jasder
/
runc
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Only remount if requested flags differ from current 

Do not remount a bind mount to enable flags unless non-default flags are
provided for the requested mount. This solves a problem with user
namespaces and remount of bind mount permissions.

Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
This commit is contained in:
Phil Estes 2015-09-29 10:53:21 -04:00
parent 902ccd0f18
commit 97f5ee4e6a
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
libcontainer/rootfs_linux.go
View File

@ -167,9 +167,14 @@ func mountToRootfs(m *configs.Mount, rootfs, mountLabel string) error {
return err return err
} }
// bind mount won't change mount options, we need remount to make mount options effective. // bind mount won't change mount options, we need remount to make mount options effective.
// first check that we have non-default options required before attempting a remount
if m.Flags&^(syscall.MS_REC|syscall.MS_REMOUNT|syscall.MS_BIND) != 0 {
// only remount if unique mount options are set
if err := remount(m, rootfs); err != nil { if err := remount(m, rootfs); err != nil {
return err return err
} }
}
if m.Relabel != "" { if m.Relabel != "" {
if err := label.Validate(m.Relabel); err != nil { if err := label.Validate(m.Relabel); err != nil {
return err return err