diff options
| author | Lennart Poettering <lennart@poettering.net> | 2015-08-29 19:42:36 +0200 | 
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2015-08-29 19:42:36 +0200 | 
| commit | e9916ffdba9910cd3fa2bc1a503c6397b5fd5e1e (patch) | |
| tree | 147add752211e27c1fef9ec41496eb42d2034860 | |
| parent | a13ef8c632f8bafb867aa49aadcc73d77d311f71 (diff) | |
| parent | 5e5bfa6e1c915e795dd99ab65275c4bf9af667ed (diff) | |
Merge pull request #649 from eyakubovich/nspawn-rbind
nspawn: add --rbind and --rbind-ro options
| -rw-r--r-- | man/systemd-nspawn.xml | 7 | ||||
| -rw-r--r-- | src/nspawn/nspawn.c | 56 | 
2 files changed, 55 insertions, 8 deletions
| diff --git a/man/systemd-nspawn.xml b/man/systemd-nspawn.xml index 4966749259..6165fe1357 100644 --- a/man/systemd-nspawn.xml +++ b/man/systemd-nspawn.xml @@ -576,12 +576,15 @@          <term><option>--bind-ro=</option></term>          <listitem><para>Bind mount a file or directory from the host -        into the container. Either takes a path argument -- in which +        into the container. Takes one of: a path argument -- in which          case the specified path will be mounted from the host to the          same path in the container --, or a colon-separated pair of          paths -- in which case the first specified path is the source          in the host, and the second path is the destination in the -        container. Backslash escapes are interpreted so +        container --, or a colon-separated triple of source path, +        destination path and mount options. Mount options are comma +        separated and currently only "rbind" and "norbind" +        are allowed. Defaults to "rbind". Backslash escapes are interpreted so          <literal>\:</literal> may be used to embed colons in either path.          This option may be specified multiple times for          creating multiple independent bind mount points. The diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c index 837947ee28..edf5b9fc57 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -257,9 +257,11 @@ static void help(void) {                 "                            try-guest, try-host\n"                 "  -j                        Equivalent to --link-journal=try-guest\n"                 "     --read-only            Mount the root directory read-only\n" -               "     --bind=PATH[:PATH]     Bind mount a file or directory from the host into\n" +               "     --bind=PATH[:PATH[:OPTIONS]]\n" +               "                            Bind mount a file or directory from the host into\n"                 "                            the container\n" -               "     --bind-ro=PATH[:PATH]  Similar, but creates a read-only bind mount\n" +               "     --bind-ro=PATH[:PATH[:OPTIONS]\n" +               "                            Similar, but creates a read-only bind mount\n"                 "     --tmpfs=PATH:[OPTIONS] Mount an empty tmpfs to the specified directory\n"                 "     --overlay=PATH[:PATH...]:PATH\n"                 "                            Create an overlay mount from the host to \n" @@ -656,14 +658,15 @@ static int parse_argv(int argc, char *argv[]) {                  case ARG_BIND:                  case ARG_BIND_RO: {                          const char *current = optarg; -                        _cleanup_free_ char *source = NULL, *destination = NULL; +                        _cleanup_free_ char *source = NULL, *destination = NULL, *opts = NULL;                          CustomMount *m; -                        r = extract_many_words(¤t, ":", EXTRACT_DONT_COALESCE_SEPARATORS, &source, &destination, NULL); +                        r = extract_many_words(¤t, ":", EXTRACT_DONT_COALESCE_SEPARATORS, &source, &destination, &opts, NULL);                          switch (r) {                          case 1:                                  destination = strdup(source);                          case 2: +                        case 3:                                  break;                          case -ENOMEM:                                  return log_oom(); @@ -687,8 +690,9 @@ static int parse_argv(int argc, char *argv[]) {                          m->source = source;                          m->destination = destination;                          m->read_only = c == ARG_BIND_RO; +                        m->options = opts; -                        source = destination = NULL; +                        source = destination = opts = NULL;                          break;                  } @@ -1158,13 +1162,53 @@ static int mount_all(const char *dest, bool userns) {          return 0;  } +static int parse_mount_bind_options(const char *options, unsigned long *mount_flags, char **mount_opts) { +        const char *p = options; +        unsigned long flags = *mount_flags; +        char *opts = NULL; + +        assert(options); + +        for (;;) { +                _cleanup_free_ char *word = NULL; +                int r = extract_first_word(&p, &word, ",", EXTRACT_QUOTES); +                if (r < 0) +                        return log_error_errno(r, "Failed to extract mount option: %m"); +                if (r == 0) +                        break; + +                if (streq(word, "rbind")) +                        flags |= MS_REC; +                else if (streq(word, "norbind")) +                        flags &= ~MS_REC; +                else { +                        log_error("Invalid bind mount option: %s", word); +                        return -EINVAL; +                } +        } + +        *mount_flags = flags; +        /* in the future mount_opts will hold string options for mount(2) */ +        *mount_opts = opts; + +        return 0; +} +  static int mount_bind(const char *dest, CustomMount *m) {          struct stat source_st, dest_st;          const char *where; +        unsigned long mount_flags = MS_BIND | MS_REC; +        _cleanup_free_ char *mount_opts = NULL;          int r;          assert(m); +        if (m->options) { +                r = parse_mount_bind_options(m->options, &mount_flags, &mount_opts); +                if (r < 0) +                        return r; +        } +          if (stat(m->source, &source_st) < 0)                  return log_error_errno(errno, "Failed to stat %s: %m", m->source); @@ -1201,7 +1245,7 @@ static int mount_bind(const char *dest, CustomMount *m) {          if (r < 0 && r != -EEXIST)                  return log_error_errno(r, "Failed to create mount point %s: %m", where); -        if (mount(m->source, where, NULL, MS_BIND, NULL) < 0) +        if (mount(m->source, where, NULL, mount_flags, mount_opts) < 0)                  return log_error_errno(errno, "mount(%s) failed: %m", where);          if (m->read_only) { | 
