aboutsummaryrefslogtreecommitdiff
path: root/pkg/util/mountOpts.go
Commit message (Collapse)AuthorAge
* pkg/spec.InitFSMounts: optimizeKir Kolyshkin2020-04-02
| | | | | | | | | | Instead of getting mount options from /proc/self/mountinfo, which is very costly to read/parse (and can even be unreliable), let's use statfs(2) to figure out the flags we need. [v2: move getting default options to pkg/util, make it linux-specific] Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
* mount: add new options nocopyup|copyup for tmpfsGiuseppe Scrivano2019-11-07
| | | | | | add a way to disable tmpcopyup for tmpfs. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Fix addition of mount options when using RO tmpfsMatthew Heon2019-08-28
| | | | | | | | For read-only containers set to create tmpfs filesystems over /run and other common destinations, we were incorrectly setting mount options, resulting in duplicate mount options. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Allow :z and :Z with ProcessOptionsMatthew Heon2019-08-28
| | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Set base mount options for bind mounts from base systemMatthew Heon2019-08-28
| | | | | | | | | | | | | | | | | | If I mount, say, /usr/bin into my container - I expect to be able to run the executables in that mount. Unconditionally applying noexec would be a bad idea. Before my patches to change mount options and allow exec/dev/suid being set explicitly, we inferred the mount options from where on the base system the mount originated, and the options it had there. Implement the same functionality for the new option handling. There's a lot of performance left on the table here, but I don't know that this is ever going to take enough time to make it worth optimizing. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Add support for 'exec', 'suid', 'dev' mount flagsMatthew Heon2019-08-28
| | | | | | | | | | | | | | | | | | Previously, we explicitly set noexec/nosuid/nodev on every mount, with no ability to disable them. The 'mount' command on Linux will accept their inverses without complaint, though - 'noexec' is counteracted by 'exec', 'nosuid' by 'suid', etc. Add support for passing these options at the command line to disable our explicit forcing of security options. This also cleans up mount option handling significantly. We are still parsing options in more than one place, which isn't good, but option parsing for bind and tmpfs mounts has been unified. Fixes: #3819 Fixes: #3803 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Remove --tmpfs size defaultAshley Cui2019-08-14
| | | | | | | Docker has unlimited tmpfs size where Podman had it set to 64mb. Should be standard between the two. Remove noexec default Signed-off-by: Ashley Cui <ashleycui16@gmail.com>
* Allow (but ignore) Cached and Delegated volume optionsMatthew Heon2019-06-18
| | | | | | | | | | These are only used on OS X Docker, and ignored elsewhere - but since they are ignored, they're guaranteed to be safe everywhere, and people are using them. Fixes: #3340 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* storage: support --mount type=bind,bind-nonrecursiveGiuseppe Scrivano2019-06-13
| | | | | | | | add support for not recursive bind mounts. Closes: https://github.com/containers/libpod/issues/3314 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Ensure that named volumes have their options parsedMatthew Heon2019-05-01
This involves moving some code out of pkg/spec/ into util/ so it can also be used by libpod. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-09-24 18:29:04 +0000