From 5dd6caf6cfbaabeb7dcef187cd4418c955fc334d Mon Sep 17 00:00:00 2001 From: Vivek Goyal Date: Thu, 1 Oct 2015 17:03:02 -0400 Subject: [PATCH] Replace config.Privatefs with config.RootPropagation Right now config.Privatefs is a boolean which determines if / is applied with propagation flag syscall.MS_PRIVATE | syscall.MS_REC or not. Soon we want to represent other propagation states like private, [r]slave, and [r]shared. So either we can introduce more boolean variable or keep track of propagation flags in an integer variable. Keeping an integer variable is more versatile and can allow various kind of propagation flags to be specified. So replace Privatefs with RootPropagation which is an integer. Note, this will require changes in docker. Instead of setting Privatefs to true, they will need to set. config.RootPropagation = syscall.MS_PRIVATE | syscall.MS_REC Signed-off-by: Vivek Goyal --- libcontainer/configs/config.go | 4 ++-- libcontainer/rootfs_linux.go | 4 ++-- spec.go | 10 +++++----- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/libcontainer/configs/config.go b/libcontainer/configs/config.go index 4b298e1e..7fd311db 100644 --- a/libcontainer/configs/config.go +++ b/libcontainer/configs/config.go @@ -92,8 +92,8 @@ type Config struct { // bind mounts are writtable. Readonlyfs bool `json:"readonlyfs"` - // Privatefs will mount the container's rootfs as private where mount points from the parent will not propogate - Privatefs bool `json:"privatefs"` + // Specifies the mount propagation flags to be applied to /. + RootPropagation int `json:"rootPropagation"` // Mounts specify additional source and destination paths that will be mounted inside the container's // rootfs and mount namespace if specified diff --git a/libcontainer/rootfs_linux.go b/libcontainer/rootfs_linux.go index f9566975..f8fc90fd 100644 --- a/libcontainer/rootfs_linux.go +++ b/libcontainer/rootfs_linux.go @@ -422,8 +422,8 @@ func mknodDevice(dest string, node *configs.Device) error { func prepareRoot(config *configs.Config) error { flag := syscall.MS_SLAVE | syscall.MS_REC - if config.Privatefs { - flag = syscall.MS_PRIVATE | syscall.MS_REC + if config.RootPropagation != 0 { + flag = config.RootPropagation } if err := syscall.Mount("", "/", "", uintptr(flag), ""); err != nil { return err diff --git a/spec.go b/spec.go index 8604121b..90876d7c 100644 --- a/spec.go +++ b/spec.go @@ -329,11 +329,11 @@ func createLibcontainerConfig(cgroupName string, spec *specs.LinuxSpec, rspec *s rootfsPath = filepath.Join(cwd, rootfsPath) } config := &configs.Config{ - Rootfs: rootfsPath, - Capabilities: spec.Linux.Capabilities, - Readonlyfs: spec.Root.Readonly, - Hostname: spec.Hostname, - Privatefs: true, + Rootfs: rootfsPath, + Capabilities: spec.Linux.Capabilities, + Readonlyfs: spec.Root.Readonly, + Hostname: spec.Hostname, + RootPropagation: syscall.MS_PRIVATE | syscall.MS_REC, } for _, ns := range rspec.Linux.Namespaces { t, exists := namespaceMapping[ns.Type]