conf: fd-only pivot root

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 4e67249694a24ab5a45ade9ba05e9a31b7df5b2e..9080ed4dce4cc10d0573f8f68830c65267551b5d 100644 (file)
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1394,54 +1394,50 @@ static int lxc_chroot(const struct lxc_rootfs *rootfs)
  *    though, so you may need to say mount --bind /nfs/my_root /nfs/my_root
  *    first.
  */
-static int lxc_pivot_root(const char *rootfs)
+static int lxc_pivot_root(const struct lxc_rootfs *rootfs)
 {
-       __do_close int oldroot = -EBADF, newroot = -EBADF;
+       __do_close int fd_oldroot = -EBADF;
        int ret;
 
-       oldroot = open("/", O_DIRECTORY | O_RDONLY | O_CLOEXEC);
-       if (oldroot < 0)
+       fd_oldroot = open_at(-EBADF, "/", PROTECT_OPATH_DIRECTORY, PROTECT_LOOKUP_ABSOLUTE, 0);
+       if (fd_oldroot < 0)
                return log_error_errno(-1, errno, "Failed to open old root directory");
 
-       newroot = open(rootfs, O_DIRECTORY | O_RDONLY | O_CLOEXEC);
-       if (newroot < 0)
-               return log_error_errno(-1, errno, "Failed to open new root directory");
-
        /* change into new root fs */
-       ret = fchdir(newroot);
+       ret = fchdir(rootfs->mntpt_fd);
        if (ret < 0)
-               return log_error_errno(-1, errno, "Failed to change to new rootfs \"%s\"", rootfs);
+               return log_error_errno(-errno, errno, "Failed to change into new root directory \"%s\"", rootfs->mount);
 
        /* pivot_root into our new root fs */
        ret = pivot_root(".", ".");
        if (ret < 0)
-               return log_error_errno(-1, errno, "Failed to pivot_root()");
+               return log_error_errno(-errno, errno, "Failed to pivot into new root directory \"%s\"", rootfs->mount);
 
        /* At this point the old-root is mounted on top of our new-root. To
         * unmounted it we must not be chdir'd into it, so escape back to
         * old-root.
         */
-       ret = fchdir(oldroot);
+       ret = fchdir(fd_oldroot);
        if (ret < 0)
-               return log_error_errno(-1, errno, "Failed to enter old root directory");
+               return log_error_errno(-errno, errno, "Failed to enter old root directory");
 
-       /* Make oldroot a depedent mount to make sure our umounts don't propagate to the
-        * host.
+       /*
+        * Make fd_oldroot a depedent mount to make sure our umounts don't
+        * propagate to the host.
         */
        ret = mount("", ".", "", MS_SLAVE | MS_REC, NULL);
        if (ret < 0)
-               return log_error_errno(-1, errno, "Failed to recursively turn old root mount tree into dependent mount");
+               return log_error_errno(-errno, errno, "Failed to recursively turn old root mount tree into dependent mount");
 
        ret = umount2(".", MNT_DETACH);
        if (ret < 0)
-               return log_error_errno(-1, errno, "Failed to detach old root directory");
+               return log_error_errno(-errno, errno, "Failed to detach old root directory");
 
-       ret = fchdir(newroot);
+       ret = fchdir(rootfs->mntpt_fd);
        if (ret < 0)
-               return log_error_errno(-1, errno, "Failed to re-enter new root directory");
-
-       TRACE("pivot_root(\"%s\") successful", rootfs);
+               return log_error_errno(-errno, errno, "Failed to re-enter new root directory \"%s\"", rootfs->mount);
 
+       TRACE("Changed into new rootfs \"%s\"", rootfs->mount);
        return 0;
 }
 
@@ -1453,7 +1449,7 @@ static int lxc_setup_rootfs_switch_root(const struct lxc_rootfs *rootfs)
        if (detect_ramfs_rootfs())
                return lxc_chroot(rootfs);
 
-       return lxc_pivot_root(rootfs->mount);
+       return lxc_pivot_root(rootfs);
 }
 
 static const struct id_map *find_mapped_nsid_entry(const struct lxc_conf *conf,