Displaying 17 results from an estimated 17 matches for "bind_mount".
2014 Jan 28
3
[PATCH 1/2] daemon: If /selinux exists in the guest, bind-mount /sys/fs/selinux to there.
...pts;
char *sysroot_proc;
+ char *sysroot_selinux;
char *sysroot_sys;
char *sysroot_sys_fs_selinux;
- bool dev_ok, dev_pts_ok, proc_ok, sys_ok, sys_fs_selinux_ok;
+ bool dev_ok, dev_pts_ok, proc_ok, selinux_ok, sys_ok, sys_fs_selinux_ok;
};
struct resolver_state {
@@ -76,16 +77,18 @@ bind_mount (struct bind_state *bs)
bs->sysroot_dev = sysroot_path ("/dev");
bs->sysroot_dev_pts = sysroot_path ("/dev/pts");
bs->sysroot_proc = sysroot_path ("/proc");
+ bs->sysroot_selinux = sysroot_path ("/selinux");
bs->sysroot_sys = sysro...
2015 Nov 19
5
[PATCH] daemon: always provide stdin when running chroot commands (RHBZ#1280029)
...and it is not
+ * possible to rely on the guest to provide it (Linux guests
+ * get /dev dynamically populated at runtime by udev).
+ */
+ fd = open ("/dev/null", O_RDONLY|O_CLOEXEC);
+ if (fd == -1) {
+ reply_with_perror ("/dev/null");
+ return NULL;
+ }
+
if (bind_mount (&bind_state) == -1)
return NULL;
if (enable_network) {
@@ -266,8 +279,10 @@ do_command (char *const *argv)
return NULL;
}
+ flags = COMMAND_FLAG_CHROOT_COPY_FILE_TO_STDIN | fd;
+
CHROOT_IN;
- r = commandv (&out, &err, (const char * const *) argv);
+ r = comman...
2014 Jan 28
0
Re: [PATCH 1/2] daemon: If /selinux exists in the guest, bind-mount /sys/fs/selinux to there.
...ysroot_selinux;
> char *sysroot_sys;
> char *sysroot_sys_fs_selinux;
> - bool dev_ok, dev_pts_ok, proc_ok, sys_ok, sys_fs_selinux_ok;
> + bool dev_ok, dev_pts_ok, proc_ok, selinux_ok, sys_ok,
> sys_fs_selinux_ok; };
>
> struct resolver_state {
> @@ -76,16 +77,18 @@ bind_mount (struct bind_state *bs)
> bs->sysroot_dev = sysroot_path ("/dev");
> bs->sysroot_dev_pts = sysroot_path ("/dev/pts");
> bs->sysroot_proc = sysroot_path ("/proc");
> + bs->sysroot_selinux = sysroot_path ("/selinux");
> b...
2015 Dec 01
2
Re: [PATCH] daemon: always provide stdin when running chroot commands (RHBZ#1280029)
On Tue, Dec 01, 2015 at 04:16:57PM +0100, Pino Toscano wrote:
> On Tuesday 01 December 2015 15:59:56 Mateusz Guzik wrote:
> > I would argue that /dev has to be at least partially populated for anything
> > that gets executed in the chroot. At the very least special nodes like null,
> > zero and {u,}random are needed.
>
> We do not assume anything about guests, which
2016 Jan 21
0
[PATCH v3 1/6] daemon: Rename daemon/command.c -> daemon/sh.c.
...root. However we must be careful to unmount them
- * afterwards because otherwise they would interfere with
- * future mount and unmount operations.
- *
- * We deliberately allow these commands to fail silently, BUT
- * if a mount fails, don't unmount the corresponding mount.
- */
-static int
-bind_mount (struct bind_state *bs)
-{
- int r;
-
- memset (bs, 0, sizeof *bs);
-
- bs->sysroot_dev = sysroot_path ("/dev");
- bs->sysroot_dev_pts = sysroot_path ("/dev/pts");
- bs->sysroot_proc = sysroot_path ("/proc");
- bs->sysroot_selinux = sysroot_path (&quo...
2015 Dec 02
3
[PATCH] daemon: improve internal commandrvf
...* possible to rely on the guest to provide it (Linux guests
- * get /dev dynamically populated at runtime by udev).
- */
- dev_null_fd = open ("/dev/null", O_RDONLY|O_CLOEXEC);
- if (dev_null_fd == -1) {
- reply_with_perror ("/dev/null");
- return NULL;
- }
-
if (bind_mount (&bind_state) == -1)
return NULL;
if (enable_network) {
@@ -279,11 +268,9 @@ do_command (char *const *argv)
return NULL;
}
- flags = COMMAND_FLAG_CHROOT_COPY_FILE_TO_STDIN | dev_null_fd;
+ flags = COMMAND_FLAG_DO_CHROOT;
- CHROOT_IN;
r = commandvf (&out, &err...
2014 Jan 24
2
[PATCH 0/2] Implement virt-builder --selinux-relabel option.
Do SELinux relabelling properly.
2015 Nov 20
0
Re: [PATCH] daemon: always provide stdin when running chroot commands (RHBZ#1280029)
...uest to provide it (Linux guests
> + * get /dev dynamically populated at runtime by udev).
> + */
> + fd = open ("/dev/null", O_RDONLY|O_CLOEXEC);
> + if (fd == -1) {
> + reply_with_perror ("/dev/null");
> + return NULL;
> + }
> +
> if (bind_mount (&bind_state) == -1)
> return NULL;
> if (enable_network) {
> @@ -266,8 +279,10 @@ do_command (char *const *argv)
> return NULL;
> }
>
> + flags = COMMAND_FLAG_CHROOT_COPY_FILE_TO_STDIN | fd;
> +
> CHROOT_IN;
> - r = commandv (&out, &am...
2015 Dec 02
0
Re: [PATCH] daemon: improve internal commandrvf
...(Linux guests
> - * get /dev dynamically populated at runtime by udev).
> - */
> - dev_null_fd = open ("/dev/null", O_RDONLY|O_CLOEXEC);
> - if (dev_null_fd == -1) {
> - reply_with_perror ("/dev/null");
> - return NULL;
> - }
> -
> if (bind_mount (&bind_state) == -1)
> return NULL;
> if (enable_network) {
> @@ -279,11 +268,9 @@ do_command (char *const *argv)
> return NULL;
> }
>
> - flags = COMMAND_FLAG_CHROOT_COPY_FILE_TO_STDIN | dev_null_fd;
> + flags = COMMAND_FLAG_DO_CHROOT;
>
>...
2015 Dec 01
0
Re: [PATCH] daemon: always provide stdin when running chroot commands (RHBZ#1280029)
...ev).
> > + */
> > + fd = open ("/dev/null", O_RDONLY|O_CLOEXEC);
> > + if (fd == -1) {
> > + reply_with_perror ("/dev/null");
> > + return NULL;
> > + }
> > +
>
> I disagree with this (see below).
>
> > if (bind_mount (&bind_state) == -1)
> > return NULL;
>
> nit: this leaks the fd on error, but it may not matter much.
>
> > if (enable_network) {
> > @@ -266,8 +279,10 @@ do_command (char *const *argv)
> > return NULL;
> > }
> >
>
> nit...
2015 Dec 01
1
Re: [PATCH] daemon: always provide stdin when running chroot commands (RHBZ#1280029)
...; + * get /dev dynamically populated at runtime by udev).
> + */
> + fd = open ("/dev/null", O_RDONLY|O_CLOEXEC);
> + if (fd == -1) {
> + reply_with_perror ("/dev/null");
> + return NULL;
> + }
> +
I disagree with this (see below).
> if (bind_mount (&bind_state) == -1)
> return NULL;
nit: this leaks the fd on error, but it may not matter much.
> if (enable_network) {
> @@ -266,8 +279,10 @@ do_command (char *const *argv)
> return NULL;
> }
>
nit: same.
> + flags = COMMAND_FLAG_CHROOT_COPY_FILE_...
2015 Dec 05
6
[PATCH 0/6 v2] [FOR COMMENTS ONLY] Rework inspection.
This is a more working version. Inspection (partially) succeeds on a
real guest this time :-)
You can test it out on a real guest (in this case, a CentOS disk image
located at /tmp/centos-6.img) by doing:
$ ./run guestfish -v -x -a /tmp/centos-6.img
><fs> run
><fs> debug sh "guestfs-inspection --verbose"
which will print lots of debugging, and at the end the
2016 Jan 21
8
[PATCH v3 0/6] [FOR COMMENTS ONLY] Rework inspection.
For background on this change, see:
https://rwmj.wordpress.com/2015/12/06/inspection-now-with-added-prolog/
v2 was previously posted here:
https://www.redhat.com/archives/libguestfs/2015-December/msg00038.html
To test this patch series on a real guest, you can do:
$ ./run guestfish -v -x -a /var/tmp/centos-6.img
><fs> run
><fs> debug sh "guestfs-inspection
2017 Jul 27
0
[PATCH v2] daemon: Remove GUESTFSD_EXT_CMD.
..._EXT_CMD(str_cp, cp);
-GUESTFSD_EXT_CMD(str_mount, mount);
-GUESTFSD_EXT_CMD(str_umount, umount);
-
#ifdef HAVE_ATTRIBUTE_CLEANUP
#define CLEANUP_BIND_STATE __attribute__((cleanup(free_bind_state)))
#define CLEANUP_RESOLVER_STATE __attribute__((cleanup(free_resolver_state)))
@@ -100,20 +96,20 @@ bind_mount (struct bind_state *bs)
* However I have not found a reliable way to unmount the same set
* of directories (umount -R does NOT work).
*/
- r = command (NULL, NULL, str_mount, "--bind", "/dev", bs->sysroot_dev, NULL);
+ r = command (NULL, NULL, "mount",...
2017 Jul 24
0
[PATCH 2/2] daemon: Replace GUESTFSD_EXT_CMD with --print-external-commands.
...CMD(str_cp, cp);
-GUESTFSD_EXT_CMD(str_mount, mount);
-GUESTFSD_EXT_CMD(str_umount, umount);
+DECLARE_EXTERNAL_COMMANDS ("cp", "mount", "umount")
#ifdef HAVE_ATTRIBUTE_CLEANUP
#define CLEANUP_BIND_STATE __attribute__((cleanup(free_bind_state)))
@@ -100,20 +98,20 @@ bind_mount (struct bind_state *bs)
* However I have not found a reliable way to unmount the same set
* of directories (umount -R does NOT work).
*/
- r = command (NULL, NULL, str_mount, "--bind", "/dev", bs->sysroot_dev, NULL);
+ r = command (NULL, NULL, "mount",...
2017 Jul 27
3
[PATCH v2] daemon: Remove GUESTFSD_EXT_CMD.
This is a simpler patch that removes GUESTFSD_EXT_CMD completely.
2017 Jul 24
6
[PATCH 0/2] daemon: Replace GUESTFSD_EXT_CMD with --print-external-commands.
Replace GUESTFSD_EXT_CMD with a command line option
‘./guestfsd --print-external-commands’