75 lines
2.1 KiB
Diff
75 lines
2.1 KiB
Diff
From e0c8855867b71eb0106a312e84389389cee395d7 Mon Sep 17 00:00:00 2001
|
|
From: tanyifeng <tanyifeng1@huawei.com>
|
|
Date: Tue, 26 Feb 2019 17:21:18 +0800
|
|
Subject: [PATCH 062/122] setup sysctls before set read-only path and masked
|
|
path
|
|
|
|
Signed-off-by: tanyifeng <tanyifeng1@huawei.com>
|
|
Signed-off-by: LiFeng <lifeng68@huawei.com>
|
|
---
|
|
src/lxc/conf.c | 34 +++++++++++++++++-----------------
|
|
1 file changed, 17 insertions(+), 17 deletions(-)
|
|
|
|
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
|
|
index c2f3cf5..e139dff 100644
|
|
--- a/src/lxc/conf.c
|
|
+++ b/src/lxc/conf.c
|
|
@@ -3039,7 +3039,7 @@ int setup_sysctl_parameters(struct lxc_list *sysctls)
|
|
ret = lxc_write_to_file(filename, elem->value,
|
|
strlen(elem->value), false, 0666);
|
|
if (ret < 0) {
|
|
- ERROR("Failed to setup sysctl parameters %s to %s",
|
|
+ SYSERROR("Failed to setup sysctl parameters %s to %s",
|
|
elem->key, elem->value);
|
|
return -1;
|
|
}
|
|
@@ -4201,22 +4201,6 @@ int lxc_setup(struct lxc_handler *handler)
|
|
if (ret < 0)
|
|
goto on_error;
|
|
|
|
- //isulad: setup rootfs masked paths
|
|
- if (!lxc_list_empty(&lxc_conf->rootfs.maskedpaths)) {
|
|
- if (setup_rootfs_maskedpaths(&lxc_conf->rootfs.maskedpaths)) {
|
|
- ERROR("failed to setup maskedpaths");
|
|
- goto on_error;
|
|
- }
|
|
- }
|
|
-
|
|
- // isulad: setup rootfs ro paths
|
|
- if (!lxc_list_empty(&lxc_conf->rootfs.ropaths)) {
|
|
- if (setup_rootfs_ropaths(&lxc_conf->rootfs.ropaths)) {
|
|
- ERROR("failed to setup readonlypaths");
|
|
- goto on_error;
|
|
- }
|
|
- }
|
|
-
|
|
/*isulad: set system umask */
|
|
umask(lxc_conf->umask);
|
|
|
|
@@ -4238,6 +4222,22 @@ int lxc_setup(struct lxc_handler *handler)
|
|
}
|
|
}
|
|
|
|
+ // isulad: setup rootfs masked paths
|
|
+ if (!lxc_list_empty(&lxc_conf->rootfs.maskedpaths)) {
|
|
+ if (setup_rootfs_maskedpaths(&lxc_conf->rootfs.maskedpaths)) {
|
|
+ ERROR("failed to setup maskedpaths");
|
|
+ goto on_error;
|
|
+ }
|
|
+ }
|
|
+
|
|
+ // isulad: setup rootfs ro paths
|
|
+ if (!lxc_list_empty(&lxc_conf->rootfs.ropaths)) {
|
|
+ if (setup_rootfs_ropaths(&lxc_conf->rootfs.ropaths)) {
|
|
+ ERROR("failed to setup readonlypaths");
|
|
+ goto on_error;
|
|
+ }
|
|
+ }
|
|
+
|
|
if (!lxc_list_empty(&lxc_conf->keepcaps)) {
|
|
if (!lxc_list_empty(&lxc_conf->caps)) {
|
|
ERROR("Container requests lxc.cap.drop and "
|
|
--
|
|
1.8.3.1
|
|
|