From 657ed14a989b0e7883cca0f6508a9350b38c1944 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Wed, 17 Mar 2021 16:43:15 +0100
Subject: [PATCH] conf: verify that the rootfs can support idmapped mounts

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
 src/lxc/conf.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index e3096d257..baacf9289 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -494,6 +494,12 @@ int lxc_rootfs_prepare(struct lxc_rootfs *rootfs, bool userns)
 	struct statfs stfs;
 
 	if (!is_empty_string(rootfs->mnt_opts.userns_path)) {
+		if (!rootfs->path)
+			return syserror_set(-EINVAL, "Idmapped rootfs currently only supported with separate rootfs for container");
+
+		if (rootfs->bdev_type && !strequal(rootfs->bdev_type, "dir"))
+			return syserror_set(-EINVAL, "Idmapped rootfs currently only supports the \"dir\" storage driver");
+
 		fd_userns = open_at(-EBADF, rootfs->mnt_opts.userns_path,
 				    PROTECT_OPEN_WITH_TRAILING_SYMLINKS, 0, 0);
 		if (fd_userns < 0)
-- 
2.47.3