summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2013-10-02 19:40:43 +0200
committerLennart Poettering <lennart@poettering.net>2013-10-02 19:45:12 +0200
commit51045322c4c19638ba5588c722238220d096ca43 (patch)
treeba85bc3913e55440a98f964a88d28950e76a61bd
parent69c2b6be8fc607412a13cd0ea03a629b4965c816 (diff)
nspawn: always copy /etc/resolv.conf rather than bind mount
We were already creating the file if it was missing, and this way containers can reconfigure the file without running into problems. This also makes resolv.conf handling more alike to handling of /etc/localtime, which is also not a bind mount.
-rw-r--r--src/nspawn/nspawn.c12
-rw-r--r--src/shared/util.c16
-rw-r--r--src/shared/util.h2
3 files changed, 8 insertions, 22 deletions
diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index eb9605c356..fc4a8a36c8 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -521,7 +521,6 @@ static int setup_timezone(const char *dest) {
static int setup_resolv_conf(const char *dest) {
char _cleanup_free_ *where = NULL;
- _cleanup_close_ int fd = -1;
assert(dest);
@@ -533,18 +532,9 @@ static int setup_resolv_conf(const char *dest) {
if (!where)
return log_oom();
- fd = open(where, O_WRONLY|O_CREAT|O_EXCL|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW, 0644);
-
/* We don't really care for the results of this really. If it
* fails, it fails, but meh... */
- if (mount("/etc/resolv.conf", where, "bind", MS_BIND, NULL) < 0)
- log_warning("Failed to bind mount /etc/resolv.conf: %m");
- else
- if (mount("/etc/resolv.conf", where, "bind",
- MS_BIND|MS_REMOUNT|MS_RDONLY, NULL) < 0) {
- log_error("Failed to remount /etc/resolv.conf readonly: %m");
- return -errno;
- }
+ copy_file("/etc/resolv.conf", where, O_TRUNC|O_NOFOLLOW);
return 0;
}
diff --git a/src/shared/util.c b/src/shared/util.c
index 9be6acfc8f..82f4221f30 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -4056,8 +4056,9 @@ int vt_disallocate(const char *name) {
return 0;
}
-int copy_file(const char *from, const char *to) {
- int r, fdf, fdt;
+int copy_file(const char *from, const char *to, int flags) {
+ _cleanup_close_ int fdf = -1;
+ int r, fdt;
assert(from);
assert(to);
@@ -4066,11 +4067,9 @@ int copy_file(const char *from, const char *to) {
if (fdf < 0)
return -errno;
- fdt = open(to, O_WRONLY|O_CREAT|O_EXCL|O_CLOEXEC|O_NOCTTY, 0644);
- if (fdt < 0) {
- close_nointr_nofail(fdf);
+ fdt = open(to, flags|O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY, 0644);
+ if (fdt < 0)
return -errno;
- }
for (;;) {
char buf[PIPE_BUF];
@@ -4080,7 +4079,6 @@ int copy_file(const char *from, const char *to) {
if (n < 0) {
r = -errno;
- close_nointr_nofail(fdf);
close_nointr(fdt);
unlink(to);
@@ -4095,15 +4093,13 @@ int copy_file(const char *from, const char *to) {
if (n != k) {
r = k < 0 ? k : (errno ? -errno : -EIO);
- close_nointr_nofail(fdf);
close_nointr(fdt);
-
unlink(to);
+
return r;
}
}
- close_nointr_nofail(fdf);
r = close_nointr(fdt);
if (r < 0) {
diff --git a/src/shared/util.h b/src/shared/util.h
index 1b845b3803..c2e6a685c8 100644
--- a/src/shared/util.h
+++ b/src/shared/util.h
@@ -448,7 +448,7 @@ int terminal_vhangup(const char *name);
int vt_disallocate(const char *name);
-int copy_file(const char *from, const char *to);
+int copy_file(const char *from, const char *to, int flags);
int symlink_atomic(const char *from, const char *to);