conf.c: if we don't specify a rootfs, we still need proc mounted

otherwise we won't be allowed to set an apparmor context (on pid 1)

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index a1aee141fbda9fde3232afa4fdd108bae2407c37..5700effa8c34a0be2c379f4edb3c98848360f482 100644 (file)
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -2851,9 +2851,13 @@ int lxc_setup(const char *name, struct lxc_conf *lxc_conf)
 #if HAVE_APPARMOR /* || HAVE_SMACK || HAVE_SELINUX */
        INFO("rootfs path is .%s., mount is .%s.", lxc_conf->rootfs.path,
                lxc_conf->rootfs.mount);
-       if (lxc_conf->rootfs.path == NULL || strlen(lxc_conf->rootfs.path) == 0)
-               mounted = 0;
-       else
+       if (lxc_conf->rootfs.path == NULL || strlen(lxc_conf->rootfs.path) == 0) {
+               if (mount("proc", "/proc", "proc", 0, NULL)) {
+                       SYSERROR("Failed mounting /proc, proceeding");
+                       mounted = 0;
+               } else
+                       mounted = 1;
+       } else
                mounted = lsm_mount_proc_if_needed(lxc_conf->rootfs.path, lxc_conf->rootfs.mount);
        if (mounted == -1) {
                SYSERROR("failed to mount /proc in the container.");