[systemd-devel] [PATCH] tmpfiles: don't create subvolumes in chroot

[Lennart Poettering]

On Wed, 01.04.15 14:33, Jan Synacek (jsynacek at redhat.com) wrote:

> Creating subvolumes in chrooted environments makes them
> undeletable and breaks mock.

Humm, I am not convinced that this is a good idea.

The chroot environments are hardly "undeletable", they just require
you to delete them explicitly. There's work going on to tech
btrfs-progs recursive deleting of subvolumes. I am pretty sure that's
the right fix and mock should really be updated to deal with that...

I am also against this since chrooting is an implementation detail of
mock, nothing more, and the fact that mock's recursive deletion logic
cannot handle removal of subvolumes is not directly connected to the
fact that mock uses chroot.

Sorry, but we need to find a different solution for this.

Maybe mock should use seccomp to make the subvolume creation ioctls
unavailable, or it should be updated to deal with subvolumes properly.

Lennart

-- 
Lennart Poettering, Red Hat