summaryrefslogtreecommitdiff
path: root/pkg/util/mountOpts.go
blob: 40c99384d5981df98438dd0a564aad06c5597b81 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
package util

import (
	"strings"

	"github.com/pkg/errors"
)

var (
	// ErrBadMntOption indicates that an invalid mount option was passed.
	ErrBadMntOption = errors.Errorf("invalid mount option")
	// ErrDupeMntOption indicates that a duplicate mount option was passed.
	ErrDupeMntOption = errors.Errorf("duplicate option passed")
)

// ProcessOptions parses the options for a bind mount and ensures that they are
// sensible and follow convention.
func ProcessOptions(options []string) []string {
	var (
		foundbind, foundrw, foundro bool
		rootProp                    string
	)

	for _, opt := range options {
		switch opt {
		case "bind", "rbind":
			foundbind = true
		case "ro":
			foundro = true
		case "rw":
			foundrw = true
		case "private", "rprivate", "slave", "rslave", "shared", "rshared":
			rootProp = opt
		}
	}
	if !foundbind {
		options = append(options, "rbind")
	}
	if !foundrw && !foundro {
		options = append(options, "rw")
	}
	if rootProp == "" {
		options = append(options, "rprivate")
	}
	return options
}

// ProcessTmpfsOptions parses the options for a tmpfs mountpoint and ensures
// that they are sensible and follow convention.
func ProcessTmpfsOptions(options []string) ([]string, error) {
	var (
		foundWrite, foundSize, foundProp, foundMode bool
	)

	baseOpts := []string{"noexec", "nosuid", "nodev"}
	for _, opt := range options {
		// Some options have parameters - size, mode
		splitOpt := strings.SplitN(opt, "=", 2)
		switch splitOpt[0] {
		case "rw", "ro":
			if foundWrite {
				return nil, errors.Wrapf(ErrDupeMntOption, "only one of rw and ro can be used")
			}
			foundWrite = true
			baseOpts = append(baseOpts, opt)
		case "private", "rprivate", "slave", "rslave", "shared", "rshared":
			if foundProp {
				return nil, errors.Wrapf(ErrDupeMntOption, "only one root propagation mode can be used")
			}
			foundProp = true
			baseOpts = append(baseOpts, opt)
		case "size":
			if foundSize {
				return nil, errors.Wrapf(ErrDupeMntOption, "only one tmpfs size can be specified")
			}
			foundSize = true
			baseOpts = append(baseOpts, opt)
		case "mode":
			if foundMode {
				return nil, errors.Wrapf(ErrDupeMntOption, "only one tmpfs mode can be specified")
			}
			foundMode = true
			baseOpts = append(baseOpts, opt)
		case "noexec", "nodev", "nosuid":
			// Do nothing. We always include these even if they are
			// not explicitly requested.
		default:
			return nil, errors.Wrapf(ErrBadMntOption, "unknown tmpfs option %q", opt)
		}
	}

	if !foundWrite {
		baseOpts = append(baseOpts, "rw")
	}
	if !foundSize {
		baseOpts = append(baseOpts, "size=65536k")
	}
	if !foundProp {
		baseOpts = append(baseOpts, "rprivate")
	}

	return baseOpts, nil
}