From: Djalal Harouni <tixxdz@opendz.org>
Date: Wed, 5 Oct 2016 04:57:02 +0000 (+0200)
Subject: nspawn: add log message to let users know that nspawn needs an empty /dev directory... 
X-Git-Tag: v232~153
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=41eb436265684080c601bff392ba6da1789639a2;p=thirdparty%2Fsystemd.git

nspawn: add log message to let users know that nspawn needs an empty /dev directory (#4226)

Fixes https://github.com/systemd/systemd/issues/3695

At the same time it adds a protection against userns chown of inodes of
a shared mount point.
---

diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index a5d5180727c..9a8274c8de3 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -1395,6 +1395,12 @@ static int copy_devnodes(const char *dest) {
 
                 } else {
                         if (mknod(to, st.st_mode, st.st_rdev) < 0) {
+                                /*
+                                 * This is some sort of protection too against
+                                 * recursive userns chown on shared /dev/
+                                 */
+                                if (errno == EEXIST)
+                                        log_notice("%s/dev/ should be an empty directory", dest);
                                 if (errno != EPERM)
                                         return log_error_errno(errno, "mknod(%s) failed: %m", to);