diff options
author | Kir Kolyshkin <kolyshkin@gmail.com> | 2020-03-30 19:59:47 -0700 |
---|---|---|
committer | Kir Kolyshkin <kolyshkin@gmail.com> | 2020-03-31 01:56:10 -0700 |
commit | c11c5e180a6e00e0093f51b050962ee1e2e30f7a (patch) | |
tree | 03a5abd6a4091f32b9a4229cc6dfad67f55ec549 /pkg/spec/config_linux_nocgo.go | |
parent | 9c7410d331ed6c9af50babb41314bfa67a3f39e0 (diff) | |
download | podman-c11c5e180a6e00e0093f51b050962ee1e2e30f7a.tar.gz podman-c11c5e180a6e00e0093f51b050962ee1e2e30f7a.tar.bz2 podman-c11c5e180a6e00e0093f51b050962ee1e2e30f7a.zip |
pkg/spec/initFSMounts: fix
> $ ./bin/podman run -v /tmp:/tmp alpine true; echo $?
> 0
> $ ./bin/podman run -v /tmp:/tmp:ro alpine true; echo $?
> 0
> $ ./bin/podman run -v /tmp:/w0w:ro alpine true; echo $?
> Error: container_linux.go:349: starting container process caused "process_linux.go:449: container init caused \"rootfs_linux.go:58: mounting \\\"/tmp\\\" to rootfs \\\"/home/kir/.local/share/containers/storage/overlay/7636ef3650fc91ee4996ccc026532bb3cff7182c0430db662fffb933e0bcadc9/merged\\\" at \\\"/home/kir/.local/share/containers/storage/overlay/7636ef3650fc91ee4996ccc026532bb3cff7182c0430db662fffb933e0bcadc9/merged/w0w\\\" caused \\\"operation not permitted\\\"\"": OCI runtime permission denied error
> 126
The last command is not working because in-container mount point
is used to search for a parent mount in /proc/self/mountinfo.
And yet the following
> $ ./bin/podman run -v /tmp:/run/test:ro alpine true; echo $?
> 0
still works fine! Here's why:
> $ mount | grep -E '/run |/tmp '
> tmpfs on /run type tmpfs (rw,nosuid,nodev,seclabel,mode=755)
> tmpfs on /tmp type tmpfs (rw,nosuid,nodev,seclabel)
This is the reason why previous commit modified in-container mount
point.
Fixes: 0f5ae3c5af
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Diffstat (limited to 'pkg/spec/config_linux_nocgo.go')
0 files changed, 0 insertions, 0 deletions