You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mesos.apache.org by ji...@apache.org on 2016/02/24 00:11:27 UTC

[3/3] mesos git commit: Removed the restriction that /tmp needs to be writable in new rootfs.

Removed the restriction that /tmp needs to be writable in new rootfs.

Review: https://reviews.apache.org/r/43896


Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/14f070fd
Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/14f070fd
Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/14f070fd

Branch: refs/heads/master
Commit: 14f070fda25c98c0a8ba29da84c607f2dd86da6a
Parents: 66d0f44
Author: Jie Yu <yu...@gmail.com>
Authored: Tue Feb 23 10:49:11 2016 -0800
Committer: Jie Yu <yu...@gmail.com>
Committed: Tue Feb 23 15:08:08 2016 -0800

----------------------------------------------------------------------
 src/linux/fs.cpp | 33 +++++++++++++++++++++------------
 1 file changed, 21 insertions(+), 12 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/mesos/blob/14f070fd/src/linux/fs.cpp
----------------------------------------------------------------------
diff --git a/src/linux/fs.cpp b/src/linux/fs.cpp
index 0df1942..7792f68 100644
--- a/src/linux/fs.cpp
+++ b/src/linux/fs.cpp
@@ -584,21 +584,25 @@ Try<Nothing> enter(const string& root)
     return Error("Failed to create devices: " + create.error());
   }
 
-  // Create a /tmp directory if it doesn't exist.
-  // TODO(idownes): Consider mounting a tmpfs to /tmp.
+  // Prepare /tmp in the new root. Note that we cannot assume that the
+  // new root is writable (i.e., it could be a read only filesystem).
+  // Therefore, we always mount a tmpfs on /tmp in the new root so
+  // that we can create the mount point for the old root.
   if (!os::exists(path::join(root, "tmp"))) {
-    Try<Nothing> mkdir = os::mkdir(path::join(root, "tmp"));
-     if (mkdir.isError()) {
-       return Error("Failed to create /tmp in chroot: " + mkdir.error());
-     }
+    return Error("/tmp in chroot does not exist");
+  }
 
-     Try<Nothing> chmod = os::chmod(
-         path::join(root, "tmp"),
-         S_IRWXU | S_IRWXG | S_IRWXO | S_ISVTX);
+  // TODO(jieyu): Consider limiting the size of the tmpfs.
+  mount = fs::mount(
+      "tmpfs",
+      path::join(root, "tmp"),
+      "tmpfs",
+      MS_NOSUID | MS_NOEXEC | MS_NODEV,
+      "mode=1777");
 
-     if (chmod.isError()) {
-       return Error("Failed to set mode on /tmp: " + chmod.error());
-     }
+  if (mount.isError()) {
+    return Error("Failed to mount the temporary tmpfs at /tmp in new root: " +
+                 mount.error());
   }
 
   // Create a mount point for the old root.
@@ -661,6 +665,11 @@ Try<Nothing> enter(const string& root)
   // Check status when we stop using lazy umounts.
   os::rmdir(relativeOld);
 
+  Try<Nothing> unmount = fs::unmount("/tmp");
+  if (unmount.isError()) {
+    return Error("Failed to umount /tmp in the chroot: " + unmount.error());
+  }
+
   return Nothing();
 }