git-history.diyao.me Git - systemd/.git/commit

author	Evgeny Vereshchagin <evvers@ya.ru>
	Thu, 20 Oct 2016 09:03:40 +0000 (09:03 +0000)
committer	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
	Mon, 24 Oct 2016 03:23:40 +0000 (23:23 -0400)
commit	63eae72312b6b8df4c7186233994a65d747229a7
tree	ee0bc4e142129e205f4388fb7e482f6e58ab50bb	tree \| snapshot
parent	548bd57376f7eb82cc792f0476688ccc9843962a	commit \| diff

nspawn: really lchown(uid/gid)

https://github.com/systemd/systemd/pull/4372#issuecomment-253723849:

* `mount_all (outer_child)` creates `container_dir/sys/fs/selinux`
* `mount_all (outer_child)` doesn't patch `container_dir/sys/fs` and so on.
* `mount_sysfs (inner_child)` tries to create `/sys/fs/cgroup`
* This fails

370 stat("/sys/fs", {st_dev=makedev(0, 28), st_ino=13880, st_mode=S_IFDIR|0755, st_nlink=3, st_uid=65534, st_gid=65534, st_blksize=4096, st_blocks=0, st_size=60, st_atime=2016/10/14-05:16:43.398665943, st_mtime=2016/10/14-05:16:43.399665943, st_ctime=2016/10/14-05:16:43.399665943}) = 0
370 mkdir("/sys/fs/cgroup", 0755) = -1 EACCES (Permission denied)

* `mount_syfs (inner_child)` ignores that error and

mount(NULL, "/sys", NULL, MS_RDONLY|MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_REMOUNT|MS_BIND, NULL) = 0

* `mount_cgroups` finally fails