Browse code
Volumes should have default propagation property "rprivate"
Until and unless user has specified a propagation property for volume, they
should default to "rprivate" and it should be passed to runc.
We can't make it conditional on HasPropagation(). GetPropagation() returns
default of rprivate if noting was passed in by user.
If we don't pass "rprivate" to runc, then bind mount could be shared even
if user did not ask for it. For example, mount two volumes in a container.
One is "shared" while other's propagation is not specified by caller. If
both volume has same source mount point of "shared", then second volume
will also be shared inside container (instead of being private).
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
Vivek Goyal authored on 2017/04/27 05:27:50Showing 2 changed files
| ... | ... |
@@ -311,10 +311,12 @@ func ParseMountSpec(cfg mounttypes.Mount, options ...func(*validateOpts)) (*Moun |
| 311 | 311 |
} |
| 312 | 312 |
case mounttypes.TypeBind: |
| 313 | 313 |
mp.Source = clean(convertSlash(cfg.Source)) |
| 314 |
- if cfg.BindOptions != nil {
|
|
| 315 |
- if len(cfg.BindOptions.Propagation) > 0 {
|
|
| 316 |
- mp.Propagation = cfg.BindOptions.Propagation |
|
| 317 |
- } |
|
| 314 |
+ if cfg.BindOptions != nil && len(cfg.BindOptions.Propagation) > 0 {
|
|
| 315 |
+ mp.Propagation = cfg.BindOptions.Propagation |
|
| 316 |
+ } else {
|
|
| 317 |
+ // If user did not specify a propagation mode, get |
|
| 318 |
+ // default propagation mode. |
|
| 319 |
+ mp.Propagation = DefaultPropagationMode |
|
| 318 | 320 |
} |
| 319 | 321 |
case mounttypes.TypeTmpfs: |
| 320 | 322 |
// NOP |
| ... | ... |
@@ -229,10 +229,10 @@ func TestParseMountSpec(t *testing.T) {
|
| 229 | 229 |
defer os.RemoveAll(testDir) |
| 230 | 230 |
|
| 231 | 231 |
cases := []c{
|
| 232 |
- {mount.Mount{Type: mount.TypeBind, Source: testDir, Target: testDestinationPath, ReadOnly: true}, MountPoint{Type: mount.TypeBind, Source: testDir, Destination: testDestinationPath}},
|
|
| 233 |
- {mount.Mount{Type: mount.TypeBind, Source: testDir, Target: testDestinationPath}, MountPoint{Type: mount.TypeBind, Source: testDir, Destination: testDestinationPath, RW: true}},
|
|
| 234 |
- {mount.Mount{Type: mount.TypeBind, Source: testDir + string(os.PathSeparator), Target: testDestinationPath, ReadOnly: true}, MountPoint{Type: mount.TypeBind, Source: testDir, Destination: testDestinationPath}},
|
|
| 235 |
- {mount.Mount{Type: mount.TypeBind, Source: testDir, Target: testDestinationPath + string(os.PathSeparator), ReadOnly: true}, MountPoint{Type: mount.TypeBind, Source: testDir, Destination: testDestinationPath}},
|
|
| 232 |
+ {mount.Mount{Type: mount.TypeBind, Source: testDir, Target: testDestinationPath, ReadOnly: true}, MountPoint{Type: mount.TypeBind, Source: testDir, Destination: testDestinationPath, Propagation: DefaultPropagationMode}},
|
|
| 233 |
+ {mount.Mount{Type: mount.TypeBind, Source: testDir, Target: testDestinationPath}, MountPoint{Type: mount.TypeBind, Source: testDir, Destination: testDestinationPath, RW: true, Propagation: DefaultPropagationMode}},
|
|
| 234 |
+ {mount.Mount{Type: mount.TypeBind, Source: testDir + string(os.PathSeparator), Target: testDestinationPath, ReadOnly: true}, MountPoint{Type: mount.TypeBind, Source: testDir, Destination: testDestinationPath, Propagation: DefaultPropagationMode}},
|
|
| 235 |
+ {mount.Mount{Type: mount.TypeBind, Source: testDir, Target: testDestinationPath + string(os.PathSeparator), ReadOnly: true}, MountPoint{Type: mount.TypeBind, Source: testDir, Destination: testDestinationPath, Propagation: DefaultPropagationMode}},
|
|
| 236 | 236 |
{mount.Mount{Type: mount.TypeVolume, Target: testDestinationPath}, MountPoint{Type: mount.TypeVolume, Destination: testDestinationPath, RW: true, CopyData: DefaultCopyMode}},
|
| 237 | 237 |
{mount.Mount{Type: mount.TypeVolume, Target: testDestinationPath + string(os.PathSeparator)}, MountPoint{Type: mount.TypeVolume, Destination: testDestinationPath, RW: true, CopyData: DefaultCopyMode}},
|
| 238 | 238 |
} |