079b9dc
commit 5dd6caf6cf
3 changed files with 9 additions and 9 deletions
--- a/libcontainer/configs/config.go
+++ b/libcontainer/configs/config.go
@ -92,8 +92,8 @@ type Config struct {
 	// bind mounts are writtable.
 	Readonlyfs bool `json:"readonlyfs"`

-	// Privatefs will mount the container's rootfs as private where mount points from the parent will not propogate
-	Privatefs bool `json:"privatefs"`
+	// Specifies the mount propagation flags to be applied to /.
+	RootPropagation int `json:"rootPropagation"`

 	// Mounts specify additional source and destination paths that will be mounted inside the container's
 	// rootfs and mount namespace if specified
--- a/libcontainer/rootfs_linux.go
+++ b/libcontainer/rootfs_linux.go
@ -422,8 +422,8 @@ func mknodDevice(dest string, node *configs.Device) error {

 func prepareRoot(config *configs.Config) error {
 	flag := syscall.MS_SLAVE | syscall.MS_REC
-	if config.Privatefs {
-		flag = syscall.MS_PRIVATE | syscall.MS_REC
+	if config.RootPropagation != 0 {
+		flag = config.RootPropagation
 	}
 	if err := syscall.Mount("", "/", "", uintptr(flag), ""); err != nil {
 		return err
--- a/spec.go
+++ b/spec.go
@ -329,11 +329,11 @@ func createLibcontainerConfig(cgroupName string, spec *specs.LinuxSpec, rspec *s
 		rootfsPath = filepath.Join(cwd, rootfsPath)
 	}
 	config := &configs.Config{
-		Rootfs:       rootfsPath,
-		Capabilities: spec.Linux.Capabilities,
-		Readonlyfs:   spec.Root.Readonly,
-		Hostname:     spec.Hostname,
-		Privatefs:    true,
+		Rootfs:          rootfsPath,
+		Capabilities:    spec.Linux.Capabilities,
+		Readonlyfs:      spec.Root.Readonly,
+		Hostname:        spec.Hostname,
+		RootPropagation: syscall.MS_PRIVATE | syscall.MS_REC,
 	}
 	for _, ns := range rspec.Linux.Namespaces {
 		t, exists := namespaceMapping[ns.Type]