-
Notifications
You must be signed in to change notification settings - Fork 541
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
config: Require absolute mount destinations #609
Conversation
'destination' has been the path inside the container since c18c283 (Change layout of mountpoints and mounts, 2015-09-02, opencontainers#136). My personal preference is to have an explicit pivot root and allow paths relative to the current working directory [1], but that would be a big shift from the current OCI spec. The only way the current spec lets you turn off the root pivot is by not setting a mount namespace at all (and even then, it's not clear if that turns off the pivot). And the config's root entry is required (despite my attempts to have it made optional [2]), so it's not really clear how containers that don't set a mount namespace are supposed to work (if they're supported at all). You might be able to get away with something like: When a mount namespace is not set, destination paths are relative to the runtime's initial working directory (or relative to the config.json, or whatever). When a mount namespace is set, destination paths are relative to the mount namespace's root. but with mount-namespace-less containers already so unclear, it seems better to just require absolute destinations. If/when we get clearer support for explicit pivot-root calls or containers that inherit the host mount namespace (without re-joining it and losing their old working directory), we can consider lifting the absolute-path restriction. [1]: https://github.com/wking/ccon/tree/v0.4.0#mount-namespace [2]: https://groups.google.com/a/opencontainers.org/forum/#!topic/dev/6ZKMNWujDhU Date: Wed, 26 Aug 2015 12:54:47 -0700 Subject: Dropping the rootfs requirement and restoring arbitrary bundle content Message-ID: <20150826195447.GX21585@odin.tremily.us> Signed-off-by: W. Trevor King <wking@tremily.us>
1cf330b
to
40a5d98
Compare
I think it should be taken as relative to Also, regarding your point about explicit |
On Fri, Nov 04, 2016 at 12:32:43AM -0700, Aleksa Sarai wrote:
This is the mount destination, which is a path inside the container But perhaps you're just pointing out that ‘dev’, relative to the
The utility is that it clarifies when (or if) the container process |
That's not what I meant. I mean that if you set the value to "dev" then the mountpoint will be But overall denying it is also fine, I don't really mind that much (explicitly using
That utility only exists if you have semantics that are related to the current working directory (other than the one set in the config). I don't think there are any such semantics in the spec, so I'm not really sure what the practical utility of it is. I get that your mounting semantics in |
On Fri, Nov 04, 2016 at 01:30:32AM -0700, Aleksa Sarai wrote:
Agreed, and this is what I was trying to get at in my “But perhaps…”
Yeah. Do you see any way that a relative POSIX-path destination
Right.
I don't either, but there are some “relative to the bundle directory |
The 1 line change looks fine to me but I have no clue whats going on in these comments. |
@crosbymichael Don't worry about it. |
LGTM (I guess PullApprove needs me to be more explicit) |
Why @tianon 's LGTM doesn't count? 😟 |
destination
has been the path inside the container since #136. My personal preference is to have an explicit pivot root and allow paths relative to the current working directory, but that would be a big shift from the current OCI spec. The only way the current spec lets you turn off the root pivot is by not setting a mount namespace at all (and even then, it's not clear if that turns off the pivot). And the config'sroot
entry is required (despite my attempts to have it made optional), so it's not really clear how containers that don't set a mount namespace are supposed to work (if they're supported at all).You might be able to get away with something like:
but with mount-namespace-less containers already so unclear, it seems better to just require absolute
destination
s. If/when we get clearer support for explicit pivot-root calls or containers that inherit the host mount namespace (without re-joining it and losing their old working directory), we can consider lifting the absolute-path restriction.