[packages/util-vserver] - fix systemd shared mounts - rel 4

baggins baggins at pld-linux.org
Wed Jan 17 13:27:06 CET 2018 

commit ca67e47ce25fb311ddcc3ba9eb12c044c73a9511
Author: Jan Rękorajski <baggins at pld-linux.org>
Date:   Wed Jan 17 13:26:40 2018 +0100

    - fix systemd shared mounts
    - rel 4

 systemd-shared-mounts.patch | 80 +++++++++++++++++++++++++++++++++++++++++++++
 util-vserver.spec           |  4 ++-
 2 files changed, 83 insertions(+), 1 deletion(-)
---
diff --git a/util-vserver.spec b/util-vserver.spec
index 388b309..fc56dfe 100644
--- a/util-vserver.spec
+++ b/util-vserver.spec
@@ -20,7 +20,7 @@
 %define		reqdb_ver	5.2
 %define		reqdb_pkg	db%{reqdb_ver}
 %define		snap	pre3126
-%define		rel	3
+%define		rel	4
 Summary:	Linux virtual server utilities
 Summary(pl.UTF-8):	Narzędzia dla linuksowych serwerów wirtualnych
 Name:		util-vserver
@@ -79,6 +79,7 @@ Patch27:	%{name}-rpm5.patch
 Patch28:	diet-ccache.patch
 Patch29:	%{name}-centos6.patch
 Patch30:	vsysctl-ignore-files.patch
+Patch31:	systemd-shared-mounts.patch
 URL:		http://savannah.nongnu.org/projects/util-vserver/
 BuildRequires:	autoconf >= 2.57
 BuildRequires:	automake >= 1:1.9
@@ -454,6 +455,7 @@ Szablony do tworzenia VServerów dla dystrybucji Titanium Linux.
 %patch28 -p1
 %patch29 -p1
 %patch30 -p1
+%patch31 -p1
 
 cp -p %{SOURCE9} package-management.txt
 
diff --git a/systemd-shared-mounts.patch b/systemd-shared-mounts.patch
new file mode 100644
index 0000000..5e83063
--- /dev/null
+++ b/systemd-shared-mounts.patch
@@ -0,0 +1,80 @@
+From 1d0fc58bea018b561a9695b9f9f05203a399ca48 Mon Sep 17 00:00:00 2001
+From: Alexander Sulfrian <alexander at sulfrian.net>
+Date: Sat, 23 Jul 2016 04:30:34 +0200
+Subject: [PATCH 2/3] cleanupmount: Setup the new root as slave mount
+
+We want to propagate mounts from the parent namespaces into the vserver
+(something like vmount or mount within vnamespace), but we do not want to
+propagate the changes from the vserver back to the parent namespace.
+---
+ lib_internal/util-cleanupmount.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/lib_internal/util-cleanupmount.c b/lib_internal/util-cleanupmount.c
+index f1984bc2..4b7b4131 100644
+--- a/lib_internal/util-cleanupmount.c
++++ b/lib_internal/util-cleanupmount.c
+@@ -27,8 +27,8 @@
+ #ifndef MS_REC
+ #define MS_REC		0x4000
+ #endif
+-#ifndef MS_PRIVATE
+-#define MS_PRIVATE	(1<<18)
++#ifndef MS_SLAVE
++#define MS_SLAVE	(1<<19)
+ #endif
+ 
+ bool cleanupMount(void)
+@@ -37,9 +37,9 @@ bool cleanupMount(void)
+ 
+   /* systemd mounts everything with MS_SHARED which breaks our
+    * filesystem mounting.  Revert mount status back to pre-systemd */
+-  rc = mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) >= 0;
++  rc = mount(NULL, "/", NULL, MS_REC|MS_SLAVE, NULL) >= 0;
+   if (!rc)
+-    perror("mount(\"/\", MS_REC|MS_PRIVATE)");
++    perror("mount(\"/\", MS_REC|MS_SLAVE)");
+ 
+   return rc;
+ }
+
+From 56d2df4f2a4d47471bda42c42d11ce4564937d69 Mon Sep 17 00:00:00 2001
+From: Alexander Sulfrian <alexander at sulfrian.net>
+Date: Sat, 23 Jul 2016 04:38:44 +0200
+Subject: [PATCH 3/3] Revert "Revert "call cleanupMount() after CLONE_NEWNS""
+
+This reverts commit 9877e4b94786125cfcdda8471336a6e73000aa17.
+
+After we fixed the cleanupMount using the correct shared subtree semantic,
+we can start using it again.
+---
+ src/vcontext.c | 2 ++
+ src/vspace.c   | 2 ++
+ 2 files changed, 4 insertions(+)
+
+diff --git a/src/vcontext.c b/src/vcontext.c
+index 85204f63..0e81a05b 100644
+--- a/src/vcontext.c
++++ b/src/vcontext.c
+@@ -313,6 +313,8 @@ doit(struct Arguments const *args, int argc, char *argv[])
+ 	  perror(ENSC_WRAPPERS_PREFIX "unshare(NEWNS)");
+ 	  return wrapper_exit_code;
+ 	}
++	if (!cleanupMount())
++	  return wrapper_exit_code;
+ 	if (mkdir("./.oldroot", 0700) == -1) {
+ 	  if (errno == EEXIST)
+ 	    existed = true;
+diff --git a/src/vspace.c b/src/vspace.c
+index 37ac2c39..a3ec97b5 100644
+--- a/src/vspace.c
++++ b/src/vspace.c
+@@ -137,6 +137,8 @@ newSpaces(uint_least64_t mask)
+       perror(ENSC_WRAPPERS_PREFIX "clone()");
+       exit(wrapper_exit_code);
+     case 0	:
++      if (mask & CLONE_NEWNS)
++	cleanupMount();
+       break;
+     default	:
+       vc_exitLikeProcess(pid, wrapper_exit_code);
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/util-vserver.git/commitdiff/ca67e47ce25fb311ddcc3ba9eb12c044c73a9511

More information about the pld-cvs-commit mailing list