systemd based containers (in particular fresh fedora and centos) run some services such as httpd in own mount namespace.
Such services remount container's root as a slave so their master-id is inherited from the toplevel shared group which is external root mount: | [root@pcs7 libvzctl.git]# ps afx | PID TTY STAT TIME COMMAND | 1 ? Ss 0:52 /usr/lib/systemd/systemd --switched-root --system --deserialize 22 | ... | | 15076 ? Rs 0:01 init -z | 16373 ? Ss 0:00 \_ /usr/sbin/httpd -DFOREGROUND | ... | | [root@pcs7 libvzctl.git]# cat /proc/1/mountinfo | 53 52 182:611057 / /vz/root/300 rw,relatime shared:31 - ext4 /dev/ploop38191p1 rw... | ... | [root@pcs7 libvzctl.git]# cat /proc/15076/mountinfo | 99 54 182:611057 / / rw,relatime master:31 - ext4 /dev/ploop38191p1 rw... | ... | [root@pcs7 libvzctl.git]# cat /proc/16373/mountinfo | 66 65 182:611057 / / rw,relatime master:31 - ext4 /dev/ploop38191p1 rw... Here 16373 is apache instance which carries own mount namespace which has master-id propagated from the /vz/root/300 mountpoint of the node. But such construction is prohibited: in CRIU we don't allow to dump the mount schemes which we can't restore (and because master-id points outside of the container's root we don't know how to deal with such constructions because the information about global root is not carried in images but passed via command line option). So what we need is to make the root slave and shared so all new nested slave mounts get the root as a shared group leader. https://jira.sw.ru/browse/PSBM-34698 Signed-off-by: Cyrill Gorcunov <gorcu...@virtuozzo.com> CC: Andrew Vagin <ava...@openvz.org> CC: Igor Sukhih <i...@parallels.com> --- lib/env_nsops.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lib/env_nsops.c b/lib/env_nsops.c index af2f260..d1d7bf1 100644 --- a/lib/env_nsops.c +++ b/lib/env_nsops.c @@ -179,6 +179,9 @@ static int setup_rootfs(struct vzctl_env_handle *h) if (rmdir(oldroot)) logger(-1, errno, "Can't rmdir %s", oldroot); + if (mount(NULL, "/", NULL, MS_SHARED, NULL) < 0) + return vzctl_err(-1, errno, "Can't remount root as a shared %s", root); + return 0; } -- 2.4.3 _______________________________________________ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel
