Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

podman: fix ro bind mounts if no* opts are on the source #2432

Merged
merged 1 commit into from
Feb 25, 2019
Merged

podman: fix ro bind mounts if no* opts are on the source #2432

merged 1 commit into from
Feb 25, 2019

Conversation

giuseppe
Copy link
Member

This is a workaround for the runc issue:

opencontainers/runc#1247

If the source of a bind mount has any of nosuid, noexec or nodev, be
sure to propagate them to the bind mount so that when runc tries to
remount using MS_RDONLY, these options are also used.

Closes: #2312

Signed-off-by: Giuseppe Scrivano [email protected]

@openshift-ci-robot
Copy link
Collaborator

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: giuseppe

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci-robot openshift-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Feb 25, 2019
@giuseppe giuseppe mentioned this pull request Feb 25, 2019
Closed
@giuseppe giuseppe force-pushed the fix-read-only-bind-mounts branch from 71966df to 427476f Compare February 25, 2019 15:52
@edsantiago
Copy link
Member

LGTM: this resolves the issue on my f29 system. Thank you!

@rhatdan rhatdan added this to the 1.1 milestone Feb 25, 2019
@giuseppe giuseppe force-pushed the fix-read-only-bind-mounts branch from 427476f to bfde90a Compare February 25, 2019 16:22
@rhatdan
Copy link
Member

rhatdan commented Feb 25, 2019

/lgtm

@openshift-ci-robot openshift-ci-robot added the lgtm Indicates that a PR is ready to be merged. label Feb 25, 2019
@giuseppe
podman: fix ro bind mounts if no* opts are on the source
0f5ae3c 
This is a workaround for the runc issue:

opencontainers/runc#1247

If the source of a bind mount has any of nosuid, noexec or nodev, be
sure to propagate them to the bind mount so that when runc tries to
remount using MS_RDONLY, these options are also used.

Closes: containers#2312

Signed-off-by: Giuseppe Scrivano <[email protected]>
@giuseppe giuseppe force-pushed the fix-read-only-bind-mounts branch from bfde90a to 0f5ae3c Compare February 25, 2019 17:56
@openshift-ci-robot openshift-ci-robot removed the lgtm Indicates that a PR is ready to be merged. label Feb 25, 2019
@mheon
Copy link
Member

mheon commented Feb 25, 2019

/lgtm

@openshift-ci-robot openshift-ci-robot added the lgtm Indicates that a PR is ready to be merged. label Feb 25, 2019
@edsantiago
Copy link
Member

Tested new changeset; works as expected.

openshift-merge-robot added a commit that referenced this pull request Feb 25, 2019
@openshift-merge-robot
Merge pull request #2432 from giuseppe/fix-read-only-bind-mounts
6fc18e7 
podman: fix ro bind mounts if no* opts are on the source
@openshift-merge-robot openshift-merge-robot merged commit 6fc18e7 into containers:master Feb 25, 2019
@openshift-merge-robot openshift-merge-robot merged commit 0f5ae3c into containers:master Feb 25, 2019
@kolyshkin kolyshkin mentioned this pull request Mar 31, 2020
Merged
@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 27, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 27, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@rhatdan rhatdan Awaiting requested review from rhatdan

@umohnani8 umohnani8 Awaiting requested review from umohnani8

Assignees

@rhatdan rhatdan

@mheon mheon

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.
Projects
None yet
Milestone
1.1
Development

Successfully merging this pull request may close these issues.
6 participants
@giuseppe @openshift-ci-robot @edsantiago @rhatdan @mheon @openshift-merge-robot