[Devel] [PATCH v2 2/2] prestart: fixup legacy udev effects
Glauber Costa
glommer at openvz.org
Mon May 20 12:59:07 PDT 2013
Legacy udev will do a couple of operations that will destroy all the setup we
have done for /dev. This is because, unaware that it is that it is being
containerized, it will mount a tmpfs on /dev, and then setup it all again.
Since preemptively preventing those actions to happen is very hard ( as an
example, centos6 init binary will issue mount syscalls itself), the most robust
approach is to insert a script that will be run shortly after rc.sysinit.
It is hard to detect if rc.sysinit was already ran, but we notice that at the
end of each run (for both versions 4, 5 and 6), it will touch /.autofsck. We
can check if the file was modified (non-existent -> existent, or different
modification time) and run our fixups after this.
Signed-off-by: Glauber Costa <glommer at openvz.org>
---
etc/dists/scripts/prestart.sh | 36 ++++++++++++++++++++++++++++++++++++
1 file changed, 36 insertions(+)
diff --git a/etc/dists/scripts/prestart.sh b/etc/dists/scripts/prestart.sh
index 1f28b13..52047a0 100755
--- a/etc/dists/scripts/prestart.sh
+++ b/etc/dists/scripts/prestart.sh
@@ -21,6 +21,41 @@
# is, so far, meaningless inside a container. This script will apply various
# fixups if needed.
+# Legacy udev will try to mount its own /dev in tmpfs, which will in turn
+# destroy all our hand crafted setup. We need to undo it here.
+fixup_udev()
+{
+ if [ -f /etc/fedora-release ]; then
+ return
+ fi
+
+ if [ ! -f /etc/centos-release -a ! -f /etc/redhat-release ]; then
+ return
+ fi
+
+ # rc.sysinit will touch this file after it finishes.
+ timestamp=$(stat -c %x /.autofsck 2>/dev/null)
+ i=0
+ while true; do
+ newstamp=$(stat -c %x /.autofsck 2>/dev/null)
+ if [ "x$newstamp" = "x$timestamp" ]; then
+ sleep 0.5
+ i=$((i+1))
+ [ $i -gt 10 ] && return
+ continue
+ fi
+ break
+ done
+ # All the first two may fail if the distribution didn't actually mount
+ # then.
+ umount /dev/pts
+ umount /dev/shm
+ # still may hold references to files open by rc.sysinit. Even if this is the
+ # case those will be simple things like /dev/null and should go away shortly.
+ # let us not fail because of that.
+ umount /dev -l
+}
+
fixup_loginuid()
{
local pam_permit="security/pam_permit.so"
@@ -36,6 +71,7 @@ fixup_loginuid()
[ "x$VZ_KERNEL" = "xyes" ] && exit 0
[ "x$USERNS" = "xno" ] && exit 0
+fixup_udev &
fixup_loginuid
exit 0
--
1.7.11.7
More information about the Devel
mailing list