From: luca.boccassi@gmail.com
To: openembedded-core@lists.openembedded.org
Subject: [PATCH 2/2] mount-copybind: add MOUNT_COPYBIND_AVOID_OVERLAYFS env var to skip OverlayFS
Date: Fri, 25 Mar 2022 18:40:32 +0000 [thread overview]
Message-ID: <20220325184032.1880706-2-luca.boccassi@gmail.com> (raw)
In-Reply-To: <20220325184032.1880706-1-luca.boccassi@gmail.com>
From: Luca Boccassi <luca.boccassi@microsoft.com>
In some cases we don't want to even attempt to set up OverlayFS, for
example because SELinux in enforcing mode would kill the process
attempting to use the mount. See:
https://lore.kernel.org/all/CA+FmFJBDwt52Z-dVGfuUcnRMiMtGPhK4cCQJ=J_fg0r3x-b6ng@mail.gmail.com/T/#mef98aa406324096d1889d3d467251f30456f403c
If MOUNT_COPYBIND_AVOID_OVERLAYFS=1 is set, skip directly to copy and
bind mount.
Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
---
meta/recipes-core/volatile-binds/files/mount-copybind | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/meta/recipes-core/volatile-binds/files/mount-copybind b/meta/recipes-core/volatile-binds/files/mount-copybind
index 8bbb406b3a..ddc4357615 100755
--- a/meta/recipes-core/volatile-binds/files/mount-copybind
+++ b/meta/recipes-core/volatile-binds/files/mount-copybind
@@ -2,6 +2,9 @@
#
# Perform a bind mount, copying existing files as we do so to ensure the
# overlaid path has the necessary content.
+# If the target is a directory and overlayfs is available (and the environment
+# variable MOUNT_COPYBIND_AVOID_OVERLAYFS=1 is not set), then an overlay mount
+# will be attempted first.
if [ $# -lt 2 ]; then
echo >&2 "Usage: $0 spec mountpoint [OPTIONS]"
@@ -51,7 +54,7 @@ if [ -d "$mountpoint" ]; then
mountcontext=",rootcontext=$(matchpathcon -n "$mountpoint")"
fi
fi
- if ! mount -t overlay overlay -olowerdir="$mountpoint",upperdir="$spec",workdir="$overlay_workdir""$mountcontext" "$mountpoint" > /dev/null 2>&1; then
+ if [ "$MOUNT_COPYBIND_AVOID_OVERLAYFS" = 1 ] || ! mount -t overlay overlay -olowerdir="$mountpoint",upperdir="$spec",workdir="$overlay_workdir""$mountcontext" "$mountpoint" > /dev/null 2>&1; then
if [ "$specdir_existed" != "yes" ]; then
cp -aPR "$mountpoint"/. "$spec/"
--
2.34.1
next prev parent reply other threads:[~2022-03-25 18:40 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-25 18:40 [PATCH 1/2] mount-copybind: fix shellcheck warning luca.boccassi
2022-03-25 18:40 ` luca.boccassi [this message]
2022-03-28 15:30 ` [OE-core] [PATCH 2/2] mount-copybind: add MOUNT_COPYBIND_AVOID_OVERLAYFS env var to skip OverlayFS Michael Opdenacker
2022-03-28 15:32 ` Luca Boccassi
2022-03-28 16:08 ` Michael Opdenacker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220325184032.1880706-2-luca.boccassi@gmail.com \
--to=luca.boccassi@gmail.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox