Re: [CFT][PATCH] mnt: Implicitly add MNT_NODEV on remount when it was implicitly added by mount

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Richard Weinberger <richard-/L3Ra7n9ekc@public.gmane.org>
To: "Eric W. Biederman" <ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
Cc: Stephen Rothwell <sfr-3FnU+UHB4dNDw9hX6IcOSA@public.gmane.org>,
	Linux Containers
	<containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org>,
	Andy Lutomirski <luto-kltTT9wpgjJwATOyAt5JVQ@public.gmane.org>,
	joeyli <jlee-IBi9RG/b67k@public.gmane.org>,
	Jim Fehlig <jfehlig-IBi9RG/b67k@public.gmane.org>,
	Cedric Bosdonnat <cbosdonnat-IBi9RG/b67k@public.gmane.org>
Subject: Re: [CFT][PATCH] mnt: Implicitly add MNT_NODEV on remount when it was implicitly added by mount
Date: Sun, 30 Nov 2014 19:42:57 +0100	[thread overview]
Message-ID: <547B6531.40504@nod.at> (raw)
In-Reply-To: <871tokleo7.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>

Am 30.11.2014 um 19:35 schrieb Eric W. Biederman:
> Richard Weinberger <richard-/L3Ra7n9ekc@public.gmane.org> writes:
> 
>> Am 30.11.2014 um 16:37 schrieb Andy Lutomirski:
>>> On Sun, Nov 30, 2014 at 7:16 AM, Richard Weinberger <richard-/L3Ra7n9ekc@public.gmane.org> wrote:
>>>> Am 30.11.2014 um 16:00 schrieb Andy Lutomirski:
>>>>> On Sun, Nov 30, 2014 at 6:58 AM, Richard Weinberger <richard-/L3Ra7n9ekc@public.gmane.org> wrote:
>>>>>> Eric,
>>>>>>
>>>>>> Am 30.11.2014 um 00:05 schrieb Eric W. Biederman:
>>>>>>>
>>>>>>> Now that remount is properly enforcing the rule that you can't remove
>>>>>>> nodev at least sandstorm.io is breaking when performing a remount.
>>>>>>>
>>>>>>> It turns out that there is an easy intuitive solution implicitly
>>>>>>> add nodev on remount when nodev was implicitly added on mount.
>>>>>>
>>>>>> Is this patch supposed to unbreak libvirt-lxc?
>>>>>> At least 1.2.9 is still broken.
>>>>>>
>>>>>
>>>>> Either this patch or my variant of it fixes the libvirt-lxc breakage
>>>>> that I understand, but IIRC there was some other issue that none of us
>>>>> figured out at K-S.
>>>>
>>>> Currently it fails here:
>>>> 2014-11-25 22:36:45.295+0000: 1: debug : virFileMakePathHelper:2436 : path=/proc mode=0777
>>>> 2014-11-25 22:36:45.295+0000: 1: debug : lxcContainerMountBasicFS:918 : Mount proc on /proc type=proc flags=e
>>>> 2014-11-25 22:36:45.296+0000: 1: debug : lxcContainerMountBasicFS:873 : Processing /proc/sys -> /proc/sys
>>>> 2014-11-25 22:36:45.296+0000: 1: debug : virFileMakePathHelper:2436 : path=/proc/sys mode=0777
>>>> 2014-11-25 22:36:45.296+0000: 1: debug : lxcContainerMountBasicFS:918 : Mount /proc/sys on /proc/sys type=(null) flags=1000
>>>> 2014-11-25 22:36:45.296+0000: 1: error : lxcContainerMountBasicFS:933 : Failed to re-mount /proc/sys on /proc/sys flags=1021: Operation not permitted
>>>
>>> Any chance you can test that with Eric's patch or mine [1] applied?
>>> If that doesn't work, can you try to catch the failure with strace?
>>
>> With your patch applied on top of Linus's tree as of today libvirt-lxc works fine again. :)
> 
> *Scratches head*
> 
> Did you really have my latest patch applied?
> 
> Andy's patch implies a change of policy that I really don't want to
> deploy as a bug fix.

Hmm, let me double check this tomorrow with a fresh brain.
Maybe I got hit by another issue while testing your patch.
Currently I'm fighting against three libvirt-lxc issues in parallel. :-\

Thanks,
//richard

next prev parent reply	other threads:[~2014-11-30 18:42 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <20141127101105.GA30605@linux-rxt1.site>
     [not found] ` <20141127101105.GA30605-empE8CJ7fzk2xCFIczX1Fw@public.gmane.org>
2014-11-29 23:04   ` What's the status of 87b47932 patch - mnt: Implicitly add MNT_NODEV on remount as we do on mount Eric W. Biederman
     [not found]     ` <87k32dlicc.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2014-11-29 23:05       ` [CFT][PATCH] mnt: Implicitly add MNT_NODEV on remount when it was implicitly added by mount Eric W. Biederman
     [not found]         ` <87egsllia3.fsf_-_-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2014-11-30  0:07           ` Andy Lutomirski
     [not found]             ` <CALCETrX=B+0PVe8fhvCEyqBGD-D1wLJPd6CrqPn6LCGYgzxPMg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-11-30 18:46               ` Eric W. Biederman
2014-11-30 14:58           ` Richard Weinberger
     [not found]             ` <547B309E.9020706-/L3Ra7n9ekc@public.gmane.org>
2014-11-30 15:00               ` Andy Lutomirski
     [not found]                 ` <CALCETrUZRi=Y=CDTpq5oO-tPOvMsZ+osKiydkCk-P0dn4DKJkA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-11-30 15:16                   ` Richard Weinberger
     [not found]                     ` <547B34C6.6030709-/L3Ra7n9ekc@public.gmane.org>
2014-11-30 15:37                       ` Andy Lutomirski
     [not found]                         ` <CALCETrW6QRRB_DfHwYv+UVJ_8yF+8Db+UP+ezd4jG599b4dSiA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-11-30 17:14                           ` Richard Weinberger
     [not found]                             ` <547B5066.4020509-/L3Ra7n9ekc@public.gmane.org>
2014-11-30 18:35                               ` Eric W. Biederman
     [not found]                                 ` <871tokleo7.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2014-11-30 18:42                                   ` Richard Weinberger [this message]
     [not found]                                     ` <547B6531.40504-/L3Ra7n9ekc@public.gmane.org>
2014-12-01  1:29                                       ` Eric W. Biederman
     [not found]                                         ` <87k32ci2dx.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2014-12-02  8:26                                           ` Richard Weinberger
     [not found]                                             ` <547D77C8.7050100-/L3Ra7n9ekc@public.gmane.org>
2014-12-02  9:53                                               ` Eric W. Biederman
     [not found]                                                 ` <87ppc22x9d.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2014-12-02 13:12                                                   ` joeyli
2014-12-01  7:32       ` What's the status of 87b47932 patch - mnt: Implicitly add MNT_NODEV on remount as we do on mount joeyli

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=547B6531.40504@nod.at \
    --to=richard-/l3ra7n9ekc@public.gmane.org \
    --cc=cbosdonnat-IBi9RG/b67k@public.gmane.org \
    --cc=containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org \
    --cc=ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org \
    --cc=jfehlig-IBi9RG/b67k@public.gmane.org \
    --cc=jlee-IBi9RG/b67k@public.gmane.org \
    --cc=luto-kltTT9wpgjJwATOyAt5JVQ@public.gmane.org \
    --cc=sfr-3FnU+UHB4dNDw9hX6IcOSA@public.gmane.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.