From 6e46cfcb0e4fcaa2d920a3c473f83c0a73c68cfa Mon Sep 17 00:00:00 2001 From: Serge Hallyn Date: Mon, 10 Jun 2013 09:34:06 -0500 Subject: [PATCH] conf.c: if we don't specify a rootfs, we still need proc mounted MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit otherwise we won't be allowed to set an apparmor context (on pid 1) Signed-off-by: Serge Hallyn Acked-by: Stéphane Graber --- src/lxc/conf.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/src/lxc/conf.c b/src/lxc/conf.c index a1aee141f..5700effa8 100644 --- a/src/lxc/conf.c +++ b/src/lxc/conf.c @@ -2851,9 +2851,13 @@ int lxc_setup(const char *name, struct lxc_conf *lxc_conf) #if HAVE_APPARMOR /* || HAVE_SMACK || HAVE_SELINUX */ INFO("rootfs path is .%s., mount is .%s.", lxc_conf->rootfs.path, lxc_conf->rootfs.mount); - if (lxc_conf->rootfs.path == NULL || strlen(lxc_conf->rootfs.path) == 0) - mounted = 0; - else + if (lxc_conf->rootfs.path == NULL || strlen(lxc_conf->rootfs.path) == 0) { + if (mount("proc", "/proc", "proc", 0, NULL)) { + SYSERROR("Failed mounting /proc, proceeding"); + mounted = 0; + } else + mounted = 1; + } else mounted = lsm_mount_proc_if_needed(lxc_conf->rootfs.path, lxc_conf->rootfs.mount); if (mounted == -1) { SYSERROR("failed to mount /proc in the container."); -- 2.47.2