[systemd-devel] [PATCH] Do not clear parent mount flags when setting up namespaces

Djalal Harouni tixxdz at opendz.org
Fri Jan 2 15:46:32 PST 2015 

On Thu, Jan 01, 2015 at 06:41:17PM +0000, Topi Miettinen wrote:
> On 01/01/15 18:08, Dave Reisner wrote:
> > On Thu, Jan 01, 2015 at 04:49:04PM +0200, Topi Miettinen wrote:
> >> Copy parent directory mount flags when setting up a namespace and
> >> don't accidentally clear mount flags later.
> >>
> >> Signed-off-by: Topi Miettinen <toiwoton at gmail.com>
> >> ---
> >>  src/core/namespace.c |  4 ++--
> >>  src/shared/util.c    | 20 ++++++++++++++++++--
> >>  src/shared/util.h    |  2 ++
> >>  3 files changed, 22 insertions(+), 4 deletions(-)
> >>
> >> diff --git a/src/core/namespace.c b/src/core/namespace.c
> >> index 5b408e0..400bc50 100644
> >> --- a/src/core/namespace.c
> >> +++ b/src/core/namespace.c
> >> @@ -159,7 +159,7 @@ static int mount_dev(BindMount *m) {
> >>  
> >>          dev = strappenda(temporary_mount, "/dev");
> >>          (void)mkdir(dev, 0755);
> >> -        if (mount("tmpfs", dev, "tmpfs", MS_NOSUID|MS_STRICTATIME, "mode=755") < 0) {
> >> +        if (mount("tmpfs", dev, "tmpfs", get_mount_flags("/dev")|MS_NOSUID|MS_STRICTATIME, "mode=755") < 0) {
> >>                  r = -errno;
> >>                  goto fail;
> >>          }
> >> @@ -282,7 +282,7 @@ static int mount_kdbus(BindMount *m) {
> >>  
> >>          root = strappenda(temporary_mount, "/kdbus");
> >>          (void)mkdir(root, 0755);
> >> -        if (mount("tmpfs", root, "tmpfs", MS_NOSUID|MS_STRICTATIME, "mode=777") < 0) {
> >> +        if (mount("tmpfs", root, "tmpfs", get_mount_flags("/kdbus")|MS_NOSUID|MS_STRICTATIME, "mode=777") < 0) {
> > 
> > Shouldn't this be /sys/fs/bus/kdbus? We certainly don't mount kdbusfs in
> > the root...
> 
> Probably. I don't have kdbus here (sorry) and I don't quite get what the
> function is supposed to do.
Yes kdbusfs by default should be mounted in /sys/fs/kdbus/

That mount_kdbus() function is dealing with kdbus custom endpoints
/sys/fs/kdbus/<bus>/<endpoint>  [1], the whole thing is mounted on top
of tmpfs in order to hide the rest of the kdbufs tree

The custom endpoints are created when creating services, this will be
part of the namespaced apps setup where apps will only see a subset of
names on a bus... the custom endpoint will be mounted on top of the
default endpoint "bus" [2]

However, I'm not up to date with this part of the code... in any case
this mount_kdbus() function should be renamed to something like
mount_kdbus_custom_ep()...

[1] http://code.google.com/p/d-bus/source/browse/kdbus.txt#115
[2] http://lists.freedesktop.org/archives/systemd-devel/2014-October/023515.html

-- 
Djalal Harouni
http://opendz.org

More information about the systemd-devel mailing list