diff --git a/0040-skip-mount-auto-dev-when-there-is-a-dev-mount-in-spe.patch b/0040-skip-mount-auto-dev-when-there-is-a-dev-mount-in-spe.patch new file mode 100644 index 0000000000000000000000000000000000000000..18b79cde4a13605f342fc76b8b29ace4a3961556 --- /dev/null +++ b/0040-skip-mount-auto-dev-when-there-is-a-dev-mount-in-spe.patch @@ -0,0 +1,147 @@ +From 910dcfb889a93479771c05566d3588c13d4947e9 Mon Sep 17 00:00:00 2001 +From: zhongtao +Date: Sun, 13 Apr 2025 17:14:13 +1400 +Subject: [PATCH] skip mount auto dev when there is a dev mount in spec + +Signed-off-by: zhongtao +--- + src/lxc/conf.c | 80 +++++++++++++++++++++++++++++++++++++++++++++++++- + 1 file changed, 79 insertions(+), 1 deletion(-) + +diff --git a/src/lxc/conf.c b/src/lxc/conf.c +index 8cb00cd..58e6de4 100644 +--- a/src/lxc/conf.c ++++ b/src/lxc/conf.c +@@ -310,6 +310,7 @@ static int mount_entry_with_loop_dev(const char *src, const char *dest, const ch + char *mnt_opts, const char *rootfs); + static bool need_setup_proc(const struct lxc_conf *conf, struct lxc_list *mount); + static bool need_setup_dev(const struct lxc_conf *conf, struct lxc_list *mount); ++static bool need_mount_dev(const struct lxc_conf *conf, struct lxc_list *mount); + static int setup_populate_devs(const struct lxc_rootfs *rootfs, struct lxc_list *devs, const char *mount_label); + static int setup_rootfs_mountopts(const struct lxc_rootfs *rootfs); + static int create_mtab_link(); +@@ -1092,6 +1093,33 @@ on_error: + + return ret; + } ++#ifdef HAVE_ISULAD ++static int mkdir_dev_pts( const struct lxc_rootfs *rootfs) ++{ ++ int ret; ++ size_t clen = 0; ++ __do_free char *path = NULL; ++ ++ /* $(rootfs->mount) + "/dev/pts" + '\0' */ ++ clen = (rootfs->path ? strlen(rootfs->mount) : 0) + 9; ++ path = must_realloc(NULL, clen); ++ ++ ret = snprintf(path, clen, "%s/dev/pts", rootfs->path ? rootfs->mount : ""); ++ if (ret < 0 || (size_t)ret >= clen) { ++ return -1; ++ } ++ ++ /* If we are running on a devtmpfs mapping, dev/pts may already exist. ++ * If not, then create it and exit if that fails... ++ */ ++ ret = mkdir(path, S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH); ++ if (ret < 0 && errno != EEXIST) { ++ SYSERROR("Failed to create directory \"%s\"", path); ++ return -1; ++ } ++ return 0; ++} ++#endif + + /* Just create a path for /dev under $lxcpath/$name and in rootfs If we hit an + * error, log it but don't fail yet. +@@ -3725,6 +3753,7 @@ int lxc_setup(struct lxc_handler *handler) + char *keyring_context = NULL; + #ifdef HAVE_ISULAD + bool setup_dev = true; ++ bool auto_mount_dev = true; + bool setup_proc = true; + #endif + +@@ -3784,8 +3813,11 @@ int lxc_setup(struct lxc_handler *handler) + + if (lxc_conf->autodev > 0) { + #ifdef HAVE_ISULAD +- ret = mount_autodev(name, &lxc_conf->rootfs, lxc_conf->autodevtmpfssize, lxcpath, ++ auto_mount_dev = need_mount_dev(lxc_conf, &lxc_conf->mount_list); ++ if (auto_mount_dev) { ++ ret = mount_autodev(name, &lxc_conf->rootfs, lxc_conf->autodevtmpfssize, lxcpath, + lxc_conf->systemd, lxc_conf->lsm_se_mount_context); ++ } + #else + ret = mount_autodev(name, &lxc_conf->rootfs, lxc_conf->autodevtmpfssize, lxcpath); + #endif +@@ -3829,6 +3861,10 @@ int lxc_setup(struct lxc_handler *handler) + if (ret < 0) + return log_error(-1, "Failed to setup mount entries"); + #ifdef HAVE_ISULAD ++ // recheck /dev/pts exist ++ if (!auto_mount_dev && mkdir_dev_pts(&lxc_conf->rootfs) < 0) { ++ return log_error(-1, "Failed to create /dev/pts"); ++ } + setup_dev = need_setup_dev(lxc_conf, &lxc_conf->mount_list); + setup_proc = need_setup_proc(lxc_conf, &lxc_conf->mount_list); + #endif +@@ -5612,6 +5648,33 @@ static bool have_dev_bind_mount_entry(FILE *file) + return false; + } + ++static bool have_dev_mount_entry(FILE *file) ++{ ++ bool have_dev_mount = false; ++ char buf[PATH_MAX]; ++ struct mntent mntent; ++ ++ while (getmntent_r(file, &mntent, buf, sizeof(buf))) { ++ mntent.mnt_dir = lxc_string_replace(SPACE_MAGIC_STR, " ", mntent.mnt_dir); ++ if(!mntent.mnt_dir) { ++ SYSERROR("memory allocation error"); ++ continue; ++ } ++ ++ if (strcmp(mntent.mnt_dir, "dev") == 0) { ++ have_dev_mount = true; ++ } ++ ++ free(mntent.mnt_dir); ++ mntent.mnt_dir = NULL; ++ ++ if (have_dev_mount) ++ return true; ++ } ++ ++ return false; ++} ++ + // returns true if /dev needs to be set up. + static bool need_setup_dev(const struct lxc_conf *conf, struct lxc_list *mount) + { +@@ -5628,6 +5691,21 @@ static bool need_setup_dev(const struct lxc_conf *conf, struct lxc_list *mount) + } + } + ++static bool need_mount_dev(const struct lxc_conf *conf, struct lxc_list *mount) ++{ ++ __do_fclose FILE *f = NULL; ++ ++ f = make_anonymous_mount_file(mount, conf->lsm_aa_allow_nesting); ++ if (!f) ++ return true; ++ ++ if (have_dev_mount_entry(f)) { ++ return false; ++ } else { ++ return true; ++ } ++} ++ + static bool have_proc_bind_mount_entry(FILE *file) + { + bool have_bind_proc = false; +-- +2.26.3 + diff --git a/lxc.spec b/lxc.spec index b5866e2636f97bd2a3ad0eb4e28ce8278cbd2981..59876ed8c7e0c6f320dafce3a02a6bce13f41447 100644 --- a/lxc.spec +++ b/lxc.spec @@ -1,4 +1,4 @@ -%global _release 2022102426 +%global _release 2022102427 Name: lxc Version: 4.0.3 @@ -47,6 +47,7 @@ Patch0036: 0036-containers-in-the-FREEZING-state-also-need-to-be-unf.patch Patch0037: 0037-Add-succeed-message-info-for-ocihook.patch Patch0038: 0038-check-cgroup-path-empty-while-setting-freezer.patch Patch0039: 0039-add-locatability-log-info-for-lxc-attach.patch +Patch0040: 0040-skip-mount-auto-dev-when-there-is-a-dev-mount-in-spe.patch BuildRequires: systemd-units git libtool graphviz docbook2X doxygen chrpath BuildRequires: pkgconfig(libseccomp) @@ -233,6 +234,12 @@ rm -rf %{buildroot}%{_sysconfdir}/default/%{name} %endif %changelog +* Mon Apr 14 2025 zhongtao - 4.0.3-2022102427 +- Type:bugfix +- ID:NA +- SUG:NA +- DESC: skip mount auto dev when there is a dev mount in spec + * Thu Dec 12 2024 zhongtao - 4.0.3-2022102426 - Type:bugfix - ID:NA