conf: verify that the rootfs can support idmapped mounts

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index e3096d257cbde3dd73746469662747954a68cb32..baacf928940459d1d772800e490d893b63dac1b3 100644 (file)
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -494,6 +494,12 @@ int lxc_rootfs_prepare(struct lxc_rootfs *rootfs, bool userns)
        struct statfs stfs;
 
        if (!is_empty_string(rootfs->mnt_opts.userns_path)) {
+               if (!rootfs->path)
+                       return syserror_set(-EINVAL, "Idmapped rootfs currently only supported with separate rootfs for container");
+
+               if (rootfs->bdev_type && !strequal(rootfs->bdev_type, "dir"))
+                       return syserror_set(-EINVAL, "Idmapped rootfs currently only supports the \"dir\" storage driver");
+
                fd_userns = open_at(-EBADF, rootfs->mnt_opts.userns_path,
                                    PROTECT_OPEN_WITH_TRAILING_SYMLINKS, 0, 0);
                if (fd_userns < 0)