LXC: umount the temporary filesystem created by libvirt

The devpts, dev and fuse filesystems are mounted temporarily.
there is no need to export them to container if container shares
the root directory with host.

Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>

diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index 9c04d06b66ddca20dd6d62f0d8650cb1377001fa..0ab4ab72dda9f3e0ec52d10b38653ebe91063d51 100644 (file)
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -1486,6 +1486,7 @@ static int lxcContainerSetupPivotRoot(virDomainDefPtr vmDef,
     int ret = -1;
     char *sec_mount_options;
     char *stateDir = NULL;
+    char *tmp = NULL;
 
     VIR_DEBUG("Setup pivot root");
 
@@ -1522,6 +1523,26 @@ static int lxcContainerSetupPivotRoot(virDomainDefPtr vmDef,
         goto cleanup;
 #endif
 
+    /* These filesystems are created by libvirt temporarily, they
+     * shouldn't appear in container. */
+    if (STREQ(root->src, "/")) {
+        if (virAsprintf(&tmp, "%s/%s.dev", stateDir, vmDef->name) < 0 ||
+            lxcContainerUnmountSubtree(tmp, false) < 0)
+            goto cleanup;
+
+        VIR_FREE(tmp);
+        if (virAsprintf(&tmp, "%s/%s.devpts", stateDir, vmDef->name) < 0 ||
+            lxcContainerUnmountSubtree(tmp, false) < 0)
+            goto cleanup;
+
+#if WITH_FUSE
+        VIR_FREE(tmp);
+        if (virAsprintf(&tmp, "%s/%s.fuse", stateDir, vmDef->name) < 0 ||
+            lxcContainerUnmountSubtree(tmp, false) < 0)
+            goto cleanup;
+#endif
+    }
+
     /* If we have the root source being '/', then we need to
      * get rid of any existing stuff under /proc, /sys & /tmp.
      * We need new namespace aware versions of those. We must
@@ -1571,6 +1592,7 @@ cleanup:
     VIR_FREE(stateDir);
     virCgroupFree(&cgroup);
     VIR_FREE(sec_mount_options);
+    VIR_FREE(tmp);
     return ret;
 }