lxc/0062-setup-sysctls-before-set-read-only-path-and-masked-p.patch

From 39d38c5ced23ed1834686d7ad5f785f45ef31772 Mon Sep 17 00:00:00 2001
From: tanyifeng <tanyifeng1@huawei.com>
Date: Tue, 26 Feb 2019 17:21:18 +0800
Subject: [PATCH 062/131] setup sysctls before set read-only path and masked
 path

Signed-off-by: tanyifeng <tanyifeng1@huawei.com>
Signed-off-by: LiFeng <lifeng68@huawei.com>
---
 src/lxc/conf.c | 34 +++++++++++++++++-----------------
 1 file changed, 17 insertions(+), 17 deletions(-)

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index c2f3cf56..e139dffe 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -3039,7 +3039,7 @@ int setup_sysctl_parameters(struct lxc_list *sysctls)
 		ret = lxc_write_to_file(filename, elem->value,
 					strlen(elem->value), false, 0666);
 		if (ret < 0) {
-			ERROR("Failed to setup sysctl parameters %s to %s",
+			SYSERROR("Failed to setup sysctl parameters %s to %s",
 			      elem->key, elem->value);
 			return -1;
 		}
@@ -4201,22 +4201,6 @@ int lxc_setup(struct lxc_handler *handler)
 	if (ret < 0)
 		goto on_error;
 
-	//isulad: setup rootfs masked paths
-	if (!lxc_list_empty(&lxc_conf->rootfs.maskedpaths)) {
-		if (setup_rootfs_maskedpaths(&lxc_conf->rootfs.maskedpaths)) {
-			ERROR("failed to setup maskedpaths");
-			goto on_error;
-		}
-	}
-
-	// isulad: setup rootfs ro paths
-	if (!lxc_list_empty(&lxc_conf->rootfs.ropaths)) {
-		if (setup_rootfs_ropaths(&lxc_conf->rootfs.ropaths)) {
-			ERROR("failed to setup readonlypaths");
-			goto on_error;
-		}
-	}
-
 	/*isulad: set system umask */
 	umask(lxc_conf->umask);
 
@@ -4238,6 +4222,22 @@ int lxc_setup(struct lxc_handler *handler)
 		}
 	}
 
+	// isulad: setup rootfs masked paths
+	if (!lxc_list_empty(&lxc_conf->rootfs.maskedpaths)) {
+		if (setup_rootfs_maskedpaths(&lxc_conf->rootfs.maskedpaths)) {
+			ERROR("failed to setup maskedpaths");
+			goto on_error;
+		}
+	}
+
+	// isulad: setup rootfs ro paths
+	if (!lxc_list_empty(&lxc_conf->rootfs.ropaths)) {
+		if (setup_rootfs_ropaths(&lxc_conf->rootfs.ropaths)) {
+			ERROR("failed to setup readonlypaths");
+			goto on_error;
+		}
+	}
+
 	if (!lxc_list_empty(&lxc_conf->keepcaps)) {
 		if (!lxc_list_empty(&lxc_conf->caps)) {
 			ERROR("Container requests lxc.cap.drop and "
-- 
2.23.0
Package init 2019-12-25 15:57:42 +08:00			`From 39d38c5ced23ed1834686d7ad5f785f45ef31772 Mon Sep 17 00:00:00 2001`
Package init 2019-09-30 11:03:07 -04:00			`From: tanyifeng <tanyifeng1@huawei.com>`
			`Date: Tue, 26 Feb 2019 17:21:18 +0800`
Package init 2019-12-25 15:57:42 +08:00			`Subject: [PATCH 062/131] setup sysctls before set read-only path and masked`
Package init 2019-09-30 11:03:07 -04:00			`path`

			`Signed-off-by: tanyifeng <tanyifeng1@huawei.com>`
			`Signed-off-by: LiFeng <lifeng68@huawei.com>`
			`---`
			`src/lxc/conf.c \| 34 +++++++++++++++++-----------------`
			`1 file changed, 17 insertions(+), 17 deletions(-)`

			`diff --git a/src/lxc/conf.c b/src/lxc/conf.c`
Package init 2019-12-25 15:57:42 +08:00			`index c2f3cf56..e139dffe 100644`
Package init 2019-09-30 11:03:07 -04:00			`--- a/src/lxc/conf.c`
			`+++ b/src/lxc/conf.c`
			`@@ -3039,7 +3039,7 @@ int setup_sysctl_parameters(struct lxc_list *sysctls)`
			`ret = lxc_write_to_file(filename, elem->value,`
			`strlen(elem->value), false, 0666);`
			`if (ret < 0) {`
			`- ERROR("Failed to setup sysctl parameters %s to %s",`
			`+ SYSERROR("Failed to setup sysctl parameters %s to %s",`
			`elem->key, elem->value);`
			`return -1;`
			`}`
			`@@ -4201,22 +4201,6 @@ int lxc_setup(struct lxc_handler *handler)`
			`if (ret < 0)`
			`goto on_error;`

			`- //isulad: setup rootfs masked paths`
			`- if (!lxc_list_empty(&lxc_conf->rootfs.maskedpaths)) {`
			`- if (setup_rootfs_maskedpaths(&lxc_conf->rootfs.maskedpaths)) {`
			`- ERROR("failed to setup maskedpaths");`
			`- goto on_error;`
			`- }`
			`- }`
			`-`
			`- // isulad: setup rootfs ro paths`
			`- if (!lxc_list_empty(&lxc_conf->rootfs.ropaths)) {`
			`- if (setup_rootfs_ropaths(&lxc_conf->rootfs.ropaths)) {`
			`- ERROR("failed to setup readonlypaths");`
			`- goto on_error;`
			`- }`
			`- }`
			`-`
			`/isulad: set system umask /`
			`umask(lxc_conf->umask);`

			`@@ -4238,6 +4222,22 @@ int lxc_setup(struct lxc_handler *handler)`
			`}`
			`}`

			`+ // isulad: setup rootfs masked paths`
			`+ if (!lxc_list_empty(&lxc_conf->rootfs.maskedpaths)) {`
			`+ if (setup_rootfs_maskedpaths(&lxc_conf->rootfs.maskedpaths)) {`
			`+ ERROR("failed to setup maskedpaths");`
			`+ goto on_error;`
			`+ }`
			`+ }`
			`+`
			`+ // isulad: setup rootfs ro paths`
			`+ if (!lxc_list_empty(&lxc_conf->rootfs.ropaths)) {`
			`+ if (setup_rootfs_ropaths(&lxc_conf->rootfs.ropaths)) {`
			`+ ERROR("failed to setup readonlypaths");`
			`+ goto on_error;`
			`+ }`
			`+ }`
			`+`
			`if (!lxc_list_empty(&lxc_conf->keepcaps)) {`
			`if (!lxc_list_empty(&lxc_conf->caps)) {`
			`ERROR("Container requests lxc.cap.drop and "`
			`--`
Package init 2019-12-25 15:57:42 +08:00			`2.23.0`
Package init 2019-09-30 11:03:07 -04:00