We need to do this incase /dev/null is a symlink pointing somewhere
outside the container's rootfs.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
User specified mounts much be evaluated after each mount because
symlinks in nested mounts can invalidate the next mount.
Also check that any bind mounts are not inside /proc or /sys to ensure
that we are able to mask over certian paths inside.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
We want to allow docker to mount tmpfs directories over existing directories
in the image. We will use this patch to pass commands from docker to
libcontainer. The first command we will use is the tar command to gather
all of the contents of the destination directory before mounting, then after
we mount the post mount command will untar the content.
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
As an admin I would expect that if I volume mount a partition into a container, and then later add a mount point to the volume, it will show up in the container.
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
In docker we evaluate all symlinks im path to check that they not escaping
from rootfs and that gives us full path to mount.
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
Michael Crosby
Michael Crosby
Daniel, Dao Quang Minh
Mrunal Patel
Dan Walsh
Alexander Morozov
Mrunal Patel
Andy Goldstein