summaryrefslogtreecommitdiff
path: root/libpod/volume_internal.go
diff options
context:
space:
mode:
authorMatthew Heon <mheon@redhat.com>2020-08-10 14:33:52 -0400
committerMatthew Heon <mheon@redhat.com>2020-08-11 09:53:36 -0400
commita064cfc99ba4f0e8d3a13ddeea76718f9e50b14e (patch)
tree8369dcf135c09ce7d832aaee50fdf77f78cb5190 /libpod/volume_internal.go
parent6d3075a6c79a6e761c183e0d5e6aa239fad21b63 (diff)
downloadpodman-a064cfc99ba4f0e8d3a13ddeea76718f9e50b14e.tar.gz
podman-a064cfc99ba4f0e8d3a13ddeea76718f9e50b14e.tar.bz2
podman-a064cfc99ba4f0e8d3a13ddeea76718f9e50b14e.zip
Ensure correct propagation for cgroupsv1 systemd cgroup
On cgroups v1 systems, we need to mount /sys/fs/cgroup/systemd into the container. We were doing this with no explicit mount propagation tag, which means that, under some circumstances, the shared mount propagation could be chosen - which, combined with the fact that we need a mount to mask /sys/fs/cgroup/systemd/release_agent in the container, means we would leak a never-ending set of mounts under /sys/fs/cgroup/systemd/ on container restart. Fortunately, the fix is very simple - hardcode mount propagation to something that won't leak. Signed-off-by: Matthew Heon <mheon@redhat.com>
Diffstat (limited to 'libpod/volume_internal.go')
0 files changed, 0 insertions, 0 deletions