allow overlay lxc.mount.entry with no rootfs

Allow lxc.mount.entry entries for containers without a rootfs.

Signed-off-by: Christian Brauner <christian.brauner@mailbox.org>

diff --git a/src/lxc/bdev/lxcaufs.c b/src/lxc/bdev/lxcaufs.c
index 4224ce8020d15564b6675822a293fd6a102976f3..01529669e95d4db605a15eac4249934c46d8c417 100644 (file)
--- a/src/lxc/bdev/lxcaufs.c
+++ b/src/lxc/bdev/lxcaufs.c
@@ -353,6 +353,7 @@ int aufs_mkdir(const struct mntent *mntent, const struct lxc_rootfs *rootfs,
                const char *lxc_name, const char *lxc_path)
 {
        char lxcpath[MAXPATHLEN];
+       char *rootfs_path = NULL;
        char *rootfsdir = NULL;
        char *scratch = NULL;
        char *tmp = NULL;
@@ -365,11 +366,9 @@ int aufs_mkdir(const struct mntent *mntent, const struct lxc_rootfs *rootfs,
        size_t len = 0;
        size_t rootfslen = 0;
 
-       /* Since we use all of these to check whether the user has given us a
-        * sane absolute path to create the directories needed for overlay
-        * lxc.mount.entry entries we consider any of these missing fatal. */
-       if (!rootfs || !rootfs->path || !lxc_name || !lxc_path)
-               goto err;
+       /* When rootfs == NULL we have a container without a rootfs. */
+       if (rootfs && rootfs->path)
+               rootfs_path = rootfs->path;
 
        opts = lxc_string_split(mntent->mnt_opts, ',');
        if (opts)
@@ -388,20 +387,28 @@ int aufs_mkdir(const struct mntent *mntent, const struct lxc_rootfs *rootfs,
        if (!upperdir)
                goto err;
 
-       ret = snprintf(lxcpath, MAXPATHLEN, "%s/%s", lxc_path, lxc_name);
-       if (ret < 0 || ret >= MAXPATHLEN)
-               goto err;
+       if (rootfs_path) {
+               ret = snprintf(lxcpath, MAXPATHLEN, "%s/%s", lxc_path, lxc_name);
+               if (ret < 0 || ret >= MAXPATHLEN)
+                       goto err;
 
-       rootfsdir = aufs_get_rootfs(rootfs->path, &rootfslen);
-       if (!rootfsdir)
-               goto err;
+               rootfsdir = aufs_get_rootfs(rootfs->path, &rootfslen);
+               if (!rootfsdir)
+                       goto err;
+       }
 
-       /* We neither allow users to create upperdirs outside the containerdir
-        * nor inside the rootfs. The latter might be debatable. */
-       if ((strncmp(upperdir, lxcpath, strlen(lxcpath)) == 0) && (strncmp(upperdir, rootfsdir, rootfslen) != 0))
-               if (mkdir_p(upperdir, 0755) < 0) {
-                       WARN("Failed to create upperdir");
-               }
+       /*
+        * We neither allow users to create upperdirs and workdirs outside the
+        * containerdir nor inside the rootfs. The latter might be debatable.
+        * When we have a container without a rootfs we skip the checks.
+        */
+       ret = 0;
+       if (!rootfs_path)
+               ret = mkdir_p(upperdir, 0755);
+       else if ((strncmp(upperdir, lxcpath, strlen(lxcpath)) == 0) && (strncmp(upperdir, rootfsdir, rootfslen) != 0))
+               ret = mkdir_p(upperdir, 0755);
+       if (ret < 0)
+               WARN("Failed to create upperdir");
 
        fret = 0;
 

diff --git a/src/lxc/bdev/lxcaufs.h b/src/lxc/bdev/lxcaufs.h
index 4746980db9ff22fec0b01c7f6e003adcccf75790..fa623f712a7176faf6432bc9cd0b3620667bf134 100644 (file)
--- a/src/lxc/bdev/lxcaufs.h
+++ b/src/lxc/bdev/lxcaufs.h
@@ -42,6 +42,9 @@ struct bdev_specs;
 /* defined conf.h */
 struct lxc_conf;
 
+/* defined in conf.h */
+struct lxc_rootfs;
+
 /*
  * Functions associated with an aufs bdev struct.
  */

diff --git a/src/lxc/bdev/lxcoverlay.c b/src/lxc/bdev/lxcoverlay.c
index d18f062a031b890508e6886b229df4701e0b56c3..86181d92f1a7a068667381ae27c2146fb0cac3fb 100644 (file)
--- a/src/lxc/bdev/lxcoverlay.c
+++ b/src/lxc/bdev/lxcoverlay.c
@@ -477,6 +477,7 @@ int ovl_mkdir(const struct mntent *mntent, const struct lxc_rootfs *rootfs,
              const char *lxc_name, const char *lxc_path)
 {
        char lxcpath[MAXPATHLEN];
+       char *rootfs_path = NULL;
        char *rootfsdir = NULL;
        char *upperdir = NULL;
        char *workdir = NULL;
@@ -489,11 +490,9 @@ int ovl_mkdir(const struct mntent *mntent, const struct lxc_rootfs *rootfs,
        size_t len = 0;
        size_t rootfslen = 0;
 
-       /* Since we use all of these to check whether the user has given us a
-        * sane absolute path to create the directories needed for overlay
-        * lxc.mount.entry entries we consider any of these missing fatal. */
-       if (!rootfs || !rootfs->path || !lxc_name || !lxc_path)
-               goto err;
+       /* When rootfs == NULL we have a container without a rootfs. */
+       if (rootfs && rootfs->path)
+               rootfs_path = rootfs->path;
 
        opts = lxc_string_split(mntent->mnt_opts, ',');
        if (opts)
@@ -508,31 +507,42 @@ int ovl_mkdir(const struct mntent *mntent, const struct lxc_rootfs *rootfs,
                        workdir = opts[i] + len;
        }
 
-       ret = snprintf(lxcpath, MAXPATHLEN, "%s/%s", lxc_path, lxc_name);
-       if (ret < 0 || ret >= MAXPATHLEN)
-               goto err;
+       if (rootfs_path) {
+               ret = snprintf(lxcpath, MAXPATHLEN, "%s/%s", lxc_path, lxc_name);
+               if (ret < 0 || ret >= MAXPATHLEN)
+                       goto err;
 
-       rootfsdir = ovl_get_rootfs(rootfs->path, &rootfslen);
-       if (!rootfsdir)
-               goto err;
+               rootfsdir = ovl_get_rootfs(rootfs_path, &rootfslen);
+               if (!rootfsdir)
+                       goto err;
 
-       dirlen = strlen(lxcpath);
+               dirlen = strlen(lxcpath);
+       }
 
        /*
         * We neither allow users to create upperdirs and workdirs outside the
         * containerdir nor inside the rootfs. The latter might be debatable.
+        * When we have a container without a rootfs we skip the checks.
         */
-       if (upperdir)
-               if ((strncmp(upperdir, lxcpath, dirlen) == 0) && (strncmp(upperdir, rootfsdir, rootfslen) != 0))
-                       if (mkdir_p(upperdir, 0755) < 0) {
-                               WARN("Failed to create upperdir");
-                       }
-
-       if (workdir)
-               if ((strncmp(workdir, lxcpath, dirlen) == 0) && (strncmp(workdir, rootfsdir, rootfslen) != 0))
-                       if (mkdir_p(workdir, 0755) < 0) {
-                               WARN("Failed to create workdir");
-                       }
+       ret = 0;
+       if (upperdir) {
+               if (!rootfs_path)
+                       ret = mkdir_p(upperdir, 0755);
+               else if ((strncmp(upperdir, lxcpath, dirlen) == 0) && (strncmp(upperdir, rootfsdir, rootfslen) != 0))
+                       ret = mkdir_p(upperdir, 0755);
+               if (ret < 0)
+                       WARN("Failed to create upperdir");
+       }
+
+       ret = 0;
+       if (workdir) {
+               if (!rootfs_path)
+                       ret = mkdir_p(workdir, 0755);
+               else if ((strncmp(workdir, lxcpath, dirlen) == 0) && (strncmp(workdir, rootfsdir, rootfslen) != 0))
+                       ret = mkdir_p(workdir, 0755);
+               if (ret < 0)
+                       WARN("Failed to create workdir");
+       }
 
        fret = 0;
 

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index aa18f88892b03e325014145d1e6e9388abcb590c..56dd467b77ee0381b5c6f5a37b5e18cf97fdfbe4 100644 (file)
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1145,7 +1145,7 @@ static int fill_autodev(const struct lxc_rootfs *rootfs)
                return -1;
        }
 
-       if (!dir_exists(path))  // ignore, just don't try to fill in
+       if (!dir_exists(path)) // ignore, just don't try to fill in
                return 0;
 
        INFO("Populating container /dev");