From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Wed, 12 May 2021 08:19:25 +0000 (+0200)
Subject: conf: don't unmount procfs and sysfs
X-Git-Tag: lxc-5.0.0~170^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f6c5aab0c0399cfd9c51c99cb6a5b4c8b6e8ebb4;p=thirdparty%2Flxc.git

conf: don't unmount procfs and sysfs

Fixes: #3838
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index dbcd57835..5079c87b7 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -717,14 +717,20 @@ static int lxc_mount_auto_mounts(struct lxc_handler *handler, int flags)
         bool has_cap_net_admin;
 
         if (flags & LXC_AUTO_PROC_MASK) {
-		ret = strnprintf(rootfs->buf, sizeof(rootfs->buf), "%s/proc",
-				 rootfs->path ? rootfs->mount : "");
-		if (ret < 0)
-			return ret_errno(EIO);
+		if (rootfs->path) {
+			/*
+			 * Only unmount procfs if we have a separate rootfs so
+			 * we can still access it in safe_mount() below.
+			 */
+			ret = strnprintf(rootfs->buf, sizeof(rootfs->buf), "%s/proc",
+					rootfs->path ? rootfs->mount : "");
+			if (ret < 0)
+				return ret_errno(EIO);
 
-		ret = umount2(rootfs->buf, MNT_DETACH);
-		if (ret)
-			SYSDEBUG("Tried to ensure procfs is unmounted");
+			ret = umount2(rootfs->buf, MNT_DETACH);
+			if (ret)
+				SYSDEBUG("Tried to ensure procfs is unmounted");
+		}
 
 		ret = mkdirat(rootfs->dfd_mnt, "proc" , S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH);
 		if (ret < 0 && errno != EEXIST)
@@ -732,14 +738,20 @@ static int lxc_mount_auto_mounts(struct lxc_handler *handler, int flags)
 	}
 
 	if (flags & LXC_AUTO_SYS_MASK) {
-		ret = strnprintf(rootfs->buf, sizeof(rootfs->buf), "%s/sys",
-				 rootfs->path ? rootfs->mount : "");
-		if (ret < 0)
-			return ret_errno(EIO);
+		if (rootfs->path) {
+			/*
+			 * Only unmount sysfs if we have a separate rootfs so
+			 * we can still access it in safe_mount() below.
+			 */
+			ret = strnprintf(rootfs->buf, sizeof(rootfs->buf), "%s/sys",
+					rootfs->path ? rootfs->mount : "");
+			if (ret < 0)
+				return ret_errno(EIO);
 
-		ret = umount2(rootfs->buf, MNT_DETACH);
-		if (ret)
-			SYSDEBUG("Tried to ensure sysfs is unmounted");
+			ret = umount2(rootfs->buf, MNT_DETACH);
+			if (ret)
+				SYSDEBUG("Tried to ensure sysfs is unmounted");
+		}
 
 		ret = mkdirat(rootfs->dfd_mnt, "sys" , S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH);
 		if (ret < 0 && errno != EEXIST)