[libvirt] [PATCH] Workaround for broken kernel autofs mounts
Eric Blake
eblake at redhat.com
Tue Nov 1 15:09:48 UTC 2011
On 11/01/2011 07:00 AM, Daniel P. Berrange wrote:
> From: "Daniel P. Berrange"<berrange at redhat.com>
>
> The kernel automounter is mostly broken wrt to containers. Most
> notably if you start a new filesystem namespace and then attempt
> to unmount any autofs filesystem, it will typically fail with a
> wierd error message like
s/wierd/weird/
>
> Failed to unmount '/.oldroot/sys/kernel/security':Too many levels of symbolic links
>
> Atttempting to detach the autofs mount mount using umount2(MNT_DETACH)
s/Atttempting/Attempting/
s/mount mount/mount/
> will also fail with the same error. Therefore if we get any error on
> unmount()ing a filesystem from the old root FS when starting a
> container, we must immediately break out and detach the entire
> old root filesystem (ignoring any mounts below it).
>
> This has the effect of making the old root filesystem inaccessible
> to anything inside the container, but at the cost that the mounts
> live on in the kernel until the container exits. Given that SystemD
> uses autofs by default, we need LXC to be robust this scenario and
> thus this tradeoff is worthwhile.
Agree to that analysis.
ACK.
--
Eric Blake eblake at redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
More information about the libvir-list
mailing list