summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorValentin Rothberg <vrothberg@suse.com>2018-11-21 15:56:31 +0100
committerValentin Rothberg <valentinrothberg@gmail.com>2018-11-26 13:55:02 +0100
commit0e2042ebd72c0053513ea4979926e071e1eefddc (patch)
treec5bbddcd4cf07e281db3c2d870d7449eafc580fe
parent1fdfeb87100aee82d4de17b2b3f9a81aedfcb6a8 (diff)
downloadpodman-0e2042ebd72c0053513ea4979926e071e1eefddc.tar.gz
podman-0e2042ebd72c0053513ea4979926e071e1eefddc.tar.bz2
podman-0e2042ebd72c0053513ea4979926e071e1eefddc.zip
set root propagation based on volume properties
Set the root propagation based on the properties of volumes and default mounts. To remain compatibility, follow the semantics of Docker. If a volume is shared, keep the root propagation shared which works for slave and private volumes too. For slave volumes, it can either be shared or rshared. Do not change the root propagation for private volumes and stick with the default. Fixes: #1834 Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
-rw-r--r--libpod/container_internal_linux.go26
-rw-r--r--libpod/mounts_linux.go18
-rw-r--r--test/e2e/run_test.go5
3 files changed, 48 insertions, 1 deletions
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
index e6071945d..93bd23b55 100644
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@@ -347,8 +347,34 @@ func (c *Container) generateSpec(ctx context.Context) (*spec.Spec, error) {
// Mounts need to be sorted so paths will not cover other paths
mounts := sortMounts(g.Mounts())
g.ClearMounts()
+
+ // Determine property of RootPropagation based on volume properties. If
+ // a volume is shared, then keep root propagation shared. This should
+ // work for slave and private volumes too.
+ //
+ // For slave volumes, it can be either [r]shared/[r]slave.
+ //
+ // For private volumes any root propagation value should work.
+ rootPropagation := ""
for _, m := range mounts {
g.AddMount(m)
+ for _, opt := range m.Options {
+ switch opt {
+ case MountShared, MountRShared:
+ if rootPropagation != MountShared && rootPropagation != MountRShared {
+ rootPropagation = MountShared
+ }
+ case MountSlave, MountRSlave:
+ if rootPropagation != MountShared && rootPropagation != MountRShared && rootPropagation != MountSlave && rootPropagation != MountRSlave {
+ rootPropagation = MountRSlave
+ }
+ }
+ }
+ }
+
+ if rootPropagation != "" {
+ logrus.Debugf("set root propagation to %q", rootPropagation)
+ g.SetLinuxRootPropagation(rootPropagation)
}
return g.Config, nil
}
diff --git a/libpod/mounts_linux.go b/libpod/mounts_linux.go
new file mode 100644
index 000000000..e6aa09eac
--- /dev/null
+++ b/libpod/mounts_linux.go
@@ -0,0 +1,18 @@
+// +build linux
+
+package libpod
+
+const (
+ // MountPrivate represents the private mount option.
+ MountPrivate = "private"
+ // MountRPrivate represents the rprivate mount option.
+ MountRPrivate = "rprivate"
+ // MountShared represents the shared mount option.
+ MountShared = "shared"
+ // MountRShared represents the rshared mount option.
+ MountRShared = "rshared"
+ // MountSlave represents the slave mount option.
+ MountSlave = "slave"
+ // MountRSlave represents the rslave mount option.
+ MountRSlave = "rslave"
+)
diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go
index beb408fd4..ff166f466 100644
--- a/test/e2e/run_test.go
+++ b/test/e2e/run_test.go
@@ -609,7 +609,10 @@ USER mail`
session := podmanTest.Podman([]string{"run", "--volume", vol1 + ":/myvol1:z", "--volume", vol2 + ":/myvol2:shared,z", fedoraMinimal, "findmnt", "-o", "TARGET,PROPAGATION"})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
- match, _ := session.GrepString("shared")
+ match, shared := session.GrepString("shared")
Expect(match).Should(BeTrue())
+ // make sure it's only shared (and not 'shared,slave')
+ isSharedOnly := !strings.Contains(shared[0], "shared,")
+ Expect(isSharedOnly).Should(BeTrue())
})
})