diff options
| author |   Dan Walsh <dwalsh@redhat.com> | 2012-07-18 15:36:20 -0400 |
|---|---|---|
| committer |   Daniel P. Berrange <berrange@redhat.com> | 2012-07-18 20:52:18 +0100 |
| commit | 9f5ef4d9b3359b9ee7c14d791a69864998c72a8d (patch) | |
| tree | a94ea027c4544e715a412aab4c76414181813352 /src/lxc | |
| parent | Add a sheepdog backend for the storage driver (diff) | |
| download | libvirt-9f5ef4d9b3359b9ee7c14d791a69864998c72a8d.tar.gz libvirt-9f5ef4d9b3359b9ee7c14d791a69864998c72a8d.tar.bz2 libvirt-9f5ef4d9b3359b9ee7c14d791a69864998c72a8d.zip | |
lxcContainerMountCGroups also mounts a tmpfs that needs to be labeled.
This patch passes down the sec_mount_options to the
lxcContainerMountCGroups function and then mounts the tmpfs with
the correct label.
Diffstat (limited to 'src/lxc')
| -rw-r--r-- | src/lxc/lxc_container.c | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c index 92a3bf9ed..6fdf3593c 100644 --- a/src/lxc/lxc_container.c +++ b/src/lxc/lxc_container.c @@ -1341,9 +1341,11 @@ cleanup: static int lxcContainerMountCGroups(struct lxcContainerCGroup *mounts, - size_t nmounts) + size_t nmounts, + char * sec_mount_options) { size_t i; + char *opts = NULL; VIR_DEBUG("Mounting cgroups at '%s'", VIR_CGROUP_SYSFS_MOUNT); @@ -1354,12 +1356,20 @@ static int lxcContainerMountCGroups(struct lxcContainerCGroup *mounts, return -1; } - if (mount("tmpfs", VIR_CGROUP_SYSFS_MOUNT, "tmpfs", MS_NOSUID|MS_NODEV|MS_NOEXEC, "mode=755") < 0) { + if (virAsprintf(&opts, + "mode=755,size=65536%s",(sec_mount_options ? sec_mount_options : "")) < 0 ) { + virReportOOMError(); + return -1; + } + + if (mount("tmpfs", VIR_CGROUP_SYSFS_MOUNT, "tmpfs", MS_NOSUID|MS_NODEV|MS_NOEXEC, opts) < 0) { + VIR_FREE(opts); virReportSystemError(errno, _("Failed to mount %s on %s type %s"), "tmpfs", VIR_CGROUP_SYSFS_MOUNT, "tmpfs"); return -1; } + VIR_FREE(opts); for (i = 0 ; i < nmounts ; i++) { if (mounts[i].linkDest) { @@ -1433,7 +1443,7 @@ static int lxcContainerSetupPivotRoot(virDomainDefPtr vmDef, /* Now we can re-mount the cgroups controllers in the * same configuration as before */ - if (lxcContainerMountCGroups(mounts, nmounts) < 0) + if (lxcContainerMountCGroups(mounts, nmounts, sec_mount_options) < 0) goto cleanup; /* Mounts /dev/pts */ @@ -1512,7 +1522,7 @@ static int lxcContainerSetupExtraMounts(virDomainDefPtr vmDef, /* Now we can re-mount the cgroups controllers in the * same configuration as before */ - if (lxcContainerMountCGroups(mounts, nmounts) < 0) + if (lxcContainerMountCGroups(mounts, nmounts, sec_mount_options) < 0) goto cleanup; VIR_DEBUG("Mounting completed"); |