[libvirt] [PATCH] Ensure root filesystem is recursively mounted readonly
Eric Blake
eblake at redhat.com
Mon Sep 9 18:54:43 UTC 2013
On 09/09/2013 09:30 AM, Daniel P. Berrange wrote:
> From: "Daniel P. Berrange" <berrange at redhat.com>
>
> If the guest is configured with
>
> <filesystem type='mount'>
> <source dir='/'/>
> <target dir='/'/>
> <readonly/>
> </filesystem>
>
> Then any submounts under / should also end up readonly. eg if
> the user has /home on a separate volume, they'd expect /home
> to be readonly.
>
> Users can selectively make sub-mounts read-write again by
> simply listing them as new mounts without the <readonly>
> flag set
>
> <filesystem type='mount'>
> <source dir='/home'/>
> <target dir='/home'/>
> </filesystem>
>
> Signed-off-by: Daniel P. Berrange <berrange at redhat.com>
> ---
> src/lxc/lxc_container.c | 75 +++++++++++++++++++++++++++++++++++++++++++++++--
> 1 file changed, 73 insertions(+), 2 deletions(-)
>
ACK.
> + while (getmntent_r(procmnt, &mntent, mntbuf, sizeof(mntbuf)) != NULL) {
> + if (STREQ(mntent.mnt_dir, "/") ||
> + STRPREFIX(mntent.mnt_dir, "/.oldroot"))
Is this safe, or do you want to check against /.oldroot/ to ensure that
you filter out something like /.oldroot-fake?
> + continue;
> +
> + if (VIR_REALLOC_N(mounts, nmounts+1) < 0)
space around +; also, would VIR_EXPAND work nicer than VIR_REALLOC_N?
> +
> + for (i = 0 ; i < nmounts ; i++) {
Looks unusual to have space before ';' inside the 'for' setup; is there
a syntax check to enforce a consistent style?
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 621 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20130909/5bd26568/attachment-0001.sig>
More information about the libvir-list
mailing list