Browse code
Merge pull request #14613 from stefanberger/nohidevols2
Do not hide user provided network mounts [v2]
Brian Goff authored on 2015/07/23 05:24:22Showing 3 changed files
| ... | ... |
@@ -363,6 +363,26 @@ func (container *Container) GetSize() (int64, int64) {
|
| 363 | 363 |
return sizeRw, sizeRootfs |
| 364 | 364 |
} |
| 365 | 365 |
|
| 366 |
+// Attempt to set the network mounts given a provided destination and |
|
| 367 |
+// the path to use for it; return true if the given destination was a |
|
| 368 |
+// network mount file |
|
| 369 |
+func (container *Container) trySetNetworkMount(destination string, path string) bool {
|
|
| 370 |
+ if destination == "/etc/resolv.conf" {
|
|
| 371 |
+ container.ResolvConfPath = path |
|
| 372 |
+ return true |
|
| 373 |
+ } |
|
| 374 |
+ if destination == "/etc/hostname" {
|
|
| 375 |
+ container.HostnamePath = path |
|
| 376 |
+ return true |
|
| 377 |
+ } |
|
| 378 |
+ if destination == "/etc/hosts" {
|
|
| 379 |
+ container.HostsPath = path |
|
| 380 |
+ return true |
|
| 381 |
+ } |
|
| 382 |
+ |
|
| 383 |
+ return false |
|
| 384 |
+} |
|
| 385 |
+ |
|
| 366 | 386 |
func (container *Container) buildHostnameFile() error {
|
| 367 | 387 |
hostnamePath, err := container.GetRootResourcePath("hostname")
|
| 368 | 388 |
if err != nil {
|
| ... | ... |
@@ -36,12 +36,13 @@ func (container *Container) setupMounts() ([]execdriver.Mount, error) {
|
| 36 | 36 |
if err != nil {
|
| 37 | 37 |
return nil, err |
| 38 | 38 |
} |
| 39 |
- |
|
| 40 |
- mounts = append(mounts, execdriver.Mount{
|
|
| 41 |
- Source: path, |
|
| 42 |
- Destination: m.Destination, |
|
| 43 |
- Writable: m.RW, |
|
| 44 |
- }) |
|
| 39 |
+ if !container.trySetNetworkMount(m.Destination, path) {
|
|
| 40 |
+ mounts = append(mounts, execdriver.Mount{
|
|
| 41 |
+ Source: path, |
|
| 42 |
+ Destination: m.Destination, |
|
| 43 |
+ Writable: m.RW, |
|
| 44 |
+ }) |
|
| 45 |
+ } |
|
| 45 | 46 |
} |
| 46 | 47 |
|
| 47 | 48 |
mounts = sortMounts(mounts) |
| ... | ... |
@@ -2516,3 +2516,25 @@ func (s *DockerSuite) TestRunWriteFilteredProc(c *check.C) {
|
| 2516 | 2516 |
} |
| 2517 | 2517 |
} |
| 2518 | 2518 |
} |
| 2519 |
+ |
|
| 2520 |
+func (s *DockerSuite) TestRunNetworkFilesBindMount(c *check.C) {
|
|
| 2521 |
+ testRequires(c, SameHostDaemon) |
|
| 2522 |
+ name := "test-nwfiles-mount" |
|
| 2523 |
+ |
|
| 2524 |
+ f, err := ioutil.TempFile("", name)
|
|
| 2525 |
+ c.Assert(err, check.IsNil) |
|
| 2526 |
+ |
|
| 2527 |
+ filename := f.Name() |
|
| 2528 |
+ defer os.Remove(filename) |
|
| 2529 |
+ |
|
| 2530 |
+ expected := "test123" |
|
| 2531 |
+ |
|
| 2532 |
+ err = ioutil.WriteFile(filename, []byte(expected), 0644) |
|
| 2533 |
+ c.Assert(err, check.IsNil) |
|
| 2534 |
+ |
|
| 2535 |
+ var actual string |
|
| 2536 |
+ actual, _ = dockerCmd(c, "run", "-v", filename+":/etc/resolv.conf", "busybox", "cat", "/etc/resolv.conf") |
|
| 2537 |
+ if actual != expected {
|
|
| 2538 |
+ c.Fatalf("expected resolv.conf be: %q, but was: %q", expected, actual)
|
|
| 2539 |
+ } |
|
| 2540 |
+} |