1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-25 01:34:28 +03:00

nspawn: create boot_id and kmsg files for overmounting in /run, not /tmp

/tmp might not be mounted at all yet (given that we support
SYSTEMD_NSPAWN_TMPFS_TMP=0 to turn this off), and /tmp is a dir systemd
usually tries to unmount during shutdown (unlike /run), and we shouldn't
keep it busy. Hence let's just move these deleted files to /run so that
we don't keep /tmp needlessly busy.
This commit is contained in:
Lennart Poettering 2019-04-05 18:14:43 +02:00 committed by Zbigniew Jędrzejewski-Szmek
parent 9ff46eded2
commit 1eacc47062

View File

@ -1849,10 +1849,9 @@ static int setup_boot_id(void) {
const char *to; const char *to;
int r; int r;
/* Generate a new randomized boot ID, so that each boot-up of /* Generate a new randomized boot ID, so that each boot-up of the container gets a new one */
* the container gets a new one */
r = tempfn_random_child(NULL, "proc-sys-kernel-random-boot-id", &path); r = tempfn_random_child("/run", "proc-sys-kernel-random-boot-id", &path);
if (r < 0) if (r < 0)
return log_error_errno(r, "Failed to generate random boot ID path: %m"); return log_error_errno(r, "Failed to generate random boot ID path: %m");
@ -2096,19 +2095,18 @@ static int setup_kmsg(int kmsg_socket) {
_cleanup_free_ char *fifo = NULL; _cleanup_free_ char *fifo = NULL;
_cleanup_close_ int fd = -1; _cleanup_close_ int fd = -1;
_cleanup_umask_ mode_t u; _cleanup_umask_ mode_t u;
const char *to;
int r; int r;
assert(kmsg_socket >= 0); assert(kmsg_socket >= 0);
u = umask(0000); u = umask(0000);
/* We create the kmsg FIFO as as temporary file in /tmp, but immediately delete it after bind mounting it to /* We create the kmsg FIFO as as temporary file in /run, but immediately delete it after bind mounting it to
* /proc/kmsg. While FIFOs on the reading side behave very similar to /proc/kmsg, their writing side behaves * /proc/kmsg. While FIFOs on the reading side behave very similar to /proc/kmsg, their writing side behaves
* differently from /dev/kmsg in that writing blocks when nothing is reading. In order to avoid any problems * differently from /dev/kmsg in that writing blocks when nothing is reading. In order to avoid any problems
* with containers deadlocking due to this we simply make /dev/kmsg unavailable to the container. */ * with containers deadlocking due to this we simply make /dev/kmsg unavailable to the container. */
r = tempfn_random_child(NULL, "proc-kmsg", &fifo); r = tempfn_random_child("/run", "proc-kmsg", &fifo);
if (r < 0) if (r < 0)
return log_error_errno(r, "Failed to generate kmsg path: %m"); return log_error_errno(r, "Failed to generate kmsg path: %m");
@ -2116,9 +2114,8 @@ static int setup_kmsg(int kmsg_socket) {
return log_error_errno(errno, "mkfifo() for /run/kmsg failed: %m"); return log_error_errno(errno, "mkfifo() for /run/kmsg failed: %m");
from = TAKE_PTR(fifo); from = TAKE_PTR(fifo);
to = "/proc/kmsg";
r = mount_verbose(LOG_ERR, from, to, NULL, MS_BIND, NULL); r = mount_verbose(LOG_ERR, from, "/proc/kmsg", NULL, MS_BIND, NULL);
if (r < 0) if (r < 0)
return r; return r;